privacy policy


Key­fra­me Oy
Teräs­tie 2
84100 Yli­vies­ka
p. +358 44 275 1400
Busi­ness ID: 3143882–2

Data Protection Officer

Jaak­ko Nie­me­lä
p. +358 44 275 1400

1. Register Name

Cus­to­mer and cus­to­mer group regis­ter as well as mar­ke­ting regis­ter of Key­fra­me Oy.

2. Information in the Register

Cus­to­mer infor­ma­tion, cus­to­mer-rela­ted data, and mar­ke­ting-rela­ted data.

3. Information Collected in the Register

  • Com­pa­ny and/or con­tact per­son’s first and last name, visi­ting and pos­tal address, email address, pho­ne num­ber
  • Web­si­te URL, publicly avai­lable clas­si­fica­tion data
  • Infor­ma­tion on mar­ke­ting per­mis­sions and pro­hi­bi­tions
  • Clas­si­fica­tion data and job tit­le infor­ma­tion pro­vi­ded by con­tacts them­sel­ves
  • IP address or other telecom­mu­nica­tion iden­ti­fier obtai­ned through the ser­vice
  • Cus­to­mer feed­back infor­ma­tion
  • Order, deli­ve­ry, and bil­ling infor­ma­tion
  • Infor­ma­tion col­lec­ted through coo­kies

Other infor­ma­tion col­lec­ted when using ser­vices rela­ted to the cus­to­mer or cus­to­mer group

  • Data sets gene­ra­ted by the ser­vice and report infor­ma­tion com­pi­led from them, as well as his­to­rical data.
  • Infor­ma­tion col­lec­ted from the web ser­vice; data pro­vi­ded by exter­nal sys­tem suppliers
  • We sto­re in our regis­ter the infor­ma­tion that the regis­te­red per­son pro­vi­des via the con­tact form on Key­fra­me Oy’s web­si­te or via email rela­ted to cus­to­mer rela­tions­hips or ser­vices offe­red.

4. Purpose of the Register

Per­so­nal data is proces­sed wit­hin the limits and in the man­ner per­mit­ted and requi­red by the Per­so­nal Data Act (523/99) and the EU Gene­ral Data Pro­tec­tion Regu­la­tion (679/2016). The regis­ter is used in accor­dance with exis­ting laws and regu­la­tions for the fol­lowing pur­po­ses:

  • Mana­ging, main­tai­ning, and deve­lo­ping cus­to­mer rela­tions­hips.
  • Pro­vi­ding and impro­ving ser­vices.
  • Inter­nal trai­ning.
  • Grou­ping ser­vices and cus­to­mers.
  • Com­mu­nica­ting with cus­to­mers.
  • Bil­ling for ser­vices.
  • If neces­sa­ry, debt col­lec­tion.

The col­lec­tion and use of data in the regis­ter strict­ly adhe­re to the cri­te­ria defi­ned in the law and regu­la­tion, and all par­ties invol­ved in data proces­sing comply with the res­pon­si­bi­li­ties and obli­ga­tions of the data proces­sor and the data cont­rol­ler.

The pur­po­se of the mar­ke­ting regis­ter is to faci­li­ta­te com­mu­nica­tion, infor­ma­tion dis­se­mi­na­tion, and, when reques­ted by the data sub­ject, the execu­tion of various direct mar­ke­ting actions such as email news­let­ters, pho­ne calls, or other types of con­tact.

5. Regular Sources of Register Information

  • Key­fra­me Oy’s cus­to­mer regis­ter.
  • Public web­si­tes.
  • Infor­ma­tion pro­vi­ded by cus­to­mer ser­vice regar­ding the use of ser­vices, inclu­ding data pro­vi­ded by exter­nal sys­tem suppliers.
  • Infor­ma­tion pro­vi­ded and sub­mit­ted by cus­to­mers.

6. Regular Disclosures and Transfers of Data within or outside the European Union or the European Economic Area

Data is not disclo­sed or sold to third par­ties in con­nec­tion with cus­to­mer rela­tions­hips. Data is not trans­fer­red abroad or out­si­de the Euro­pean Union or the Euro­pean Eco­no­mic Area.

To ensu­re the qua­li­ty of the ser­vice, we may disclo­se data to tech­nical part­ners who process data only to the extent neces­sa­ry for the pro­vi­sion of the ser­vice. Part­ners do not use the data for other pur­po­ses and do not disclo­se or sell data to third par­ties.

Data col­lec­ted from ser­vices is sto­red and, when neces­sa­ry for the pro­vi­sion of the ser­vice and as desc­ri­bed in the sys­tem supplier’s pri­vacy policy, trans­fer­red to the data­ba­ses defi­ned by the sys­tem supplier.

7. Principles of Register Protection

In proces­sing per­so­nal data, the obli­ga­tion to exerci­se care and pro­tect data, as requi­red by data pro­tec­tion legis­la­tion, is fol­lowed in addi­tion to good data mana­ge­ment prac­tices. The regis­ter is pro­tec­ted against unaut­ho­rized access, both tech­nical­ly for the data cont­rol­ler and for sys­tem suppliers. Data trans­fer is car­ried out using data trans­fer pro­tec­tion met­hods and prac­tices as requi­red by laws and regu­la­tions.

