Privacy Policy

Last updated March 14, 2025

table of contents :

1. Scope of application of this privacy policy
2. Business name/Personal information manager
3. What types of personal information and personal-related information do we handle?
4. Sources of personal and personally identifiable information
5. Purpose of use of personal information and personal related information
6. Provision of personal information and personal-related information to third parties
7. Regarding shared use of personal information and personal-related information
8. Transfer of personal information and personal-related information outside Japan
9. Regarding the safe management of personal information and personal-related information
10. Your rights
11. Procedures for responding to requests and demands regarding personal data held by us
12. Cookies
13. Updates to this Privacy Policy

1. Scope of application of this Privacy Policy

We take your privacy seriously and all personal information will be handled in accordance with current legislation, in particular the Act on the Protection of Personal Information (APPI). We will use your personal information and personal-related information in accordance with the APPI and other relevant laws, statutes and guidelines and will inform you of the purposes for which we use such information.

This Privacy Policy explains the personal information we handle, how we obtain it, and how we use it. It also provides detailed information about providing personal information to third parties, transferring personal information outside of Japan, and the safe management of personal information. It also provides information about your rights and the procedure for responding to your requests.

Please note that our personal information manager is located in the EU (European Union), so the relevant provisions of the EU General Data Protection Regulation (GDPR) apply to the handling of personal information within the EU. This ensures that the handling of personal information is appropriately protected. For details on the transfer of personal information outside of Japan, please refer to the relevant section.

2. Business Operator/Personal Information Manager

If you visit the STR Nordic Oy HOHDE website, order products or contact us in any other way, the data controller responsible for the processing of your personal data is:

Personal information manager:

STR Nordic Oy (VAT number: FI28928265)

Sarkiantie 409

38200 Sastamala

Finland

Representative:

Tuomas Havukainen ( Chief Operating Officer/COO )

3. Types of personal information and personal-related information handled

The information we hold about you is based solely on your relationship with us. We may hold basic contact information for business associates (name, address, phone number, and/or email address). If you order products from us, we will also hold your order and payment history and other information related to your customer account. We also keep a record of your correspondence with business associates and may store additional information contained in email content. For more information about cookies, please see the "Cookies" section.

Additional Information

3.1 Personal and Personally Related Information of Customers and Potential Customers

We hold the following information about you:

Name, address (postcode and city name), customer ID or website account number (a unique identification code used to identify customers whose personal data we hold), email address, order history, and email history if you have contacted customer service by email.

In addition, inquiries to the telephone number listed in the "Information Based on the Specified Commercial Transactions Act" may also be handled. Your personal information may also be used to manage your website account and send you e-mail newsletters. In addition, if you provide your name in a consumer review posted on a product page, that may also be made public.

We also retain the name, email address and email history of any correspondence with our customer service department if you are not a customer of ours but have contacted our customer service department in any way, or if you have registered an account on our website or subscribed to receive our newsletters or marketing communications.

If applicable, our systems also store the IP address of the device that placed the order and information collected through cookies (e.g. via which channel you accessed our online store). For more information about cookies, please see the section "About Cookies".

3.2 Personal information and individual numbers requiring special consideration

We will not store any personal information requiring special consideration (e.g., race, etc.) or personal identification numbers (My Number) in our customer's personal information database. However, records of email correspondence with our customer service may contain sensitive personal information, such as health information, that you voluntarily provide. This information will not be used for any other purposes, and we will endeavor to delete it as soon as possible. We ask that you do not provide us with such sensitive information or personal information requiring special consideration.

3.3 Children's Personal Information

As a general rule, we do not process personal data of children (i.e. people under the legal age to place orders via e-commerce). Orders for our products are intended for people who are legally able to enter into contracts.

However, for e-commerce sales, we may not be able to verify your age. Minors placing orders through our website must do so in conjunction with or with the consent of a parent or legal guardian, especially for children under the age of 15.

3.4 Technical data

When you place an order through our Website, we collect certain technical information at that time, including log data.

