Privacy Policy
NOTE: The Finnish version is the binding privacy policy, this is just a translation.
LAST UPDATED: 2025-04-02
1. Introduction
This privacy statement explains how Kontakto Oy (2831767-5) collects, uses, stores, and protects your personal data when you use kontakto.fi, all related domains and other services provided by Kontakto Oy.
Kontakto is committed to protecting your privacy. As a data controller, we are responsible for ensuring that your personal data is processed in compliance with applicable data protection laws, such as the General Data Protection Regulation (EU) 2016/679, the Finnish Data Protection Act, and the Act on Electronic Communications Services 2014/917 ("Data Protection Regulations").
By using our website and services, you acknowledge that you have read and understood this Privacy Policy.
2. Register Keeper and Contact Information
The controller of the personal data referred to in this Privacy Policy is:
- Organization: Kontakto Oy (2831767-5)
- Official Address: Kinkomaantie 25, 40930 Kinkomaa
- Contact Person: Tommi Savikko
- Email Address: tommi.savikko(at)kontakto.fi
3. Legal Basis for Processing
Kontakto processes your personal data based on the following legal grounds:
- To fulfill our contractual obligations to you.
- To comply with legal obligations and claims.
- Service usage monitoring, reporting, and service billing.
- Customer communications and responding to contact requests.
- Business and service development.
We rely primarily on the contractual basis for processing. For free services, we collect your email for login purposes. For paid services, we need billing details to process payments.
4. Purpose of Personal Data Processing
We use your personal data for the following purposes:
- Process your order and manage your account.
- Service provision, maintenance, and development.
- Usage monitoring, reporting and service billing.
- Communication about new updates and features.
- To improve and customize your user experience.
- Analyze usage to help us develop our services.
- Detect and prevent technical issues, and prevent fraud or other illegal activities.
- Handling retention, reporting, and inquiry obligations in accordance with legal requirements and guidelines from authorities.
When you register for our services, we may use automated decision-making to:
- Check the financial status of the company you represent.
- Verify the accuracy of the information provided.
- Check if your email has been used previously with our services.
- Check other historical data related to your email address.
Based on these automated checks, we may deny access to our services. The processing is necessary for us to comply with our contractual obligations.
5. What Information Do We Collect?
Kontakto collects the following information as needed:
- Personal identification information, such as name, email address, phone number.
- Information about the company being represented, such as company name, business ID, and other relevant business details.
- Activity logs and technical data related to usage. The logs store device information such as IP address, browser type, device identifiers, and other technical information as needed.
We collect data through the following means:
- Data is primarily collected directly from you when you register for our services, place orders, contact us, or use our website.
- Automatically, through cookies, server logs, and similar technologies when you use our website and services. We collect anonymous usage statistics to improve our services.
6. Data Sharing
We may share your personal data with third parties in the following circumstances:
- Service Providers: We may share your personal data with third-party service providers who perform services on our behalf, including hosting and infrastructure providers, analytics providers, notification services, and payment processors. These service providers are contractually bound to handle your data securely and only in accordance with our instructions.
- Legal Requirements: We may disclose your personal data if required by law or in response to valid requests by public authorities (e.g., a court or government agency).
- Business Transfers: If Kontakto is involved in a merger, acquisition, or sale of all or a portion of its assets, your personal data may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal data.
7. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a shorter retention period is required or mandated by law. Currently, we retain your data until you request its deletion, within the framework of our legal obligations.
Kontakto securely stores your data using industry-standard technical and organizational measures to protect against unauthorized access, alteration, disclosure, or destruction. These measures include but are not limited to encryption of data, regular security assessments, access controls and authentication requirements, system monitoring and logging, and regular backups.
8. Data Transfer Outside the EU or EEA
Kontakto primarily operates in Finland, but your data may be processed outside the European Economic Area (EEA). We do not transfer data outside the EU or EEA except in exceptional cases. If data is transferred outside the EEA, we ensure an adequate level of protection for personal data by using, for example, Standard Contractual Clauses approved by the European Commission or by relying on adequacy decisions.
9. Cookies
We use only essential cookies on the site. Cookies enable, among other things, the preservation of user choices, such as language selection. We do not use cookies for tracking or advertising.
10. Right of Access and Right to Request Correction of Data
In accordance with the law, you have the right to review what information we have collected about you. You also have the right to request the correction or deletion of inaccurate, incomplete, unnecessary, or outdated personal information.
You can exercise these rights by contacting the data controller.
11. Service Termination and Data Retention
Upon termination of the service:
- All personal data will be retained only as long as it is required for the purposes stated in this privacy policy or as long as it is legally required.
- Users can request the deletion of their personal data. The data will be deleted unless its retention is necessary to fulfill our contractual or legal obligations.
12. Changes to Privacy Policy
Kontakto Oy regularly reviews its privacy policy and posts any updates on this web page.
13. How to Contact the Appropriate Authority
If you wish to file a complaint or if you feel that Kontakto Oy has not addressed your concern satisfactorily, you can contact the Office of the Data Protection Ombudsman.
- Name of the authority: Tietosuojavaltuutetun toimisto
- Email: tietosuoja(at)om.fi
- Address: PL 800, 00531 Helsinki