Skip to content

Privacy Notice

We process your personal data as required by the legislation and collect only the data that is necessary for the current purpose. We notify you of processing your personal data in an open and intelligible manner. When you are aware of how your data is being processed, you are able to assess the appropriateness of such processing and exercise your rights concerning the processing of your data. All data concerning an identified or identifiable natural person is considered to be personal data. 

A privacy notice is a document describing the data contents, legal ground for data processing and purpose of an individual personal data file. This page contains the privacy notices of Loihde Group’s most relevant personal data files. We retain the right to change and update the privacy notices as required. 

Privacy Notice: Marketing and Communications, Customer and Partner Relations

1. Introduction

This Privacy Notice contains information required by the EU General Data Protection
Regulation (hereinafter the General Data Protection Regulation) and the national legislation
for a data subjects mentioned below and for the supervisory authority. The registers
described below are shared by Loihde Group companies described below.

2. Joint Controllers

Loihde Oyj (0747682-9), Silmukkatie 6, 65100 Vaasa

Loihde Trust Oy (0863729-2), Atomitie 5, 00370 Helsinki

Loihde Cloudon Oy (2487158-0), Atomitie 5, 00370 Helsinki

Loihde Advance Oy (1645592-3), Hevosenkenkä 3, 02600 Espoo

Loihde Factor Oy (2586213-3), Kirkkokatu 21, 90100 Oulu

3. Contact person regarding the registers

Data Protection Officer, Antti Hemmilä, Atomitie 5, 00370 Helsinki

+358 40 515 3993

privacy@loihde.com

4. Register(s)

Marketing and Communications, Customer- and Partner Relations

5. Purpose of processing

  • Tracking, targeting and personalisation of website, social media and other communications

  • Delivery of newsletters and investor communications, marketing

  • Organising marketing, training and investor events

  • Opinion polls and market surveys

  • Responding to contact requests in various communications channels

  • Customer service and customer relationship management

  • Enabling and administering services and subcontracting

  • Planning, development and targeting services and subcontracting
  • Complying with statutory obligations
The data may be used for automated decision-making or profiling.

6. Basis of processing

Consent

Processing of personal data may be based on the data subject's consent, for example, on a
consent to direct electronic marketing given by the data subject. Data subjects may also
subscribe to newsletters with their consent.

Legitimate interests

The processing of personal data can sometimes be justified due to the legitimate interests of
the controller or a third party. The use of legitimate interests as a basis for processing
requires particularly careful consideration of the data subject's rights and interests.

Preparing for and carrying out contract

Personal data may be processed in the course of negotiating a contract, for the purpose of
fulfilling contractual obligations and for the purpose of administrating contract or contractual relationship (including invoicing).

7. Personal data processed

  • Person´s name and contact details

  • Person´s company or other organisation, position, and the contact details of the company or other organisation

  • Data concerning the person’s hardware, such as the brand of the computer or mobile device

  • Data concerning the person’s software, such as the maker of the internet browser or operating system

  • Person’s current IP address, the IMEI code or other comparable identifying code of the device

  • Data concerning the use and sessions of use of Loihde’s website and social media channels

  • Data concerning the contracts signed by the person’s company or other organisation

  • Data concerning mailing list subscriptions

  • The customer feedback or customer survey responses given by the person as well as the competition results related to the user

8. Retention period

Personal data is stored for the purpose of marketing and communications as long as the data subject indicates that they want to receive the content offered by Loihde. If the data subject cancels their content subscription, their personal data is will be erased unless Loihde has a legal basis for continuing to store the data.

Personal data will be stored as long as the data subject or the company represented by the data subject has a customer relationship with Loihde Group company. After the customer relationship has ended, data will be erased or anonymised latest after ten years, unless longer retention period is required by applicable legislation.

9. Data sources

Personal data is collected from the data subject themselves through Loihde´s website and social media channels, by phone or through another communication channel as well as through the chat function on Loihde’s website.

The data subject also provides data in connection with the delivery of Loihde’s services and by using Loihde’s services. Personal data can be collected from Loihde’s customers, supplier and other partners. Personal data is also collected when the user logs in or verifies their identity using third-party services—such as Twitter, LinkedIn or Facebook—in accordance with the terms of those services.

10. Data transfers

Data is transferred between Loihde Group company (joint controllers).

Loihde has suppliers which process personal data for its account. Loihde makes appropriate
agreements on personal data processing with all such suppliers. The suppliers provide IT and
other support services and tools for the management of communication and marketing,
among other things.

Data may be transferred outside the EU or EEA. When data is transferred outside the EU or
EEA, the transfer is done using the European Commission’s standard contractual clauses or
some other transfer mechanism in accordance with legislation

11. Rights of data subjects

If we are processing your personal data based on your consent, you have the right to withdraw you consent partially or completely at any time. Withdrawing your consent will not affect the processing of your personal data that took place prior to the withdrawal.

You have a right to receive confirmation from us on whether or not we process your personal data as well as to be informed about how we process your data, such as the purpose of processing and the categories of personal data that are being processed. You also have the right to receive a copy of the personal data concerning you that we are processing. If you request more than one copy, we may charge you a reasonable sum based on administrative expenses.

Loihde will erase your personal data at your request provided that Loihde has no obligation to retain the data based on obligations between the parties or based on applicable laws or regulations. In certain situations specified by the data protection legislation you also have the right to request restriction of the processing of their personal data, the right to object to the processing of their personal data as well as the right to have your data transmitted from one
system to another.

You have a right to have your inaccurate personal data rectified without delay as well as to have your incomplete personal data completed by providing additional data.

If a data subject considers that their personal data is not processed legally, they have the right to file a complaint with the supervisory authority.

12. Protection of personal data

Whenever possible, personal data is encrypted in the systems we use and in data communications by using the encryption methods we have found to be effective.

Personal data is made physically secure by using secure facilities for devices as well as access control. Personal data can only be accessed by employees who require access to the data in order to carry out their duties. The employees processing personal data are bound by an obligation of secrecy.

13. Access Management Service

The access management service makes it easy to restrict the access of outsiders to certain areas and to coordinate staff movements. The access management service is primarily used with the Loihde ID application that brings access rights to the user's phone. The distribution of access IDs is quick and easy.

Personal data processed

Company name, user name and e-mail address. The Loihde ID uses location information momentarily to ensure that the user is in the vicinity of the door at the time of the opening request. Location data is not collected. Control over all data is limited and access to the data is restricted and controlled.

Specific security measures

Restricted management, restricted and controlled access to data. Loihde Trust Ltd does not collect user location information.

Data retention period

Duration of the service.

Privacy Notice: Loihde AI Projects

Contacts in Data Protection Issues: 

Loihde Plc 
Data Protection Officer Antti Hemmilä 
+358 40 515 3993 
privacy@loihde.com 

The Data Protection Ombudsman supervises compliance with regulations governing personal data. 
Office of the Data Protection Ombudsman 
+358 29 566 6777 
tietosuoja@om.fi