Privacy policy

1. Controller

Pohjaset Oy (Business ID: 0524788-9)
Pohjaset Recycling Oy (Business ID: 0226869-2)
Pohjaset Tehdas- ja Logistiikkapalvelut Oy (Business ID: 0888250-3)
Pohjaset Kiinteistöpalvelut Oy (Business ID: 2647790-7)

Address of all the above-mentioned companies: Valiontie 8, 94450 Keminmaa


Sales Director Raimo Pohjanen
postal address: Valiontie 8, 94450 Keminmaa
phone +358 400 696 646


The name of the filing system is the customer and marketing register.

4. Purpose of the processing of personal data and legal basis for the processing

The primary basis for the processing of personal data is the relationship between the controller and its customer or potential customer, the consent given by the data subject, the targeting of marketing and sales, or any other relevant connection.

  • Personal data may be processed for the following purposes, among others:
  • Creating and managing a customer relationship
  • development and monitoring of communications and marketing
  • collecting and processing customer feedback and customer satisfaction data
  • The controller does not do profiling.

The controller does not do profiling.

5. Contents of the filing system

Data subjects may store, among other things, the following types of data:

  • name, e-mail address, telephone number and other necessary contact information
  • organization and status
  • CRM information (notes)
  • products and services purchased by the customer and information related to their invoicing and other payment traffic
  • content produced by the data subject himself or herself, such as customer feedback and additional information provided by the data subject, such as customer wishes, satisfaction data or other similar information
  • the history of the transaction, and
  • other information provided to the controller by customers and potential customers themselves.


The information is obtained primarily from the registrants themselves and from public sources, such as business contacts on websites and address registers.

Information about visitors to the website may be collected, and cookies may be used on the website. Cookies are small text files that are stored on a visitor's terminal. The registrar uses cookies to improve the user experience of the site, to evaluate the content used and to support marketing. The information collected through cookies is anonymous and cannot be used to obtain information about an individual identifiable person.

For example, cookies can be used to collect the following information:

  • the user's IP address
  • time of visit
  • pages visited and duration of visit on the page
  • visitors’ organization, country, and city
  • the type of browser used or the operating system of the DTE (Data Terminal Equipment)
  • where the user has come to the site and where the user will go after using the site.

By using the website, you consent to the use and storage of cookies on your computer. Most browsers automatically accept cookies. The user has the option to block the use of cookies by changing the browser settings so that the browser does not allow the storage of cookies. In this case, however, the user accepts that for some services, blocking the use of cookies may affect the functionality of the service.


The site has Google Analytics user reporting enabled. Anonymous visitor statistics are based on purely technical information transmitted by your browser and your Internet connection, and these statistics do not provide information about the visitor as a person. In addition to technical statistics, demographic and thematic reporting collects personal information about target groups, such as age and gender, as well as thematic information about interests.

The reports show how many users of the site visit the site over a period and how their behavior varies, for example, by gender. Report data is obtained from a DoubleClick third-party cookie. If the cookie is not related to a user, the target group information and topics cannot be deduced from the statistics. The site uses the information gathered from target group and topic reporting to design topics so that we can provide readers with articles that interest them. You can block the use of Google Analytics with a browser extension.

7. Regular disclosures of data

The controller may disclose or transfer personal data to companies belonging to the same group as it and to third parties involved in the provision of its services as subcontractors. The disclosure of information to partners will only take place for purposes that support the mission of that registry (e.g., direct marketing, customer satisfaction, and market research). Partners are not allowed to use the information for any other purpose.

8. Transfer of data outside the EU or the EEA

Personal data are not transferred outside the EU or the EEA.


The data subjects have the right to check what information about them is stored in the register. In addition, he shall have the right, after having made a sufficiently precise and specific request for an inspection, to have access to the information concerning them and contained in the records. The request for verification must be addressed in writing, signed to the contact person of the controller, and enclosed with a copy of the photo ID.


The controller shall correct any inaccurate information provided by the data subject in the register of personal data. The registrar is also obliged to check the relevance and timeliness of the information in the register through independent activities. The data subject may also request the controller to remove the data relating to him or her from the register by submitting his or her request to the controller at the address mentioned in section 2.


The data subject has the right to demand a restriction on the processing of personal data. The data subject shall also have the right to obtain personal data concerning him which he has provided to the controller in a structured, commonly used, and machine-readable form and the right to transfer such data to another controller. In addition, the data subject has the right to object to the processing of data, automatic decision-making, and profiling. If the controller has not complied with the applicable data protection rules, the data subject has the right to lodge a complaint with the competent supervisory authority.


The data controller shall delete the data from the register when there is no longer a business reason for the data processor or if the data subject himself or herself requires the data controller to delete the data concerning him or her by law.

Data will be destroyed by overwriting and paper documents will be destroyed with due regard to data security when there are no longer grounds for processing or storing the data. However, the data will not be deleted if the law provides otherwise or if the competent authority has initiated a process that requires the data controller to retain the data or if another party has applied to the Finnish court for a security protection decision for the data.


The controller reserves the right to change this privacy statement by posting it on its website.