Skip to content
fi
WebShop

Privacy Policy

Privacy Policy explains how Elkome Oy processes personal data collected through its websites and services and for what purposes the data is used. It also describes the rights of data subjects and how requests related to personal data can be made.

Data Controller

Elkome Oy

Email: info@elkome.com
Website: https://elkome.com

Elkome Oy acts as the data controller and is responsible for the processing of personal data in accordance with this Privacy Policy.

 

Purpose of Processing Personal Data

Personal data is processed for the following purposes:

  • managing and developing customer relationships
  • processing and delivering orders (online store)
  • responding to inquiries and contact requests
  • developing services and websites
  • marketing communications in accordance with applicable legislation
  • fulfilling statutory and regulatory obligations

Categories of Personal Data Processed

The personal data processed may include:

  • name
  • company and job title
  • contact details (email address, phone number, postal address)
  • order and billing information
  • user account information
  • IP address and technical identifiers
  • website usage and interaction data

Only personal data that is necessary for the intended purpose is processed.


Legal Basis for Processing

The processing of personal data is based on:

  • the data subject’s consent (GDPR Article 6(1)(a))
  • performance of a contract or pre-contractual measures (GDPR Article 6(1)(b))
  • compliance with a legal obligation (GDPR Article 6(1)(c))
  • the legitimate interests of the data controller (GDPR Article 6(1)(f)), such as business development and ensuring information security

Data Retention Period

Personal data is retained only for as long as necessary:

  • for the duration of the customer relationship and thereafter as required by accounting and legal obligations
  • marketing-related data until consent is withdrawn
  • technical and log data for a limited period to ensure security and functionality

Data Disclosures and Transfers

Personal data may be disclosed to:

  • service providers (e.g. IT services, analytics, payment service providers)
  • authorities when required by law

Personal data is not disclosed to third parties for their own marketing purposes without consent.

Personal data may be transferred outside the EU or EEA only when appropriate safeguards under GDPR are in place, such as EU Standard Contractual Clauses.

Data Security

Personal data is protected using appropriate technical and organizational measures, including:

  • access control and user rights management
  • encrypted connections
  • firewalls and security systems
  • staff training and internal data protection guidelines

Rights of the Data Subject

Data subjects have the right to:

  • access their personal data
  • request rectification or erasure of personal data
  • restrict or object to the processing of personal data
  • withdraw consent at any time
  • lodge a complaint with a supervisory authority

Requests related to personal data can be submitted using the contact details of the data controller.

Cookies

Our websites use cookies. More information about the use of cookies and how to manage them is available in our Cookie Policy.


Changes to This Privacy Policy

We reserve the right to update this Privacy Policy. The most current version is always available on our website.