Access to the regis­ter and per­so­nal data is limi­ted to Key­fra­me Oy per­son­nel who­se job duties requi­re proces­sing the data. Regis­ter usa­ge is pro­tec­ted by per­so­nal user IDs and passwords. Key­fra­me Oy staff are bound by con­fi­den­tia­li­ty and non-disclo­su­re obli­ga­tions.

Neces­sa­ry mea­su­res are taken in the proces­sing of per­so­nal data to pro­tect against unaut­ho­rized access and acci­den­tal or unlaw­ful destruc­tion, alte­ra­tion, disclo­su­re, trans­fer, or other unlaw­ful proces­sing. Digi­tal­ly sto­red and proces­sed data is sto­red in data­ba­ses pro­tec­ted by firewalls, passwords, and other tech­nical mea­su­res. Paper-based data is kept in loc­ked pre­mi­ses.

8. Storage Period and Criteria for Personal Data

Per­so­nal data is retai­ned only for as long as neces­sa­ry. Dates for data dele­tion and dele­tion prac­tices are defi­ned, and out­da­ted and unneces­sa­ry per­so­nal data is remo­ved. The­re may also be a legal obli­ga­tion to retain per­so­nal data.

9. Evästeet

We use coo­kies on our web­si­te. A coo­kie is a small text file sent to and sto­red on the user’s com­pu­ter, which does not harm users’ com­pu­ters or files.

The pur­po­se of coo­kies is to enhance and cus­to­mize the visi­tor’s user expe­rience on the site, as well as to ana­lyze and impro­ve the func­tio­na­li­ty and con­tent of the site. Infor­ma­tion col­lec­ted through coo­kies may also be used for tar­ge­ting com­mu­nica­tion and mar­ke­ting acti­vi­ties, as well as opti­mizing mar­ke­ting efforts.

The pur­po­se of using coo­kies is to impro­ve the visi­tor’s user expe­rience on our web­si­te and to ana­lyze and enhance the func­tio­na­li­ty and con­tent of the site. We use Google Ana­ly­tics for col­lec­ting sta­tis­tics and ana­lyzing data, and more infor­ma­tion about the use of coo­kies by Google Ana­ly­tics can be found on their own pri­vacy and secu­ri­ty page.

Visi­tors can­not be iden­ti­fied sole­ly through coo­kies. Howe­ver, infor­ma­tion obtai­ned through coo­kies can be lin­ked to data that may have been obtai­ned from the user in other con­texts, such as when the user fills out a form on our web­si­te.

The fol­lowing types of infor­ma­tion are col­lec­ted through coo­kies:

  • Visi­tor’s IP address.
  • Time of visit.
  • Pages visi­ted and viewing times of pages.
  • Visi­tor’s brow­ser.

Users visi­ting our site have the option to block the use of coo­kies at any time by chan­ging their brow­ser set­tings. Most web brow­sers allow you to disable coo­kies and dele­te alrea­dy sto­red coo­kies. Bloc­king the use of coo­kies may affect the func­tio­na­li­ty of the site.

10. Rights of the Data Subject

Sec­tion 26 of the Per­so­nal Data Act and EU GDPR Regu­la­tion (679/2016) pro­vi­de the data sub­ject with the right to access the data col­lec­ted about them by Key­fra­me Oy.

The data sub­ject has the right to ins­pect their per­so­nal data sto­red in the regis­ter by sen­ding a writ­ten request to the per­son res­pon­sible for data sub­jects. The request must inclu­de the per­so­nal iden­ti­fica­tion num­ber and sig­na­tu­re. The ins­pec­tion request can also be made in per­son to the data cont­rol­ler at Key­fra­me Oy’s office.

The data sub­ject has the right to request the cor­rec­tion of inaccu­ra­te data, the dele­tion of their per­so­nal data from the regis­ter, or the trans­fer of their data to anot­her data cont­rol­ler. Howe­ver, this right does not apply to data sub­ject to other legal obli­ga­tions for reten­tion. His­to­rical data sto­red in the regis­ters regar­ding the use of the ser­vice can be pro­vi­ded to the data sub­ject upon request, to the extent that it concerns them.

The data sub­ject has the right to object to the use of their data for direct mar­ke­ting, dis­tance sel­ling, or other direct mar­ke­ting acti­vi­ties, as well as for opi­nion and mar­ket research.

Elect­ro­nic direct mar­ke­ting may be addres­sed to the data sub­ject if they have given their con­sent. The data sub­ject has the right to with­draw their con­sent at any time.

Any dis­pu­tes shall be pri­ma­ri­ly resol­ved through nego­tia­tion with the data sub­ject. The data sub­ject has the right to sub­mit the mat­ter concer­ning the proces­sing of per­so­nal data to the data pro­tec­tion aut­ho­ri­ty for inves­ti­ga­tion if neces­sa­ry.

Email address
The form has been sub­mit­ted success­ful­ly!
The­re has been some error whi­le sub­mit­ting the form. Plea­se veri­fy all form fields again.


Busi­ness ID: FI3143882‑2

Scroll to Top