Etusivu / Privacy Policy

Privacy Policy

Privacy Policy, Register Description and Information on the Use of Cookies.

1. Data Controller

Heplan Oy
Laukaantie 4
40320 Jyväskylä
Finland
Business ID: 2964480-3

2. Contact Person Responsible for Data Protection

Teijo Hakkarainen
Tel. +358 40 530 2292
Email: heplan@heplan.fi

3. Purpose of Processing Personal Data

Personal data is processed for the following purposes:

  • To process and deliver customer orders.
  • To maintain and develop customer relationships.
  • To respond to enquiries submitted through the website.
  • To improve our website and services.

4. Legal Basis for Processing Personal Data

Personal data is processed on one or more of the following legal bases under the General Data Protection Regulation (GDPR):

  • The data subject's consent.
  • The performance of a contract or steps taken prior to entering into a contract.
  • The Data Controller's legitimate interests where applicable.

5. Personal Data Collected

The register may contain the following personal data:

  • Name
  • Email address
  • Telephone number
  • Information voluntarily submitted through contact forms or other communications

6. Data Retention

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, to perform contractual obligations, comply with legal obligations, or develop customer service.

7. Sources of Personal Data

Personal data is obtained from:

  • The data subject.
  • Public registers maintained by authorities where permitted by applicable law (e.g. ytj.fi).
  • Google Analytics, which collects information about the use of the website based on the visitor's consent.

8. Disclosure of Personal Data and International Transfers

Personal data is not regularly disclosed to third parties.

Some service providers used by the Data Controller, including Google Analytics, may process or store personal data outside the European Union (EU) or the European Economic Area (EEA). Such transfers are carried out using appropriate safeguards in accordance with the GDPR.

9. Cookies

This website uses cookies to ensure the proper functioning of the website and, with the visitor's consent, to collect anonymous statistics through Google Analytics.

Google Analytics uses cookies to collect information such as the number of visitors, pages visited, time spent on the website and traffic sources. This information helps us understand how our website is used and improve its performance.

Cookie preferences are managed through the GDPR Cookie Compliance consent banner. Visitors may accept or reject non-essential cookies and may change their cookie preferences at any time.

Most web browsers also allow cookies to be blocked or deleted through the browser settings. Please note that disabling certain cookies may affect the functionality of the website.

10. Protection of Personal Data

Personal data is transmitted over SSL/TLS encrypted connections.

Electronic data is protected by firewalls, user authentication and password protection.

Access to personal data is limited to employees or authorised persons who require access for the performance of their duties.

11. Automated Decision-Making

No automated individual decision-making as referred to in Article 22 of the General Data Protection Regulation (GDPR) is carried out.

12. Rights of the Data Subject

Under the GDPR, the data subject has the right to:

  • Request access to their personal data.
  • Request the rectification of inaccurate personal data.
  • Request the erasure of personal data where applicable.
  • Request restriction of processing.
  • Object to the processing of personal data.
  • Receive their personal data in a portable format where applicable.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with the competent supervisory authority.

Requests concerning personal data should be submitted to the contact person listed above.

Lue tämä sivu suomeksi