Privacy Policy

This is the registry and privacy policy of Grinvest Finland, in compliance with the General Data Protection Regulation (GDPR) of the European Union. The latest update was made on December 2, 2024.

1. Data Controller

Grinvest Finland Oy
Email: grinvest.finland@gmail.com

2. What Data Do We Collect and Why?

2.1 Contact Form

The data stored in the register is collected from customers through various means such as website forms, emails, phone calls, social media services, contracts, customer meetings, and other situations where the customer provides their information.

Information about contacts from companies and other organizations may also be collected from public sources such as websites, directory services, and other companies.

When you fill out the contact form on our website, we collect the following information:

Name
Company
Email address
Phone number
Content of the message

Purpose of Data Processing:

Customer service related to inquiries.
Responding to your queries and providing requested information.

Data Retention Period: We store the data submitted through the contact form for as long as necessary to respond to your inquiry or manage the customer relationship.

2.2 Google Analytics

Our website uses Google Analytics to collect information about how users visit our site. Google Analytics collects data such as:

Site visits and user movement on the site
User IP address (anonymized)
Browser and device used

Purpose of Data Processing:

Analyzing and improving website usage.
Optimizing the user experience.

Google Analytics uses cookies, which are small text files stored in your browser. You can disable cookies in your browser settings.

Data Retention Period: The data collected by Google Analytics is stored for up to 14 months.

3. Data Disclosure and Transfer

We do not sell or rent your data to third parties.

For Google Analytics, data may be transferred to Google’s servers in the United States. Google adheres to the EU-U.S. Data Privacy Framework principles and GDPR requirements.

4. Right to Access and Correct Information

Every individual in the register has the right to check the information stored about them and request corrections to any incorrect data or the completion of incomplete information. If a person wishes to check or correct their stored data, they must submit a written request to the data controller. The data controller will respond to the request within the time frame set by the EU data protection regulation (usually within one month).

5. Other Rights Related to Personal Data Processing

The individual in the register has the right to request the deletion of their personal data from the register (“right to be forgotten”). Registered individuals also have other rights under the EU General Data Protection Regulation, such as the right to restrict data processing in certain situations. Requests must be submitted in writing to the data controller. The data controller will respond to the request within the time frame set by the EU data protection regulation (usually within one month).