4. Sources of personal information and personal-related information

We obtain personal and personal-related information from you, those who contact us, or those who provide us with information directly in other ways. This is obtained when you place an order, contact customer service, create an account on our website, sign up for our newsletter or marketing advertisements, or submit a consumer review. We may also confirm your personal information through social media. In addition, we may obtain personal information through cookies. For more information, please refer to the "Cookies" section.

Additional Information

If we hold personal or personally identifiable information about you, that information was obtained from you in at least one of the following ways:

4.1 Ordering

When you place an order through our website, we collect personal information from you.

4.2 Contact Us

If you contact our customer service by email, through the contact form on the website, or through other means, our customer service will need to process your personal information (email address, order information, phone number, etc.) This may also include calls to the phone numbers listed in the Specified Commercial Transactions Act.

4.3 Customer Account or Newsletter Registration

Our website allows you to create a customer account and sign up for newsletters and promotional emails. If you do either, we will collect personal information necessary to create your account and/or to add you to our newsletter distribution list.

These registrations can be made either at the same time as your order or separately from your purchase.

4.4 Consumer Product Reviews

Our website has a feature that allows you to post reviews of our products, and the opportunity to post reviews may be included in the materials you submit. If you post a review, we will collect the information you post along with the review content. This information will be published on the product page of the relevant product and elsewhere on our website, as well as on other materials that link to our website. This may include personal information. This information is collected separately from other information.

4.5 Information available on social media

We may be able to see information that other users of Facebook can see, including your name, publicly available photos, and other information posted on our Facebook page. Personal information posted on our Facebook page or in the comments will not be transferred to other systems unless you are notified or requested to do so. In general, we encourage you to contact us using our customer service email address or contact form on the website. However, messages sent to you through Facebook private messages may contain personal information.

Please note that this information is not stored in a separate database and is only available in your private Facebook messages.

5. Purpose of Use of Personal Information and Personal-Related Information

We use your personal information and personal related information for the purposes of providing product purchasing services, marketing, product delivery, customer service operations, and overall development and improvement of our business. We also use personal information for email marketing with your consent. We also use personal information for training, statistics, product reviews, and to fulfill legal obligations. Where necessary, information may also be used for moderation purposes (monitoring and managing content).

Furthermore, in accordance with the APPI (Act on the Protection of Personal Information), the restrictions on the use of your personal information do not apply in the following circumstances:

1. When required by law (including ordinances).
2. When the information is necessary for the protection of a person's life, body, or property and it is difficult to obtain the consent of the individual.
3. When it is particularly necessary for the improvement of public health or the promotion of healthy child development, and it is difficult to obtain the consent of the individual.
4. When it is necessary to cooperate with a national government agency, local government entity, or a person commissioned by them in carrying out duties prescribed by law, and obtaining the individual's consent is likely to impede the performance of those duties.

Additional Information

5.1 Provision of website services

In order to provide the services you or our site visitors request, we need to process personal and personal related information, for example to obtain information about products that may interest you and enable you to purchase them through our website. This includes processing your IP address to view the website, as well as the processing of personal information by our agents/contractors.

5.2 Fulfillment of orders

We use your personal information to fulfil orders placed through our website and ship the products you order, which requires the use of payment service providers to process payments, as well as subcontractors to ship and deliver the products to you.

We also use personal information and personally identifiable information when handling product complaints and processing refunds.

5.3 Preventing fraudulent purchases

Our payment service provider may use additional information to prevent fraudulent purchases during order processing and, where necessary, to meet credit card security guidelines. The handling and processing of additional information in relation to the buyer authentication via 3D Secure is performed by the payment service provider.

5.4 General Contact

We may use your personal information to inform you about the status of your order, potential supply or delivery issues, or other customer service related communications, and we may contact you to respond to your customer service requests.

5.5 Promotional emails and newsletters

With your consent, we use your personal information to carry out email marketing. Promotional emails and newsletters may contain interesting information such as advertisements, special offers, our blog content and tips. If you receive promotional emails, you can unsubscribe from receiving promotional emails or newsletters.

We may also include requests for product reviews and related marketing content in important email communications to you regarding your order, but we will not send you any separate marketing emails unless you have subscribed or consented to receiving promotional emails.

