Santelo Oy
Korpelantie 12,
11130 Riihimäki
business identity code: 1923653-1

Contact details for the registry administrator

Elias Luoma
0207 343 020

Name of the register

Santelo Oy:n asiakas – ja markkinointirekisteri (”Asiakasrekisteri”).

Purpose of collection of personal data and legal basis for processing

General information on processing of personal data

Insofar as the Customer Register contains personal data, the Privacy Act and other applicable laws, regulations and administrative provisions regarding the processing of personal data will be followed in their processing. Personal data refers to information that can be associated with a particular person. This document describes in more detail the procedures for collecting, processing and disposing of personal data as well as the rights of the customer ie the data subject.


The primary reason for handling personal data is the customer relationship between the customer and Santelo, the legitimate interest of the controller, the consent of the customer, the assignment of the customer or any other relevant connection. The purpose of processing personal data is:
a. Customer sales and contract management
b. Creating tenders for products and services at customer’s request
c. Performing deliveries under contracts with customers
d. Providing user support for our services
e. Improving and developing the quality, functionality and user experience of our products and services, and the Santelo site
f. Handling of orders and invoicing, payment processing and other financial follow-up

Potential customers

Santelo processes personal information about potential customers for marketing purposes. In order to provide targeted and relevant content to potential customers, Santelo can create profiles related to your interests, based on your mobility on the sites and the choices and actions you make on Santelo, as well as how you reacted to email marketing. The legal basis for such processing is primarily your consent.

Job applicant

If you are a job applicant, we will process your personal information so that we can assess your chances of working with Santelo. The legal basis for such processing is primarily your consent.

Data content of the register

Customer Information

First name and Last Name
Street address, postal code, postal address
Email address
Phone numbers
Other information provided by the customer

Automation of marketing

Marketing automation and re-marketing tools used by Santelo, are using third-party cookies. When a visitor visits our site, a unique cookie is stored in the browser for roaming. If a visitor submits personal information, for example, by completing a contact or other form on the site, the unique cookie will be associated with the personal information provided by the user.

Network marketing

Santelo uses partners’ services to deliver targeted online advertising. Service providers can add cookies to gather information about the visit on our website and target the visitor’s interest in Santelo’s interest.

E-mail Marketing

We will send information about our current news, events and services by e-mail to people in our customer and / or marketing records. From our email distribution list you can exit at any time by the link at the bottom of the email. E-mail messages may contain cookies and web beacons, which allow us information on whether you opened or read the message.

Links to the third-party services

Our websites include links to external services, such as LinkedIn, Twitter and Facebook share buttons. Through these external service providers may install the link cookies to the user’s computer, the use of which is not controlled by Santelo.


We are using third-party services on our website that produce web analytics. We use the analytics to improve our web service.

Regular disclosure of information

The register information can be shared with the registrar’s subcontractors. We demand legality from all subcontractors.

The registrar can also outsource processing of your personal data to companies outside the enterprise that may also be located in countries outside the European Union and the European Economic Area, such as the United States. These companies can process personal data to provide, for example, infrastructure IT services, or other services. In such cases, sufficient data security and processing of the register are handled by EU-U.S. – Privacy Shield, or by contract using the EU Commission-approved template clauses

Principles of registry protection

Data is kept technically secure and physical access to data is blocked. Access to information requires adequate rights, as well as authentication. Unauthorized access is also prevented by, for example, firewalls and other technical protection. Only the Registrar and the designated persons can access the registration information. Users are bound by the confidentiality obligation. The registration information is backed up safely and will be returned as needed.

Periods of retention

The Registrar retains personal information only as long as is necessary for the purposes for which the data were collected, offered by applicable law and in accordance with the requirements of laws and regulations, in particular in accordance with accounting requirements.

The information for potential customers is stored for one year.

The right to check and modify the registry information

The Registry person has the right to inspect, correct and delete his / her own data or refuse to process data for justified reasons. The request must be made in writing to the Registrar. Under the terms of the law, you must sign your request and include a photocopy of your identity card showing your signature. You must also indicate the address to which the reply should be sent.