Privacy policy

The purpose of this Privacy Policy is to provide clear information about the respect for privacy, the data collected and its processing by Arttu Kuoppala and (hereinafter "Arttu", "we", "us", "our"). We keep the data we collect secure. If our Privacy Policy contains terms that you do not agree to, you should immediately stop using our services.

The term "Data" means all information collected by Arttu Kuoppala from existing customers and potential customers.

This Privacy Policy answers questions about how Arttu Kuoppala collects, processes and shares personal data. We strive to clearly answer questions about privacy and collected data in this Privacy Policy.

If you have any questions or concerns about privacy, the data collected about you, or this Privacy Policy, please contact us by email at

Thank you for using our services.

Data controller and contact person responsible for registers

  • Name: Arttu Kuoppala

  • Email:

  • Phone number: +358400851840

  • Business ID: 3302074-5

  • Names of registers

  • Customer Register

  • Legal basis and purpose of Processing Personal Data

    The legal basis for processing personal data under the EU General Data Protection Regulation is the consent of the individual and the legitimate interest of the controller. The legitimate interest is justified by collecting only necessary data from existing customers and potential customers for contact and marketing purposes.

    The purpose of processing personal data is to maintain contact with customers, nurture customer relationships, conduct marketing activities, and provide services. We do not utilize the data for automated decision-making or profiling.

    Data Content of the Registers

    The customer register comprises the following information: name, position, company / organization, telephone number, email address, address, website addresses, details about ordered services and any modifications made to them, billing information, and other information pertaining to the customer relationship and ordered services.

    We will retain the collected information as long as it satisfies our retention criteria, unless otherwise specified.

    On our website, we process visitors' IP addresses and necessary cookies for legitimate interests, such as security and gathering site statistics. If this information can be considered personal data, we will obtain separate consent for third-party cookies.

    Data Sources

    The information stored in the register is obtained from customers through contact forms, messages, emails, phone calls, social media platforms, contracts, customer meetings, and other instances where the customer provides us with their information. We may also gather information from public sources, including websites, directory services, and other companies, regarding contacts of companies and other organizations.

    Regular Disclosures and Transfers of Data Outside the EU or EEA

    We do not disclose information to other parties. However, some of the third-party service providers we employ may store data outside the EU or EEA. Information may be disclosed under conditions agreed upon with the customer. The following service providers are used to process customer data: Google, Microsoft Domainhotelli Oy, Mailchimp.

    Registers' protection

    The register will be processed with due care and the data processed in the information systems will be adequately protected. Data stored on internet servers will be protected by appropriate physical and digital security measures. Arttu Kuoppala ensures that stored data, server access rights and other information critical to the security of personal data are handled confidentially and only by employees whose job description includes this.

    Right of access and rectification

    Any person subject to the register has the right to check the data stored in the register and to request the correction of any inaccurate data or the completion of incomplete data. If a person wishes to check or request the correction of the data recorded, the request must be submitted in writing to the controller. The controller may, if necessary, ask the applicant to prove their identity. The controller will reply within the time limit set by the EU Data Protection Regulation, as a general rule within one month.

    Other rights relating to the processing of personal data

    A data subject has the right to request the erasure of his or her personal data from the register ("right to be forgotten"). In addition, data subjects have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain circumstances. Such requests should be submitted in writing to the controller. The controller may, if necessary, ask the applicant to prove their identity. The controller will respond within the time limit set by the EU GDPR, usually within one month.

    Arttu Kuoppala complies with the EU General Data Protection Regulation.

    10.7.2023 4:32