Privacy Policy

In this privacy policy, we provide information solely about the customer register of Vaarojen Majat Johku Store and its principles of data processing.

We may occasionally change our data protection practices and this privacy policy. We recommend regularly reviewing our privacy practices.

1. Data Controller

Vaarojen majat
Savontie 4, 73900
+358 400933508
y-tunnus 2778346-3

2. Person in charge of register matters and/or contact person

Eerika Korhonen
Vaarojen majat
+358 400933508

3. Register Name

Customer Register of Vaarojen Majat Online Store

4. Legal Basis and Purpose of Processing Personal Data / Use of the Register

The legal basis for processing personal data is the contract, which is formed when the customer orders products and/or services from Vaarojen Majat online store. The purpose of the register is to enable online trading through Vaarojen Majat online store, such as transmitting order information, billing information, payment confirmation information, or processing information between Vaarojen Majat and the customer. In addition, the register is collected to enable customer service contacts, maintain customer relationships, and for electronic marketing communication when the customer has given their consent.

Vaarojen Majat does not store orders placed with other merchants or related information in its customer register.

The data is not used for automated decision-making. The data may be used for profiling.

5. Data Content of the Register

  • First and Last Name

  • Address

  • Postal Code

  • Country

  • Phone Number

  • Email Address

  • Personal Identification Number (for private billing customers)

  • Order Source Page

    Additionally, for companies, the following information is registered:

  • Company Name

  • Business ID

  • E-invoice address

  • Intermediary Code

  • Reference

  • Brand

Furthermore, in the additional information field of the process, the customer is given the opportunity to voluntarily provide any other relevant information they deem necessary.

Data Retention Period

Information is retained for as long as the user and Vaarojen Majat have a valid mutual agreement and/or consent.

Information may be retained longer to the extent necessary to fulfill obligations imposed by applicable law, such as accounting and consumer trade responsibilities, and to demonstrate their proper implementation.

6. Regular Data Sources

The information is collected via electronic forms on the Johku online service. Customers enter the information personally when ordering from Vaarojen Majat's Johku online store.

7. Regular Data Disclosures and Transfer of Data outside the EU or European Economic Area

Information is not separately disclosed to third parties and remains solely with the data controller. However, technically, data may be processed outside the EU or the European Economic Area.

8. Principles of Register Protection

Carefulness is exercised in the processing of the register, and the information processed through data systems is appropriately protected. When registry data is stored on Internet servers, the physical and digital security of the hardware is properly maintained. The data controller ensures that the stored information, as well as server access rights and other information critical to the security of personal data, are treated confidentially and handled only by those employees whose job description requires it.

Electronically Stored Information

The registry is located in the Johku service, with data processing conducted by Aptual Commerce Oy. Full registry information can only be accessed by the data controller and the technical maintenance personnel of Aptual Commerce Oy.

For more information on the privacy principles of the Johku service, visit:

Manual material

In principle, we avoid printing data from the registry as manual material. If, in some situations, manual material is printed from the registry, it is stored in a locked space, and only the data controller has access to the material.

9. Right of Inspection and Exercising the Right of Inspection

Every individual in the registry has the right to check the information stored about them in the registry and to correct any incorrect or incomplete information. This right is automated by the Johku system used by Vaarojen majat in the following way:

Johku communicates with the user via the "My Johku" service regarding the processing of their personal data in conjunction with the merchant's confirmation messages. These messages contain a link to the "My Johku" service.

In "My Johku," the user can review the information stored about themselves and make any necessary corrections. The service also includes functionality that allows the user to download the data in a structured format for transferring it from one system to another. The "My Johku" service can be accessed at any time at

"My Johku" also provides the option to terminate the "My Johku" agreement and remove the data from "My Johku." If the user stops using "My Johku" and terminates their agreement with Johku, all automatic functionalities related to managing personal data cease. After the termination of the agreement, the user must manage their own information (inspection, correction, right to be forgotten, restriction, right to data portability) in writing directly with Vaarojen majat. Vaarojen majat may request the requester to prove their identity if necessary. Vaarojen majat will respond to a written request within the timeframe specified in the EU General Data Protection Regulation (usually within one month).

The use of the "My Johku" service is free of charge.

10. Other Rights Related to the Processing of Personal Data

An individual in the registry has the right to request the deletion of their personal data from the registry ("right to be forgotten"). Similarly, individuals in the registry have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations.

However, it should be noted that the information stored in the Vaarojen majat customer registry is always generated when a customer purchases products and/or services. In this case, Vaarojen majat is also bound by the obligations of accounting and tax legislation regarding the retention of data.

Requests should be sent in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within the timeframe specified in the EU General Data Protection Regulation (usually within one month).

13. Cookies

This website uses cookies. The site sends a small file to your browser, which is stored on your computer's hard drive. Both session cookies (temporary) and persistent cookies (stored on the hard drive) are used. The purpose of the cookie is to enhance the user experience on the site. If you are a registered user, the cookie also manages login and access to pages intended for registered users only. Cookies can be used to track and analyze user interests and thereby influence the usability of the service. Internet browsers generally accept cookies automatically. If necessary, you can disable the use of cookies in your browser settings, although this may affect some functionalities.

Advertising cookies may be used to help optimize the advertising experience for the user of the service. Some third-party providers, including Google, may also use cookies or web beacons (1-pixel image files) to improve the advertising experience.

The information collected through cookies and web beacons does not contain personal information about the user. Online activities cannot be linked to a specific individual through this information.

Compiled: 17.1.2023