Menu
Ravintorengas Oy
This privacy policy describes how Ravintorengas Oy (”Ravintorengas” or ”data controller”) processes personal data. This privacy policy applies to the websites, marketing, customer relationship management, products, and services provided by Arctic Pine Bark (arcticpinebark.com), Karin Havupuu-uutejuoma (karinhavu.fi), Pinena (pinena.fi and pinena.com), and Ravintorengas (ravintorengas.fi).
We comply with all applicable data protection legislation in the processing of personal data. The term ”data protection legislation” refers to the current data protection laws, such as the General Data Protection Regulation of the European Union (2016/679) and the Finnish Data Protection Act (5.12.2018/1050). Any data protection-related terms not defined in this privacy policy will be interpreted in accordance with data protection legislation.
Our services and websites may contain links to external websites and services operated by other organizations. This privacy policy does not apply to their use, so we encourage you to review their respective privacy policies separately.
”Personal data” refers to any information concerning natural persons (”data subjects”) from which an individual can be directly or indirectly identified, as defined more specifically in the data protection regulation.
Data Controller: Ravintorengas Oy
Business ID: 0222773-5
Address: Kuusistontie 3, 29810 Siikainen
Email Address: herttua(@)ravintorengas.fi
The purposes (and legal bases in parentheses) for processing personal data are as follows:
When we process personal data based on a legitimate interest, we assess the benefits and potential drawbacks to the data subject and have determined that the rights and interests of the data subjects do not override the legitimate interest. Upon request, we provide further information about the processing of personal data based on a legitimate interest.
|
Data Category |
Examples of Data Content |
|
Identification and Contact Information |
Customer’s name, address, phone number, and email address. |
|
Health Information |
Health information and contact information provided voluntarily or upon request by individuals who have consented to interviews about their user experiences through Ravintorengas’ website, by phone, or via email. |
|
Information related to products and services, including orders and customer communication |
Information about processed orders, delivery times, and information related to agreements, billing, customer communication, and complaints. |
|
Information related to marketing (including direct marketing) and events, as well as consents and opt-outs provided by the data subject |
Contact details for marketing purposes, as well as information collected during events and gatherings. Consents and opt-outs related to direct marketing. |
|
Information related to the use of websites and other electronic services |
IP address, electronic communication identifiers, search and browsing data, browser and operating system data, and registration information. |
We receive information about payments for our services from payment service providers (e.g., Stripe and Verifone).
We retain personal data for as long as necessary to fulfill the purposes defined in the privacy policy and always for the duration required by legislation (e.g., responsibilities and obligations related to accounting or reporting), or for the resolution of legal disputes or similar disagreements. After the termination of the intended use, personal data is deleted or anonymized within a reasonable timeframe.
Upon request, we provide additional information about the practices of retaining personal data.
Various service providers and other third parties, such as providers of technical solutions, server hosting providers, or accounting and financial management service providers, may be used in the processing of personal data. We ensure that the entities we work with in processing personal data have the necessary agreements as required by data protection legislation.
Personal data may be disclosed to third parties in situations required by legislation or authorities, as well as for the investigation of misconduct and to ensure security. Additionally, personal data may need to be disclosed in connection with legal proceedings or similar legal procedures.
If the data controller or a company within the same group is involved in a merger, business transfer, or other corporate reorganization, personal data may be disclosed to the parties involved in the arrangement or to entities assisting in the arrangement.
Customer’s personal data may be published to the extent that the customer has provided specific consent.
Upon request, we provide additional information about the recipients of personal data.
When data is transferred outside the European Union or the European Economic Area, the company ensures an adequate level of protection of personal data by, among other things, entering into agreements on the processing of personal data as required by data protection legislation, such as using standard contractual clauses approved by the European Commission. Data is transferred to the following recipients:
Information security and the protection of personal data are of paramount importance to us. We employ appropriate technical and organizational safeguards to protect personal data. We also ensure the fault tolerance of our systems and data recovery capabilities. Access to personal data is limited to only those who are expressly authorized. Parties handling personal data are bound by confidentiality obligations related to the processing of personal data.
Manual records are stored in locked rooms in locked archive cabinets at service provider facilities.
Data subjects have rights to their personal data in accordance with data protection legislation. The application of these rights in individual cases depends on the purpose and situation of the processing of personal data.
Exercising Rights
We encourage you to contact us if you have any questions regarding the processing of your personal data.
You can submit a request regarding data subject rights by mail or email using the contact information mentioned in this privacy policy.
The identity of the requester may be verified before processing the request. Requests are generally responded to within a reasonable time, typically within one month from the request and identity verification. If a request cannot be accommodated, this will be communicated separately.
Data subjects have the right to lodge a complaint with the relevant data protection authority if they believe that their personal data has been processed in violation of data protection legislation.
You can find the contact information for the Finnish data protection authority here.
This privacy policy may need to be amended from time to time, which may also be based on changes in data protection legislation. We recommend regularly checking the privacy policy for any updates. The latest version is available on our website.
This privacy policy was published on October 13th, 2023.
Disclaimer on site use
Professional Audience: This website is specifically designed for professionals and is not intended for consumer use or consultation.
Ingredient-Focused Claims: Please be advised that any claims presented on this website pertain exclusively to the individual ingredients contained within our products and not the finished products themselves.
Regulatory Compliance: The information made available on this website might not align with regulations established in specific markets or countries. It is the responsibility of the user to verify compliance on a market-by-market basis, particularly in connection with the attributes of finished products.
By proceeding to use this website, you acknowledge your understanding and acceptance of these terms. We appreciate your cooperation and understanding.