Privacy Policy

This is a privacy policy and data protection statement in accordance with the EU General Data Protection Regulation (GDPR).

Name of the registry

La Islas Oy customer Database

Data controller

La Islas Oy, Y‑tunnus: 3314563-6

Data Protection Officer

Anne Saha, CEO

Purpose of the Registry

The purpose of this database is to serve as La Islas Oy’s customer database.

The data may be used for the following purposes:

  • Managing customer relationships

Standard data sources

The primary source of information is the customer. Information may also be obtained from government and business registries, as well as from our partners.

Data content of the registry

The database primarily contains information provided to La Islas Oy by the customers themselves.

The database may include, among other things, the following customer information

  • Name
  • Email address
  • And other information provided by the user

Regular disclosures of information

With the customer’s consent, data may be disclosed to mutual partners of the customer and La Islas Oy for the purpose of delivering the products and services ordered by the customer.

Billing-related data may be disclosed to parties that process payment transactions.

Data will not be disclosed to other third parties within or outside the EU.

Data may be disclosed to authorities if they submit a request based on Finnish law.

Principles of Data Protection

Manual materials

No physical copies of the data are retained, with the exception of accounting records, which are accessible only to designated employees of La Islas Oy and the accountant, who are bound by a duty of confidentiality.

Data stored in information management systems

Data is transmitted over an SSL-secured connection.

Electronic data is protected by a firewall. Only designated employees of La Islas Oy have access to the registry data. Employees are identified by a username and password. The data is treated as confidential and may not be disclosed to anyone other than those who need it for their work and who are bound by a duty of confidentiality.

Right of inspection and prohibition

The data subject has the right to inspect the personal data stored in the personal data register that pertains to them. A signed written request for inspection must be sent to the person responsible for the register.

The right to inspect is free of charge when exercised no more than once a year.

Data retention period

We retain personal data only for as long as is necessary, depending on the type of personal data and the purpose of its processing.

Cookies

This website uses cookies. Cookies are small text files generated by our website that are stored in your browser’s memory with your consent. Cookies allow us to analyze the service requests you make to our online service via your browser, identify the choices and settings you make while using the site, and use this information to provide personalized services.

You can use your web browser’s settings to block or delete cookies. However, this may affect our ability to provide personalized, high-quality online services.