Aikalocker

Privacy statement

Contact and Customer Register
(In accordance with the EU General Data Protection Regulation 2016/679)

Data Controller
SHJ Group Oy
Tetriläntie 9
90460 Oulu

Contact Person for Register-Related and Data Protection Matters
Seppo Kangas
Sähköposti: seppo.kangas@aikalocker.com
Puh. +358 50 4252123

Name of the Personal Data Register
The name of the register is the Contact and Customer Register.

Publicity of the Register
The data collected in the register created from contact and customer information is not public. The data is collected solely for internal use by the SHJ Group Oy.

Legal Basis and Purpose of Personal Data Processing
Personal data is used for lawful activities and processed in a legal, appropriate, and transparent manner from the data subject’s perspective. Personal data is processed confidentially and securely. The legal basis for processing personal data is:

a) The data subject’s consent to market and sell services based on their contact requests. The purpose of the register is to enable a response to the data subject’s contact request for service marketing; or
b) Legitimate interest in maintaining the customer relationship. The purpose of the register is to enable communication between the data controller (service provider) and the data subject (customer); or
c) A contract between the data controller (service provider) and the data subject (customer). The purpose of the register is to enable the delivery of services agreed upon in the contract (e.g., by email or post).

Regular Sources of Information
The personal data collected in the register is regularly obtained from the data subject themselves. The data is collected when the data subject fills out and submits the contact form on the website aikalocker.com

Other methods for the data subject to make contact requests include email, phone, SMS, Facebook, LinkedIn, Instagram, Teams, and letter.

Processed Personal Data
The personal data processed through the contact form includes name, email address, phone number, and organization. In other forms of contact, the data subject may also voluntarily provide their job title, the street address of the organization, and the organization’s website address.

Regular Disclosure of Personal Data
Personal data will not be disclosed to third parties. Personal data will not be transferred outside the EU or EEA. The processing of stored data is confidential. The data controller does not disclose register data to third parties for marketing or other purposes.

If a legally binding request for disclosure is made by an authority, the data may be disclosed to that authority.

Retention Period of Data in the Register
Data will be stored for as long as the customer relationship or contact based on the request lasts. One year after the end of the customer relationship.

Data Protection and Security
Data is stored securely in a system and environment protected by a firewall and antivirus software. Only the register administrator has access, using a username and password.

Use of Personal Data for Profiling or Automated Decision-Making
The data in the personal data register is not used for profiling or automated decision-making.

Data Subject’s Rights Regarding Personal Data Processing
The data subject has the following rights concerning their personal data in the register:

– The right to know whether their personal data is being processed
– The right to receive a copy of their personal data in a clear and readable format within 30 days of request. The request must be sent in writing via email, with identity verification
– The right to request correction of inaccurate personal data
– The right to request deletion of their data if, for example, the customer relationship has ended or the data is no longer needed for its original purpose
– The right to withdraw consent at any time, if data processing is based on consent
– The right to request restriction of data processing when they do not want the data to be deleted entirely. This may apply when data processing is unlawful. The data subject may prohibit deletion if they need the data to establish a legal claim, even if the controller no longer needs the data for its original purpose
– The right to transfer data from one system to another. The data subject has the right to receive their data in an electronic format suitable for transfer to another controller

Right to Lodge a Complaint with a Supervisory Authority
The data subject has the right to lodge a complaint with a supervisory authority in the EU member state of their habitual residence or place of work, or where the alleged breach of data protection legislation has occurred.

Contact Regarding the Personal Data Register
In matters related to the processing of personal data and the cases mentioned above, the data subject should contact the data controller. The data subject can contact the controller by sending an email to info@aikalocker.com

Approval of the Privacy Statement
This Privacy Statement is approved as continuous and has been reviewed on 23 May 2025.
(It applies the EU General Data Protection Regulation 2016/679).