5.6 Statistical Reports, Surveys and Consumer Reviews

We compile statistics about sales, customers and campaigns and use them for sales management. These statistics do not usually involve the processing of anonymous information and do not include personal information or are processed as aggregated general data, not treated as individual anonymous data. We also receive feedback about our products for product development purposes and conduct surveys to compile statistics. If the survey allows anonymous responses, we ask respondents not to include personal information. We do not currently aim to create an anonymous processed information database.

Product reviews can be submitted through surveys or on the website. The purpose of the product reviews is to share consumer opinions based on actual use with other customers and potential customers, and these may be published on our website or materials linked to the website . We will review the content of any comments submitted to the consumer reviews and may delete any comments that we deem to violate our website terms of use .

5.7 Accounting and Other Legal Obligations

We use your personal data to comply with provisions based on laws, courts and decisions of public authorities. Personal data is processed regularly for the purposes of compliance with the Finnish Accounting Act and various other legal obligations exist, such as retaining information for record-keeping purposes, even if the information is not actively used in business activities.

5.8 Quality control and employee training

We want to provide a high level of customer satisfaction, which is why we place a strong emphasis on training our employees on all matters related to their jobs. Therefore, personal information will also be processed for the purposes of training new employees and other relevant parties, and for general quality control purposes, as well as as part of the security measures for employees who process personal information.

Personal information used for quality control and training may include information contained in customer service transactions (such as information in customer service emails) and personal information contained in personal data held by us (such as customer account information and shipping information). As part of quality control, we may randomly review personal information to ensure that the services we provide meet our required quality standards or when we need to evaluate a particular customer service interaction or complaint handling in accordance with our responsibilities.

5.9 Dealing with requests and complaints

When responding to requests and complaints, we may need to process customer information to verify your identity, change account information, and fulfill other requests you make.

5.10 Targeted Advertising

We use your Personal Information, Personal Information and your purchase information to display advertisements that are relevant to your interests. This may involve analysing and using information about products you have purchased or viewed (browsing history and purchase history) and therefore displaying advertisements for the same or similar products or products that may be of interest to you. This may take place online, for example through social media.

Information related to these measurement services and behavioral history may be obtained directly by Meta (Facebook) and stored for up to two years in accordance with Meta's policies and may include information such as IP addresses. To learn how to exercise your rights, please visit Facebook Ad Settings and change your settings directly through Facebook or visit http://www.aboutads.info/choices to opt out of having your information used for ad targeting. For information about information collected through the use of cookies, please see our Cookie Policy .

5.11 Social Media Accounts

We may see general information provided by social networks such as Facebook, such as likes and visits to our pages, comments on posts, private messages, statistics related to posts, and other aggregate information that Facebook may provide to companies (such as to measure the performance of ads). We may use this information to respond to comments and private messages or for statistical purposes and to compile reports.

In addition, if content posted on our social media pages violates the posting moderation policy set out in our website terms of use , we may process personal information in the process of monitoring and managing our social media pages.

6. Provision of personal and personal-related information to third parties

In principle, we will not provide personal information to third parties without your consent, except in cases stipulated in the Act on the Protection of Personal Information (APPI) or in other exceptional cases described below.

We use contractors and agents to carry out various tasks, such as product delivery, sales, system and platform management, compilation of statistical information, and accounting procedures at accounting firms, and therefore transfer information to third-party business partners. When providing information to contractors/contractors, we provide only the information necessary to carry out the task, and enter into a contract regarding the handling of personal information. If personal information is provided to a contractor for any task related to the handling of personal information, the contractor will carry out the commissioned task on our behalf based on a contract with us. For example, in sales transactions, information is provided to Shopify Payments, our contractor.

We may also provide information to government agencies and other public institutions based on legal obligations. Our contractors may also need to fulfil legal obligations in carrying out tasks entrusted to them by us. We may also need to transfer information within our group of companies for technical or outsourcing purposes. Where other companies within the group handle the information, they will all do so as our "contractors" under contract. These companies may not use the information for their own purposes.

