PRIVACY POLICY

Updated: April 14, 2026.

1.RegistrarName: HAIV OY

Person in charge of registration matters: Tomi Salonen

Contact information: tomi@haiv.fi


2. Purpose of use of dataWe collect personal data so that we can:Manage customer relationships and process orders.

To maintain customer relationships and develop our service.


3. Basis for data collection and processingWe process your data in accordance with the EU General Data Protection Regulation (GDPR) on the following grounds:Based on your consent: We use cookies to collect information about your use of the site, such as which pages have been visited.

To perform the contract: We collect the information you provide on the form so that we can process your contact request and serve you.

Our legitimate interest: We may use the information to maintain and develop the customer relationship.


4. Data content of the register

The information we collect through forms may include, among other things, the following information: Company name and Business ID.

Contact person's name and contact information (email address, phone number).

Possible wishes based on the service.

Through analytics: Location information, IP address and information related to site usage if you have accepted cookies.


5. Data retention periodWe retain personal data only for as long as is necessary for the purposes stated in this statement. Customer data is retained for the duration of the contract and for the period required by law (e.g. accounting obligations).

6. Regular data sourcesData is collected primarily through forms you fill out yourself. We also collect information about website usage using Google Analytics 4 and technical log data from the Duda platform. Cookie preferences are managed through the Termly service.

7. Data transfers and transfers outside the EU/EEA

We do not routinely share your information outside of the company, but we use trusted service providers to implement the website and analytics. Website platform: Our website is built on the Duda platform. The website hosting and servers are located in Europe.

Cookie management: We use the Termly service to manage cookie consents.

Analytics and advertising: We use Google Analytics 4, Google Ads and Meta Pixel services. Google Ireland Ltd. is responsible for Google services in the EU.

Although the servers are located in the EU, some of the service providers (Google, Duda Inc., Termly Inc.) are based in the US, which means that data may technically be processed outside the EU. Data protection is then ensured through the EU Model Contractual Clauses (SCC) and the EU-US Data Privacy Framework, to which these operators have committed.

8. Use of cookiesWe use cookies on our website to improve your experience and analyze site usage. We use the Termly tool to manage cookies and collect consent.Cookies are categorized as follows:Essential: These are required to ensure basic site functions (e.g. security and site loading on the Duda platform). These cannot be turned off.

Performance and analytics: These are used to measure visitor numbers and traffic sources (e.g. Google Analytics).

Advertising: These can be used to show you ads that match your interests (e.g. Google Ads, Meta Pixel).

We ask for your consent to the use of cookies with a cookie banner provided by Termly when you access our website. You can change your settings at any time via the "Cookie Settings" link or icon found on the website.

9. Register protectionWe protect your data carefully: Communication is protected with an SSL connection (HTTPS).

Electronic data is protected by a firewall and usernames and passwords.

We use two-factor authentication (2FA) in management systems.

Access to the data is limited to only those individuals who need the information to perform their job duties.


10. Automated decision-makingWe do not make automated individual decisions (Article 22 of the GDPR).

11. Data subject rightsYou have the following rights regarding your personal data:Right of inspection: The right to know what information we have stored about you.

Right to rectification: The right to request correction of inaccurate information.

Right to erasure: The right to request the erasure of your data (excluding legal obligations).

Right to restriction of processing.

Right to object.

The right to transfer data from one system to another.

Right to withdraw consent: You can withdraw your cookie consent at any time through Termly settings.

Right to complain: The right to file a complaint with the Data Protection Commissioner if you believe that data processing does not comply with the law. You can exercise your rights by sending a written request to the person in charge of registration matters.