Go Back Up

Privacy Policy for Aito Ventures’ Contact Information Register

Information document regarding the processing of personal data in Aito Ventures' customer register in accordance with the EU General Data Protection Regulation (GDPR).
Updated: 20 May 2025

1. Data Controller

The following group companies jointly act as data controllers:

  • Aito Ventures Oy (3124061-3)
  • Aito Talotekniikka Oy (3124062-1)
  • Aito Viemäripalvelut Oy (3212320-8)
  • Aito Kodin Putkitekniikka Oy (3419987-1)
  • Aito Sales Oy (3124667-9)

Contact details of the data controller:

Kutojantie 6–8, 02630 Espoo
010 200 9530
info@aitotalotekniikka.fi

2. Contact Person for Registry Matters

Lauri Junnila, CEO
Kutojantie 6–8, 02630 Espoo
045 7876 8615
lauri.junnila@aitotalotekniikka.fi

3. Name of the Register

Aito Ventures Contact Information Register

4. Legal Basis for Processing Personal Data

The processing of personal data in accordance with the purposes of this register is based on the data subject’s consent, performance of a contract, compliance with legal obligations, and/or the data controller’s legitimate interest.

5. Purpose of Processing Personal Data

Personal data is processed for the following purposes:

  • Customer relationship management and communication
  • Sale, marketing, and communication of the data controller’s products and services
  • Development of business operations and customer service
6. Processed Personal Data

The following personal data may be stored and processed:

  • Basic personal details (e.g. name)
  • Contact information (e.g. postal address, phone number, email)
  • Information about properties owned, managed, or used by the data subject (e.g. address, year built, heating, plumbing, electrical systems)
  • Details related to construction, renovation, or refurbishment of the property
  • Order and purchase data, payment method, billing, payment behavior, and debt collection data
  • Information related to the inhabitance of the property that may affect the delivery of home services
  • Data required for consumer financing applications (e.g. personal ID number, gender, date of birth, language, title, profession, and occupational details)
  • Information about in-home sales and potential cancellations of such agreements
  • Communication with the data subject (e.g. complaints, feedback, emails, call recordings, other correspondence)
  • Warranty and tax deduction information for delivered products and services
  • Direct marketing permissions and prohibitions

This list represents the maximum scope of data that may be stored. The data controller reserves the right to collect and/or store only a portion of this data per individual, as applicable.

7. Sources of Personal Data

Data is collected from:

  • The data subject directly (e.g. through the Company’s website or customer service interactions)
  • Other registers maintained by the data controller, cooperation partners, authorities, and commercial data providers
8. Cookies and User Tracking

Our website uses cookies and similar technologies to collect information about site usage. This data is used for service development, improving user experience, and targeting marketing and communications.

The user can accept or reject cookie use through the cookie banner on the site. In some cases, collected data may be combined with other data provided by the user, with their consent.

9. Recipients or Categories of Recipients of Personal Data

Personal data in the register may be processed by the data controller’s partners (e.g. for advertising, marketing, financing, or service delivery) to the extent necessary for service provision. Data may also be disclosed to authorities based on lawful requests.

10. Transfer of Data Outside the EU

Personal data may be transferred outside the EU to the data controller’s partners. In such cases, the controller ensures that the recipient follows commonly accepted standards (e.g. EU-U.S. Privacy Shield Framework) to guarantee GDPR-compliant processing.

11. Data Retention Period

Personal data in the contact information register is processed as long as there is a valid basis for doing so. Once the basis no longer exists, the data is deleted unless another legal justification for retention applies.

12. Data Subject Rights

The data subject has the right to:

  • Access their data (right of access)
  • Correct their data (right to rectification)
  • Have their data deleted (right to erasure)
  • Object to the processing of their data
  • Request restriction of processing
  • Transfer their data to another system (data portability)

Right to Object:

The data subject has the right to object at any time to the use of their personal data for direct marketing purposes. Once an objection is made, personal data will no longer be processed for this purpose.

13. Data Security

Data is stored in the data controller’s systems and databases, accessible only to authorized personnel. Access is restricted to those who need it for work-related duties. Access is protected by usernames, passwords, firewalls, and other relevant security measures.

14. Right to Lodge a Complaint

The data subject has the right to lodge a complaint with the competent supervisory authority if they believe the data controller is not complying with applicable data protection regulations.

15. Exercising Data Subject Rights

For questions related to personal data or to exercise any rights, the data subject may contact the data controller using the contact information in section 2.

Requests to access personal data or exercise rights must be submitted in writing by email or post. Requests can also be made in person at the data controller’s office.

To ensure personal data is not disclosed to unauthorized persons, the data controller may request a signed request form and/or proof of identity (e.g. official ID or other reliable means).