Additional Information

6.1 Exceptions to third party transfers under the Act on the Protection of Personal Information (APPI)

• When required by law
• When it is necessary for the protection of a person's life, body, or property, and it is difficult to obtain the individual's consent
• When the information is particularly necessary for the improvement of public health or the promotion of healthy child development, and it is difficult to obtain the individual's consent
• When it is necessary to cooperate with a national government agency, local government entity, or a person commissioned by them in carrying out duties prescribed by law, and obtaining the individual's consent is likely to impede the performance of those duties.

6.2 Provision of personal information to contracted companies and subcontractors

We provide personal information to our contractors and agents to enable us to carry out our business in connection with transactions, delivery, and certain advertising purposes. Our contractors and agents are as follows:

• Technology system providers, including IT services and system maintenance
  
• Logistics Partner
• Transportation Services
• Payment service providers and payment gateways when processing credit card payments
• Accounting Firm
• Email, Social Media and Marketing Partners

The contractors and subcontractors listed above may not use the entrusted personal information for their own purposes under any circumstances. Only the personal information necessary to perform the entrusted services will be provided under strict conditions. The subcontractors will only handle personal information within the scope of the specific purposes of use specified by our company. We have entered into appropriate contracts with our contractors and subcontractors regarding the handling and protection of personal information.

6.3 Transfer of Information via Shopify Payments

Our website allows you to make credit card payments through Shopify Payments. Shopify Payments provides integrated payment services, which in turn are handed over to another payment processor. Shopify acts as our contractor and transfers the information to Stripe Payments Europe, Ltd. When you pay through Shopify Payments, your payment information is also transferred to Shopify. Stripe is provided with the following information during purchase:

- Your name

·address

·email address

Payment information

Stripe processes your personal data during payment processing as the online store's agent for payment processing, however Stripe acts as an independent data controller with regard to the processing of personal data it holds related to financial payments and processes this information separately to fulfil its own legal obligations (e.g. as a payment processor).

For information about Stripe's handling of "End Customer" data, please see Stripe's Privacy Policy . Additional information and frequently asked questions can be found on Stripe's Privacy Center page.

6.4 Disclosure of personal data to EU or Member State Authorities

If disclosure is required by the laws of the EU or member states, we are obligated to disclose your personal information to the authorities. Since the Personal Information Protection Commission (PPC) of the EU recognizes that it has a system for protecting the rights and interests of individuals equivalent to that of Japan, such requests are rare, and even in such cases, the information disclosed is limited to the minimum necessary.

6.5 Third Party Legal Obligations

The information provided in the course of the assignment may also be processed or kept for a longer period at the assignee due to legal obligations. The payment service provider has its own legal obligations and requirements regarding the processing of personal data according to the EU legislation on payment services. Furthermore, our accounting firm is legally responsible for the handling and storage of books and records in order to fulfil its legal obligations under the Finnish Accounting Act.

Personal information held in this manner will be used and retained by the contractor only for the purposes specified by laws and regulations applicable to that business when the contractor provides services to our company.

6.6 Provision of personal information within the Group

Personal information may be transferred within the group due to the allocation of employees and system resources. The provision of information within the group is done in accordance with the consignment contract (data processing agreement), and group companies that are consignees or contractors will not use personal information for purposes other than those specified by the personal information administrator. In addition, the information will not be used jointly or for the purposes of other companies.

6.7 Involvement in a Sale or Merger

If a personal information handling business or a group to which it belongs is involved in a sale or merger, the personal information handling business or group has the right to provide all personal information and personal data held by it to the parties concerned as a result of the sale or merger. If the group judges that such a measure will be in the group's interest in the future, it may take such measures. In such cases, the parties concerned will be notified of the purpose of use of the held personal data. If the purpose of use changes as a result of the sale or merger, the parties concerned will be asked to consent to the new purpose of use.

6.8 Targeted Advertising

We provide personal information to Facebook (Meta) for targeted marketing/advertising purposes. This means that the information we provide to Meta will be combined with information Meta has about the same person. This process includes forwarding a hashed email address. This allows us to provide you with more relevant information about our products that may be of interest to you. Note that Meta may also show ads to people who are not our customers.

We act as a personal information handling business operator for the information we provide to Meta, but Meta is responsible as a personal information handling business operator for personal information that it manages and holds separately (including information that may be matched with information provided by us).

