Customer Register – Privacy Statement

Draft Date



Henna Pihlman
Stephen Industries Inc Oy
Mikonkatu 9 (Epicenter)
00100 Helsinki

Contact Person Register

Henna Pihlman
Stephen Industries Inc Oy
Mikonkatu 9 (Epicenter)
00100 Helsinki

Registry Name

Customer Register

Purpose of Personal Data Processing

The company’s investors are counted as customers. The purpose of the register is for the company’s maintenance, administration, archiving, and processing of the customer register and customer relationship management. Personal data is processed within the limits permitted and required by the Personal Data Act. The information in the register can be used in the company’s own registers, for example, for targeting advertising, without disclosing personal information to external parties. The company may use partners to maintain the customer and service relationship, in which case parts of the register data may be transferred to the partner’s servers due to technical requirements. Data is processed only to maintain the company’s customer relationship through technical interfaces.

Data Content of the Register

The personal register contains the following information:

  • The person’s first and last name
  • The community it represents
  • The y-identifier/other identifier of the community it represents
  • Email address
  • Postal address
  • Phone number

Regular Sources of Information

Information is obtained from registrations made by the customer and notifications made by the customer during the customer relationship. Name and contact information updates can also be obtained from authorities and companies offering update services. Information can also be obtained from subcontractors related to using or producing the service. Information about the customers’ other actions in the digital environment can be obtained from partners’ sites, information systems, or other digital sources, which are logged in via an electronic invitation, via cookies, or using the credentials given to the customers.

Regular Transfers of Information

The information in the customer register is only used by the company, except when using an external service provider either to produce a value-added service or to support the credit decision. Information is not disclosed outside the company or its partners for use, except for those related to credit application, collection, or invoicing matters and when required by law. The registrant’s personal data will be destroyed at the user’s request unless legislation, open invoices, or collection actions prevent data from being deleted.

Data Transfer within the EU or outside the EEA

Personal data is not transferred outside the European Union, unless it is for the company or its partner to ensure the technical implementation necessary.

Registry Protection Principles A: Manual Material

In customer events, contact information and others are collected manually. Documents containing customer data to be processed are kept for the initial processing after in locked storage facilities. Everyone has a non-disclosure agreement signed, and employees have the right to process manually saved customer information.

Registry Protection Principles B: with ATK Functions to be Processed

All employees of the company and companies acting on its behalf have the right to use the customer owner and customer register and maintain its information. Each defined user has his own personal username and password. Each user has signed a non-disclosure agreement. The system is protected by a firewall that protects outsiders’ contacts to the system.


We use cookies on our website. The cookie is small, just a text file for the user to send to the computer and to be stored there. Cookies do not damage users’ computers or files. The primary purpose of using cookies is to improve and customize the visitor user experience on the site and to analyze and improve the site’s functionality and content. Information collected with the help of cookies can also be used for communication and marketing targeting and marketing measures in optimization. The visitor cannot be identified using cookies alone. However, information obtained with the help of cookies can be attached by the user possibly to information obtained in another connection, for example, the user when filling out the form on our website.

The following types of information are collected with the help of cookies:

  • Visitor’s IP address
  • The time of the visit
  • Browsed pages and page viewing times
  • The visitor’s browser

Your rights

The user visiting our website has the option to block at any time the use of cookies by changing your browser settings. Most browser programs enable the cookie function to be turned off and already deleting stored cookies. Blocking the use of cookies may affect the site’s functionality.

Google Analytics

The website collects usage statistics for the Google Analytics service, which the purpose is site monitoring, development, and marketing planning. The collected data cannot be individualized to an individual to the user or person. In addition, the site is used to collect target group information and subject area information (Google Analytics Demographics), which is used to store e.g. age, gender, and the subject areas of the user. Related to the collection of this information you can change the settings with your own Google account at

If you wish, you can disable Google Analytics tracking in the Chrome browser with an addendum.

Right of Inspection

The registered person has the right to check what information about him is in the register. The inspection request must be made in writing by contacting the register contact person in Finnish or English. The inspection request is to be signed. The registered person has the right to refuse the processing and disclosure of his data direct advertising, distance sales, and direct marketing as well as market and for the opinion survey by contacting the registry’s contact person.

The Right to Demand Information Correction

In the register, in terms of the purpose of processing incorrect, unnecessary, incomplete, or outdated personal information is to be corrected, deleted, or supplemented. The correction request must be made in a handwritten, signed request to the personal register to the administrator. The request must specify what information is required to be corrected and by what means by. The repair will be carried out without delay. The correction of the error will be notified to the person from whom the incorrect information was received or to whom the information has been disclosed. The person responsible for the registry issues a written denial of the correction request a certificate stating the reasons for which the correction request has been refused. The person concerned can appeal the refusal to be decided by the data protection officer.

Other personal data related to processing rights 

The registered person has the right to refuse the disclosure and processing of his data for direct advertising and other marketing purposes, require information anonymization where applicable, and the right to be completely forgotten.