Online store on the website Metsänkeiju Oy / business ID 3177487-7 in Savonlinna processes personal data provided by the customer that completes and confirms terms and conditions, digital orders and delivery processing as well as sending necessary communication within the time required by law.

General regulations

  1. The personal data registry holder that observes the GDPR-regulation (hereafter "regulation") is Metsänkeiju Oy, business ID 3177487-7, in Savonlinna (hereafter "registry holder")
  2. Registry holder contact details: email:, phone number: 050-5345598
  3. Personal data include all data concerning a known or knowable natural person.

Source of personal data

  1. The registry holder processes personal data received from a consenting customer that is collected in agreement for completing and purchasing a digital order;
  2. The registry holder processes only those identity and contact details of the customer that are necessary for completing the purchase contract;
  3. The registry holder processes personal data for purposes of accounting and delivery as well as sending communication between both parties of the contract within the time required by law. Personal data is not publicised or moved to another country.

Purpose of processing personal data

The registry holder processes the customer's personal data in the following purposes:

  1. Registering the website in accordance with GDPR-regulation article 4 section 2;
  2. Digital orders created by the customer (name, address, email, phone number);
  3. Observing law and decrees pertaining to the contractual relation between the customer and the registry holder;
  4. Personal data is necessary for completing purchase contracts. A purchase contract is impossible to complete without personal data.

Duration of storing personal data

  1. The registry holder stores personal data as long as it is necessary for completing the rights and obligations pertaining to the contractual relation between the registry holder and the customer and three years after completing contractual relations;
  2. The registry holder is obliged to erase all personal data after the necessary time for storing personal data.

Recipients and processors of personal data

Third person processors of customer's personal data include the registry holder's subcontractors. Services by these subcontractors are necessary in processing and carrying out the digital order and purchase contract between the registry holder and customer.

Subcontractors of the registry holder include:

Webnode AG (shopping software);
Freight company;
Google Analytics (website analytics);

Customer's rights

In accordance with the regulation the customer has the right of:

  1. the right of access to personal data;
  2. the right of rectifying personal data;
  3. the right of erasing personal data;
  4. the right of restricting the processing of personal data;
  5. the right of porting personal data;
  6. the right of cancelling their consent to processing personal data via mail or email to the address:;
  7. the right of objecting to a supervising authority in suspection of transgression of the regulation.

Security of personal data:

  1. The registry holder is obliged to perform all security measures of technical and organizational manner necessary in order to protect personal data.
  2. The registry holder has enacted technical security measures in order to protect storage of stored data, especially by securing access to the computer via password, using antivirus software and updating the computer regularly.

Final rulings

  1. By purchasing a digital order from the website the customer confirms their acknowledgement of all terms of privacy protection and accepts them fully;
  2. The customer accepts these rules by selecting the checkbox in the purchase form;
  3. The registry holder may update these rules at any given time. A new updated version must be published on this website.

These rules are effective from 1.6.2021 onwards.