7. Shared Use of Personal Information and Personal-Related Information

Personal information and personal-related information are jointly used in the following circumstances: with the parent company of the Group (STR Nordic Oy), based on the definition of "joint controllers" in the EU General Data Protection Regulation (GDPR). The information provided in this Privacy Policy focuses on matters that need to be described regarding joint use.

Additional Information

7.1 Purpose of joint use

The personal information handled by our company will be used jointly with our parent company in order to provide services to customers.

7.2 Items of personal information to be jointly used

All items listed in "3. Types of personal information and personal-related information handled " above will be used jointly by our parent company.

7.3 Scope of joint users

The scope of joint users is limited to STR Nordic Oy, the parent company of our group.

7.4 Purpose of Use

The purpose of the joint use is to provide customer service, maintenance, marketing campaigns, and other activities related to the business of the online store. The parent company is responsible for and makes decisions regarding these activities. Personal information will be handled in accordance with the contents of this Privacy Policy.

7.5 Contact details

The name, address, and representative of the person responsible for managing the personal information are as follows:

STR Nordic Oy (VAT number: FI28928265)

Sarkiantie 409

38200 Sastamala

Finland

Representative:

Tuomas Havukainen (Chief Operating Officer/COO)

8. Transfer of personal information and personal-related information outside Japan

We are a company located in Finland in the European Economic Area (EEA). According to the provisions of the Personal Information Protection Commission (PPC), data transfer to countries in the EEA is considered to have the same level of protection as the Act on the Protection of Personal Information (APPI) of Japan, and international transfer is possible. Data transfer to other countries is required to have sufficient data protection measures in accordance with the APPI.

We aim to process as much of your personal information as possible within the European Economic Area, but some information will also be transferred outside the EEA as Shopify's servers and services used by our online store are located outside the EEA, and some processing by other contractors may also involve transferring your information outside the EEA.

Additional Information

We use Shopify's EC platform to operate our online store. Shopify is not a personal information handling business, but one of our subcontractors/contractors. Shopify uses servers located outside the EEA (European Economic Area) (Canada/USA), where the personal data held by customers is stored. Shopify Inc. is located in Canada, and the European Commission has determined that an adequate level of data protection is ensured for data transfer to Canada. Canada has comprehensive laws on the protection of personal information in the private sector. We have entered into a contract (data processing agreement) with Shopify that specifies the implementation of personal information protection measures. In addition, Shopify has also entered into EU Standard Contractual Clauses with its subcontractors, and data may be further transferred based on them.

In addition, we or our contractors will transfer information to the United States. The European Commission has determined that the EU-US Data Privacy Framework (EU-US DPF) provides an adequate level of protection for personal information in third countries, including for transfers to US companies that are part of the framework. This determination is based on the Enhancing Safeguards for United States Signals Intelligence Activities, and these safeguards also apply to data transfers based on the EU Standard Contractual Clauses.

Additionally, the United States and Canada comply with the Organisation for Economic Co-operation and Development (OECD) Privacy Guidelines, and our third-party provider, Stripe Payments Europe, Ltd., participates in the Cross Border Privacy Rules (CBPR) and Proprietor Privacy Rules (PRP) frameworks, and transfers of personal data are conducted pursuant to their certifications.

These data transfers are from the EU to countries outside the EEA (European Economic Area) and therefore take place on the basis of either:

1. When the level of personal information protection in the target country is equivalent to that in the EEA according to the European Commission's "Adequacy Decision" and when based on an appropriate data processing contract

2. When using EU Standard Contractual Clauses (contracts with subcontractors) and supplemental measures to ensure that personal information is transferred and processed to the same extent as within the EEA

We use transfer mechanisms required by the General Data Protection Regulation as required by EU law, and the level of data protection in the EEA is deemed to be equivalent to that of the Act on the Protection of Personal Information (APPI) of Japan, so lawful data transfers under EU law are deemed to meet the same level of protection. The same level of protection is also required for information transfers from our contractors to their subcontractors, and is guaranteed by appropriate contracts and measures, including "standard contractual clauses" and "adequacy decisions". Information transfers within the EU/EEA are already subject to the GDPR and are deemed adequate by the Personal Information Protection Commission (PPC) of Japan.

