Statement on the processing of personal data

According to the General Data Protection Regulation, the controller is obliged to inform data subjects in a clear manner. This statement fulfills the obligation to provide information.

1. Data controller 

Company name and business ID: Limited company Törnberg Partners Ltd, business ID: 3556243-3

Company contact details and visiting address: info@kptpartners.fi, c/o Boffice Kamppi, Kansakoulukuja 3 A 444, 00100 Helsinki

Contact details for matters relating to the register: name and contact details of the person responsible: Kristian Törnberg, kristan@kptpartners.fi, +358 10 2994 410

2. Registered 

Our company's customers and their representatives, users of the contact and request a quote forms on our website, newsletter subscribers, and people who take part in our training and events. 

3. Purpose of use of personal data 

Reason for maintaining the register: 

We collect, process, and use only personal data that is necessary for our business, effective customer service, and relevant commercial activities. 

We therefore collect and process personal data on the basis of our customer relationship and consent, and in order to manage our relationships with our service providers and other partners. 

The data subject may have given their consent to the processing of their personal data for one or more specified purposes. This is typical in various activities that promote our operations or services, such as marketing or social media campaigns. The data subject is always informed of the purpose of the processing and its details before consent is requested.

We may process personal data in order to fulfill our legal obligations, for example in relation to accounting (invoicing).

Purpose of processing personal data and use of the register 

Personal data may only be processed for predefined purposes, which are as follows:  

Customer relationship management and service provision, accounting (invoicing), communication and customer communications, customer feedback, marketing and service development, and compliance with legal obligations. 

4. Personal data to be stored in the register 

The customer register contains the following information: 

Contact 

  • name,

  • address,

  • email, 

  • phone number,

  • personal identification number, only if a debt relationship arises.

  • in addition, for corporate customers, business ID and website address


Customer information 

  • information about purchased products/services.

5. Rights of the data subject 

The data subject has the following rights, requests to exercise which should be made to info@kptpartners.fi, Törnberg Partners Ltd, c/o Boffice Kamppi, Kansakoulukuja 3 A 444, 00100 Helsinki.

Right of inspection 

The data subject may check the personal data we have stored.  

Right to rectification

The data subject may request the correction of any inaccurate or incomplete information concerning him or her.

Right to object 

The data subject may object to the processing of personal data if they feel that the personal data has been processed unlawfully.  

Direct marketing ban 

The data subject has the right to prohibit the use of data for direct marketing purposes. 

Right of removal 

The data subject has the right to request the deletion of data if the processing of the data is not necessary. We will process the deletion request and then either delete the data or provide a justified reason why the data cannot be deleted.  

It should be noted that the controller may have a statutory or other right not to delete the requested information. The controller is obliged to retain accounting records for the period specified in the Accounting Act (Chapter 2, Section 10) (10 years). For this reason, accounting-related material cannot be deleted before the expiry of the specified period.

Withdrawal of consent

If the processing of personal data concerning the data subject is based solely on consent and not, for example, on customer status or membership, the data subject may withdraw their consent.

The data subject may appeal against the decision to the Data Protection Ombudsman. 

The data subject has the right to request that we restrict the processing of disputed data until the matter is resolved. 

Right of appeal 

The data subject has the right to lodge a complaint with the Data Protection Ombudsman if they feel that we are violating applicable data protection legislation when processing personal data. 

Contact details for the Data Protection Officer https://www.tietosuoja.fi

6. Regular sources of information 

Customer data is regularly obtained from the customer themselves when the customer relationship is established or via an online form. 

We may also combine personal data about the data subject that we have obtained from public sources and various business contacts, for example in connection with the provision of services or marketing communications.

Customers are not obliged to provide us with their personal data, but refusal to do so may have various consequences depending on the situation. In some situations, for example, we may not be able to provide our services or act in accordance with the customer's request.

7. Regular disclosure of information 

As a rule, we do not disclose information for marketing purposes outside Törnberg Partners Ltd. 

We have ensured that all our service providers comply with data protection legislation. 

We regularly use the following service providers: Finago Oy, Holvi Oy, Microsoft Oy. 

8. Duration of processing 

Personal data will only be stored for as long as necessary to fulfill the purpose of processing, including to comply with legal, accounting, or reporting requirements. 

Personal data related to customer relationships is generally processed for as long as the customer relationship is valid. The data is deleted no later than two years after the end of the customer relationship. 

The retention period for personal data processed on the basis of consent is determined by the purpose of processing. 

Those registered on our marketing list can unsubscribe themselves via the link included in every marketing email we send.  

9. Processors of personal data 

Personal data is processed by the shareholders of Törnberg Partners Ltd. 

We may also partially outsource the processing of personal data to a third party, in which case we will ensure through contractual arrangements that personal data is processed in accordance with applicable data protection legislation and otherwise appropriately. 

10. Transfer of data outside the EU 

The personal data we process is mainly located in the EU or the European Economic Area. However, we may transfer personal data outside these areas when our service provider or partner processing personal data operates wholly or partly in a third country. Personal data may also be transferred to third countries in situations where this is required by mandatory legislation outside the EU that is binding on our partner.

When transferring data outside the EU and EEA, we ensure an adequate level of protection for personal data by, among other things, agreeing on matters related to the confidentiality and processing of personal data in accordance with the requirements of the legislation. 

11. Information security 

We implement appropriate measures (including physical, technical, and administrative measures) to protect personal data from loss, destruction, misuse, and unauthorized access or disclosure. 

For example, we restrict access to personal data to only those employees of the controller or service providers who need this information in their work. They process the personal data of data subjects only in accordance with our instructions and under a duty of confidentiality.

Please note that even appropriate measures cannot prevent all possible security breaches. 

In the event of a data breach, we will notify you in accordance with applicable law.