Cookie Settings
Personal Data Act (523/1999) Sections 10 and 24
This privacy statement is based on the EU General Data Protection Regulation (GDPR), which governs the rights of EU citizens to data protection and the confidential processing of their personal data.
Data Controller
Aqva Finland Oy (Business ID: 2351337-8), Puusepänkatu 2D, 00880 Helsinki, Finland
Tel: +358 10 321 5080
Person Responsible for the Register
Customer Service (myynti@aqva.fi)
Name of the Register
Customer and Marketing Register
Purpose of Processing Personal Data
The data controller provides water purification and filtration products as well as water analysis services for households. Our product and service range includes high-quality solutions for the needs of homes, cottages, and offices.
For the needs of industry, healthcare, and public spaces, we offer Finland’s most comprehensive range of water fixtures and water treatment solutions. We also provide water testing and analysis, installations and maintenance services, and financing options tailored to your needs. Customer assignments are recorded in our enterprise resource planning system. Private customers can use our online store for orders and service requests. The stored data forms a personal data register. The data controller also uses a marketing tool.
The information collected is used to verify customer transactions, improve customer service, market products and services, and manage customer relationships related to the services provided by the controller.
When newsletters are sent via email, the cloud service collects data on which links are opened. This enables us to create more personalized customer experiences and offers.
Personal data is processed only to the extent necessary for the purpose of the register.
Contents of the Register
The registers include information related to new customer acquisition, marketing, and contract customers. These may include:
- Name
- Address
- Postal code and city
- Phone number
- Email address
- Company
- Business ID
- Opened links
- Time spent on the page
- Payment information
- Device maintenance details
Regular Sources of Information
The register contains contact information received from contractual customers. Customer information is updated whenever the customer provides new details or updates their information via our online store to ensure accuracy.
Disclosure of Information
As a general rule, information is not disclosed to third parties. However, data may be provided to authorities, for debt collection, or for similar purposes when necessary. Warranty service-related personal data may be shared with the product manufacturer when required.
When a customer pays using Svea Payments, they provide their information directly to the Svea Payments service. If you use the Chat service on our website, your data is forwarded to our partner who manages the Chat service on our behalf.
Transfer of Data Outside the EU/EEA
Data is generally not transferred or disclosed outside the EU or European Economic Area unless required for the technical execution of data processing, in which case all data transfers comply with applicable data protection laws.
Data Retention Period
Personal data is retained only for as long as is necessary for the processing purpose or as required by law.
Principles of Register Security
The data controller’s systems are provided by service providers or hosted in the cloud. Files are protected using commonly applied technical security measures in business operations. Access to the register is confidential and limited to personnel with individual usernames and passwords whose job roles require access. The staff of the data controller is bound by confidentiality obligations.
Right of Access
Everyone has the right to access their personal data stored in the register. A written and signed or otherwise reliably verified access request must be submitted to the contact person responsible for the register. Identity will be verified using a photo ID or another reliable method before disclosing the data.
Right to Request Correction
Anyone who notices that their personal data in the register is incorrect, incomplete, or processed in violation of the register's intended purpose or applicable law has the right to request the correction, blocking, restriction, or deletion of the erroneous data. Corrections can be made by the customer through their online store account or by submitting a written or emailed request to the contact person responsible for the register. One request per year can be made free of charge. Additionally, products can be purchased without being added to the customer register by visiting our physical store.
Anyone who believes their rights under the GDPR have been violated has the right to lodge a complaint with the data protection authority.
Changes to the Privacy Policy
The data controller continuously develops its operations and reserves the right to amend this privacy policy. Legislation may also change, so we recommend reviewing the content of the privacy policy regularly.