We regularly check whether the destination country can implement an adequate data protection standard. If there is a change in the EU's "adequacy decision" in the future, or if the protection measures provided by the trustees and contractors are deemed inadequate, we will promptly take measures to transfer the information to trustees and contractors outside the European Economic Area (EEA) that meet our personal information protection requirements, or to move the information handling to within the EEA.

9. Safety management of personal information and personal-related information

In order to prevent the leakage, loss, or damage of personal information and personal-related information that we handle and to ensure security within our system, we take necessary and appropriate safety management measures to protect your personal information and personal-related information. Personal data is strictly managed, and security measures are implemented in the following ways.

Additional Information

9.1 Database Security Management

Our personal information databases are protected by mechanisms that prevent unauthorized access and malicious software, and additional security measures are also implemented.

9.2 Employee and organizational security management

The scope of employees who can access the personal information database is limited, and the scope of data they can access is also controlled. Each employee who handles the personal information database has signed a lifetime confidentiality agreement regarding the contents of the personal information database, and necessary and appropriate supervision of employees is implemented.

We have established basic policies, safety measures, and guidelines regarding the handling of personal information within the company, and review them regularly. Employees are educated on the appropriate handling of personal information according to their respective responsibilities, and a reporting system for cases has been established. Employees are instructed and confirmed on the correct use of equipment, programs, etc., and security measures are implemented. Through these guidelines and instructions, employees are thoroughly informed of the appropriate handling of personal information, from its acquisition, use, provision, storage, to its disposal.

9.3 Safety Management of Subcontractors and Contractors

The contractors and contractors entrusted with handling our system are responsible for taking sufficient technical and organizational measures to ensure the physical and technical security of the personal information database. We carefully screen our contractors when selecting them. Our contracts with contractors and contractors clearly define how they handle the entrusted personal information and the scope of their responsibilities, and necessary and appropriate supervision is provided. The contracts also include provisions regarding safety management measures.

10. Your rights

If we process your personal information and your information is in our personal information database (i.e. we hold your personal information), you have certain rights under the Act on the Protection of Personal Information (APPI).

You have the right to receive notice and the right to request disclosure (the right to request disclosure of your personal information held by our company). In addition, you also have the right to request the correction of inaccurate personal information, the deletion of your personal information under certain conditions, and the suspension of use of your personal information. In any case, there may be limitations set forth in the Personal Information Protection Act on our ability to comply with your rights.

In addition, if you have consented to receiving advertising emails, you also have the right to stop (unsubscribe) from receiving them.

Additional Information

10.1 Notification of intended use

You have the right to be informed of the handling of your personal information and the purpose of use of your retained personal data. These purposes of use are described in the section "Purpose of Use of Personal Information and Personally Related Information " of this Privacy Policy. The purposes of use are also clearly stated at the time of acquiring your personal data (on the order page) and are further detailed in this Privacy Policy. The order confirmation email also contains a description of the purposes of use in accordance with this Privacy Policy.

You have the right to request information about the purpose of use of your personal information held by us. If this information has already been provided in this Privacy Policy, then you are already provided with that information. In all other cases, we will respond to your request without undue delay.

10.2 Disclosure

You have the right to receive disclosure of any personal data held that can identify you. You also have the right to be notified if there is no personal information held that can identify you.

You have the right to specify how we respond to requests for disclosure of your personal data. Please see the Privacy section for more information on how we respond to requests for disclosure.

10.3 Correction of personal data held

If the contents of the personal data held are not true, you have the right to request correction, addition (or deletion). We will investigate the facts without delay and make any necessary corrections.

10.4 Request for deletion or suspension

If the contents of the personal data held are not true, the individual has the right to request its deletion. In addition, the individual has the right to request its deletion or suspension of use in any of the following cases:

1. Personal information has been handled in a situation where the individual's consent is required, but such consent has not been obtained

2. If personal information acquired through a merger is used beyond the scope of the original purpose of use and consent has not been obtained for the new purpose of use

3. If personal information is obtained through improper means

Furthermore, if personal data that can identify an individual is provided to a third party without the individual's prior consent or without going through an opt-out mechanism established by the Personal Information Protection Commission (PCC), the individual has the right to request that the provision of such personal information to the third party be suspended.

