Privacy Policy

1. Registrar
Prinel Piirilevy Oy
Hiekkakuopantie 6a, 04300 Tuusula

2. Contact person responsible for the register
Janne Tiittanen
janne.tiittanen@tujaus.io
+358 50 567 6640

3. Name of the registry
Company Stakeholder Register, Application User Register.

4th. Legal basis and purpose of processing personal data
The legal basis for processing personal data under the EU General Data Protection Regulation is
- Consent of the person (documented, voluntary, individualized, informed and unambiguous)
- Contract in which the data subject is a party to the legitimate interest of the registrar: customer relationship
- The purpose of processing personal data is communication with customers and storage of billing information.

The data is not used for automated decision-making or profiling.

5. Information content of the register
The register may contain the following personal data:
- Name of the person
- Company/Organization
- Contact information (phone number, email address)
- Username
- IP address of the network connection
- Information about ordered services and their changes
- Billing information
- Other information related to customer relationship and ordered services

6. Regular sources of information
The data to be stored in the register is obtained from customers, for example. :
- From messages sent via web forms
- By email
- By phone
- Through social media services
- Contracts
- Customer meetings
- Other situations in which the customer discloses their data.

7. Regular transfers of data and transfer of data outside the EU or EEA
The website uses Webflow (Webflow, Inc.) for form functionality, Google Analytics (Google LLC) for website usage tracking, and Google Maps (Google LLC) to display the location of the company’s office. Data processed through these services may be transferred outside the EU or EEA, particularly to the United States. Such transfers are carried out in accordance with the safeguards required by the EU General Data Protection Regulation (GDPR), such as the European Commission’s Standard Contractual Clauses (SCC).

Data collected through contact forms is used solely for responding to inquiries, analytics data is used for monitoring and improving website performance, and data processed through Google Maps is used solely for displaying the map and location information.

8. Principles of registry protection
Due diligence is observed in the processing of the register and the data processed with the help of information systems are properly protected. When register data is stored on Internet servers, the physical and digital security of their hardware is appropriately taken care of. The controller shall ensure that the stored data, as well as server access rights and other information critical to the security of personal data, are treated confidentially and only by the employees whose job description it belongs.

9. Right to audit and right to demand rectification of information
Each person in the register has the right to review their data recorded in the register and demand that any incorrect information be corrected or incomplete information be supplemented. If a person wishes to verify the data stored about him or to request a correction thereof, the request must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his/her identity. The controller responds to the customer within the time limit laid down in the EU Data Protection Regulation (usually within one month).

10. Other rights related to the processing of personal data
The person in the register has the right to request the erasure of personal data about him from the register (“the right to be forgotten”). Data subjects also have other rights under the EU General Data Protection Regulation, such as limiting the processing of personal data in certain situations. Requests must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his/her identity. The controller responds to the customer within the time limit laid down in the EU Data Protection Regulation (usually within one month).

Privacy Policy updated on October 14, 2025.