Privacy policy

This is the Privacy Statement of Vintor Oy's Personal Data Act (sections 10 and 24) and the EU Privacy Policy (GDPR).


Vintor Oy (primary responsible party)

Itsehallintokuja 6, 02600 Espoo


(hereafter ”We” or ”Vintor”)

Contact Person for This Register

Name of this Register


Legal Bases and Purpose of the Processing of Personal Data

The bases for processing personal data are our legitimate interests (e.g. customer relationship management, invoicing), performance of a contract between us and/or a legal obligation.

We process personal data to:

  • deliver and develop our products and services to meet our customers’ needs,
  • fulfill our contractual and other promises and obligations,
  • take care of the customer relationship,
  • analyze and profile the behavior of the customer or other data subject,
  • enable electronic and direct marketing, and
  • target advertising in our online services. 

We use the personal data stored in the customer register also for profiling purposes. Profiling is carried out by creating a unique customer ID or file (for example a cookie) for the data subject and storing this ID on the device of the data subject. This enables us or our subcontractor to combine the data generated by the use of different products and services, and to create a profile of the data subject’s behavior. The purpose of this profiling is to identify customer behavior to target marketing and develop our services to better meet our customers’ needs.          

Data content of the register

We process the following personal data of our customers or other data subjects (like prospects or individuals participating in our trainings) in connection with this customer and marketing register:

  • Basic information of the data subject such as name, date of birth, customer number, username and/or other identifier, mother language;
  • Contact information of the data subject such as e-mail address, phone number, postal address;
  • Information of the company and company’s contact persons such as Business ID and names and contact details of the contact persons;
  • Information of the customership and the contract such as information of past and current contracts and orders, correspondence with the customer and other references, customer’s payment information and other information of the customership which the customer itself voluntarily provides to our systems;
  • Information of the connection and device the data subject is using such as the IP address, device ID or other device identifier and cookies;
  • Information on events the data subject is taking part in such as information related to event registration (including dietary data, which is processed only based on the consent of the person) and invoicing;
  • Information related to the data subject’s direct marketing opt-out
  • Other possible information gathered with data subject’s consent.

Regular sources of information

We receive information primarily from the data subject him-/her-/itself, contact information service providers and other similar reliable sources.

For the purposes described in this privacy policy, personal data may also be collected and updated from publicly available sources such as newspapers and other news sources, professional social media networks and company websites, as well as based on information received from authorities or other third parties within the limits of the applicable laws and regulations. Data updating of this kind is performed manually or by automated means. 

Ordinary deliveries of data and transfer of data outside the EU or EEA

Personal data and other customer data are disclosed to the requesting authority when the authority has a statutory right. Vintor is obliged to disclose information on our customers to the extent permitted by law to the authorities on the basis of the law. Additionally, we may disclose your information to potential subcontractors, thereby ensuring that we keep the information confidential.

As a rule, registered data will not be transferred to EU or EEA countries. When transferring personal data outside the EU or EEA, we ensure agreements (for example, using the EU's standard contractual clauses) or otherwise that the transfers are carried out as required by law. In addition, we also take care of and require our system administrator to ensure that your personal information remains protected even if it is transferred outside the EU or EEA territory, as required by law.

Use of cookies

Our website uses cookies and other similar technologies for managing and developing the website, improving and analyzing the user experience and targeting advertisements in our and our partners’ services. If you visit our website and the cookies have been enabled in your browser settings, we deem that you have consented to our use of cookies on our website.

By using cookies, Vintor may collect information about e.g. from which website the user has arrived, what pages the user is browsing and when, which web browser the user is using and the IP address of the device.

We use the information collected by the cookies typically for the following purposes:

Necessary cookies and service provision: Cookies are essentially necessary for the proper functioning of our website and they enable a good user experience. These cookies do not collect information that would enable us to identify the user.

Cookies that improve the site: By following the use of these cookies, we can improve the functioning of our website. We receive information e.g.  about which parts of our website are the most popular, to which sites users leave from our website and where they arrive from as well as how long they stay on our site. We also receive information about which articles, pages and blog posts users read most often (so that we know which topics are popular).

Social media and targeted advertisement: By using these cookies we can make the content of the website as individually customized as possible, and thereby show e.g. targeted advertisement and content based on the user’s prior behavior. Vintor uses advertisement cookies managed by third parties in order to present its products both on its own website and on the sites of third parties. You can disable some of the third-party advertisement cookies from their site settings.

Our website may include links and connections to third party websites, products and services as well as so called community plug-ins of third parties (such as LinkedIn and Twitter). The third-party plug-ins integrated into the Vintor website are loaded from third party servers and thus the third party may install their own cookies on the user’s device. These third-party services and applications offered on the Vintor website are subject to the privacy policies or notices of such third parties. We recommend you familiarize yourself with such third-party privacy policies or notices.

You can review the available cookie settings on your web browser. If you wish so, you can change the settings for the use of cookies by changing your web browser’s settings to decline the storing of cookies on your device. In some cases, this may lead to slower browsing of websites or the access to some sites to be denied altogether. A part of the cookies on our website are managed by third parties and you may alternatively use the tools of these third parties to decline the use of these cookies.

The storage and retention period of the cookies varies by cookie type. The session cookies elapse when you close the web browser. Permanent cookies usually have a term of use, which varies from two months to a couple of years.

Principles of registry protection

We store personal information and other customer information confidential and use personal data only for the purposes specified in this privacy policy and that are otherwise legally permissible and compulsory. We strive to keep to it that the personal data and other customer information is up to date and accurate. We protect our customer information as efficiently as possible and strive to prevent third-party access to our information systems. Personal information and other customer information is confidential to the information he or she is processing. Personal data is retained and processed so that Vintor implements and maintains appropriate technical and organizational security measures as well as Vintor's security practices.

We store the data as long as it is necessary for the purpose of processing the data. Personal data in the customer and marketing register is erased after the claim period related to a specific customer relationship or service has elapsed. This period is by default ten (10) years. Data related to marketing activities is processed until further notice.

We regularly review the need for data storage taking into account the applicable legislation. In addition, we take all reasonable actions to ensure that no incompatible, outdated or inaccurate personal data are stored in the register taking into account the purpose of the processing. We correct or erase such data without delay.

The right of inspection and the right to demand correction and other rights related to the processing of personal data

As a data subject you have the right to access the personal data stored in this register concerning yourself, and the right to require rectification or erasure of that data. You also have the right to withdraw your consent where we process your data based on consent.

As a data subject, you have the right, according to EU’s General Data Protection Regulation, to object to processing or to request restricting the processing, and to lodge a complaint with a supervisory authority.

For specific personal reasons, you also have a right to object profiling and other processing concerning you, when processing the data is based on our legitimate interest. In connection to your claim, you should identify the specific situation on which you object the processing. We can refuse to act on such request on the basis of the law.

As a data subject you have the right to object to processing, including profiling, at any time free of charge in so far as it relates to direct marketing.

All requests and requirements concerning this section should be submitted in writing to the address mentioned above in section "Contact Person for This Register".

Changes in this Privacy Policy

Should we make amendments to this privacy policy, we will place the amended policy on our website, with an indication of the amendment date. If the amendments are significant, we may also inform you about this by other means, for example by sending an email or placing a bulletin on our homepage. We recommend that you review this privacy policy from time to time to ensure you are aware of any amendments made.