Furthermore, if your personal information has been provided to a third party in a third country without your consent or if the personal information does not fall under one of the exceptions set out in the Act on the Protection of Personal Information (APPI), you have the right to request that the provision of your personal data to that third party in that third country be suspended.

Additionally, if any of the following conditions apply, the individual has the right to request that the use of retained personal data that can identify the individual or the provision of such data to a third party be suspended.

1. When a personal information handling entity no longer needs to use retained personal data that can identify an individual

2. In the event of a personal data leak under the Act on the Protection of Personal Information (APPI)

3. When the handling of retained personal data that can identify an individual is likely to infringe on the individual's rights or legitimate interests

10.5 Unsubscribing from advertising emails

If you have subscribed to receive advertising emails or email newsletters, you can unsubscribe at any time. All advertising emails contain an unsubscribe button (link), and by clicking on it, your unsubscribe preference will be recorded in our system and you will no longer receive advertising emails from us.

11. Procedures for responding to requests and demands regarding personal data held by us

We will respond without delay to requests, inquiries, questions, and complaints regarding the various rights held by individuals regarding their retained personal data. Requests include those regarding disclosure, correction, addition, or deletion of "retained personal data" such as personal information databases, suspension of use, and suspension of provision to third parties. In addition, if we do not hold retained personal information about an individual, we will respond to that effect.

Furthermore, information regarding these rights will be made available to individuals in advance by posting this Privacy Policy on our website.

The point of contact for complaints and inquiries is the Customer Service department. You can contact us by email at customer service@hohde.fi or via the contact form on the website .

Additional Information

11.1 How to make a request and how we will respond

Please send your requests to us by email or through the contact form on our website. Customer service will handle your requests, but the person in charge may join in if necessary. Complaints regarding the handling of personal information will also be handled by customer service, but the person in charge may join in if necessary. The contact points for these will be the same as those for requests.

We will provide a response to your request after we have fully verified your identity. We will send the response by email or post (in paper form) at our discretion.

11.2 Fees for requesting disclosure

We charge a reasonable fee for your request, based on actual administrative costs, including the amount of employee time and resources spent on responding to your request. We also charge other related costs, such as postal costs, including international registered and express postal delivery from Finland. The calculation of the fee therefore depends on the individual factors of your request. For example, if you request a written document to be sent by post, the calculation will be based on the current postal rates. If you specifically prefer to receive your information by post, please consult us for the latest rates or refer to the Finnish Post Office (Posti) international postal rates. Payment of the fee will be made by email, via a link that allows you to pay the required amount through the credit card payment service of the online store.

11.3 Right to lodge a complaint

If you believe that we have violated your rights regarding the protection of your personal information, you have the right to lodge a complaint regarding our handling of your personal information. Please refer to the section "How to make a complaint and our response" for information on how to lodge a complaint and how we will respond.

12. Cookies

Cookies are text files that are stored on your device via your internet browser. Cookies may contain a personal identifier that identifies you. We use cookies to ensure the convenience and quality of our online services and to continually improve them. We also use cookies for advertising targeting purposes.

Further information about why we use cookies, the types of cookies we use, what we use them for, who collects your information and your rights regarding your consent to the transfer of your information to third parties can be found in our Cookie Policy.

13. Updates to this Privacy Policy

We will update this Privacy Policy periodically to take into account changes in laws and regulations, the emergence of new circumstances, and changes to our internal policies and procedures.

This Privacy Policy is available on our website, and the date of its last update is clearly indicated. Please check our website regularly to keep up to date with the latest Privacy Policy. If there are any significant changes, we will notify the changes and the affected individuals by appropriate means, such as by posting a notice on our website or sending an email notification.

If the new changes result in a change in the purpose of use beyond what could reasonably be expected compared to the original purpose of use, or beyond the scope of normal business operations, we will ask the individuals whose personal data we already hold for their consent before processing the data for the new purpose. New customers and other individuals will always be subject to the latest Privacy Policy posted on our website.