Privacy policy

Isku-Yhtymä Oy privacy policy

Processing of personal data at Isku-Yhtymä Oy

Data controller:
Isku-Yhtymä Oy (hereinafter “Isku”)
Business ID 0148884-5
Mukkulankatu 19, PO Box 240
15210 Lahti, FINLAND

Isku Group’s contact information in matters related to the register:

Isku-Yhtymä Oy
Mukkulankatu 19, PO Box 240
15210 Lahti, FINLAND

rekisterit@isku.fi

What is personal data?

Personal data means any information relating to an identified or identifiable natural person. For instance, your name and address as well as information relating to your purchases are personal data pertaining to you.

Identifiable person means an individual who can be identified directly or indirectly on the basis of name, personal identity code, location information, online identifier or one or more characteristic properties.

What information do we collect?

Isku comprises Isku Koti and Isku Interior, which supply furnishings for public spaces and high-quality furniture, as well as related services to their customers. Isku processes personal data in order to develop its operations and customer experience, handle the sale of its products and services and furniture orders, and to provide related information and services via its shops and digital channels.

We collect personal data directly from you when you buy our products or services via any of our sales channels. For example, in conjunction with a purchase we collect information such as your name and address to enable us to deliver your purchases to the correct address.

Customers’ basic information:

  • Customer number
  • The start data of the customer relationship
  • First and last names
  • Address and other necessary contact information, such as telephone and email
  • Personal identity code in conjunction with an application for Isku credit
  • Title or job, interests, hobbies and other similar information
  • Marketing permissions and prohibitions
  • Name of the company or organisation, including the contact person, the required identifier and address information
  • Isku’s account manager for the customer in question

Customer relationship, service and communication information:

We collect necessary data relating to the customer relationship, including information on visits, orders, products, purchases, prices, benefits, discounts, deliveries, payment reminders, customer satisfaction and complaints.

Additionally, we collect usage information on communications, marketing and the use of content and services taking place via various channels, including telephone and chat records and user credentials.

We may use cookies to collect information on Isku’s digital services. Cookies are used to ensure the functionality of our digital services and for the purposes of analysis, marketing and customisation.  You can read more about how we use cookies on our website at https://www.isku.com/en/cookies/

Note that our Isku.fi and Isku.com websites may contain links to websites of companies other than Isku that have their own privacy practices. In such cases, we recommend that you read the privacy policies of the third parties in question.

Personal data may be processed and shared within units that are part of Isku Group and other Finnish companies that belong to the group for the realisation of internal processes.

How and for what do we use personal data?

Isku uses personal data to enable it to offer you interesting services and products. We need to be able to contact you using your data if we require further information for the purchase and delivery of our products. We may store your contact and order information and information on service events relating to your customer relationship to enable us to offer you services that are the most suitable to you.  

Isku takes due care in the development and maintenance of personal data relating to its operations. For instance, personal data is processed using statistical and other similar methods. The goal is to target content and operations to make them as interesting as possible to the customer and to offer a better customer experience. Processing purposes related to this goal include the planning, development and monitoring of business operations and the management and analysis of customer relationships via various channels, including activities related to targeted services, communications, marketing, customer satisfaction surveys and other similar functions. When you sign up for our events, we process the participant lists to be able to offer you the best possible services. This also applies to competitions and raffles arranged as part of our marketing activities.

On the basis of legitimate interest, we use the contact information you provide for customer communications, for example to develop our products and services and to collect customer feedback in conjunction with customer satisfaction surveys. Additionally, we may use personal data and contact and purchase information as part of our services in order to offer you better customer service. We may also send you emails concerning your purchase to provide you with information on our other services and products that may interest you. 

In addition, we invite our customers to participate in our customer communities. We may also contact selected or restricted groups of customers to test new products or services.

Isku processes information related to various stages of your purchase when it processes customer feedback or complaints. By doing this, we want to ensure that we can handle all cases appropriately and that we understand what happened. Your information is processed to guarantee the rapid handling of demands for compensation and complaints.

We want to improve your customer experience continuously and to make our services more relevant and interesting. This helps us to offer customised services through customer segmentation. For example, we can offer additional services and products that you may be interested in via our digital channels.

We process information relating to our subcontractors’, partners’ and suppliers’ contact persons, such as contact information and other data required for the management of the business relationship, in a manner required by our business operations.

How do we store and protect personal data?

The data is protected with an access system, software, firewalls and passwords, along with other technical means. Access to the customer relationship management system is only granted to designated employees employed by Isku or companies operating on its behalf or on the basis of an assignment from it. Various user levels have been defined for the system and users are only granted administrator or viewing rights to information they require. Each user is given a personal username and password that are required for login. Data processing rights are granted in a restricted and monitored manner on the basis of work duties. Users are bound by a confidentiality agreement.

To whom do we transfer data?

We may disclose personal data to authorities, for example, in order to facilitate investigation into misuse.

In the technical, commercial and operative realisation of processing tasks, Isku makes use of subcontractors that operate on its behalf, for example in conjunction with the transport and installation of furniture, or payment institutes for invoicing. Isku has signed an agreement on compliance with the General Data Protection Regulation in data processing with its collaboration partners and subcontractors. Our collaboration partners do not transfer personal data to third parties.

With consent from a customer, data may be transferred to Isku’s collaboration partners or subcontractors within the framework of Finland’s Personal Data Act for the purposes of direct marketing.

Additionally, personal data may be transferred outside the EU and the EEA in accordance with the applicable legislation if required for the technical realisation of Isku’s services. Isku’s partners based outside the EU must comply with the privacy practices pertaining to the transfer of data. We take measures to protect the data being transferred outside the European Economic Area in line with the Commission’s model clauses or by other appropriate means, such as the Privacy Shield framework.

However, if a breach of privacy that places your data at risk occurs, we will notify you without delay in compliance with legislation on data protection.

How long is personal data stored?

Because of our long warranty terms, customer information may be stored for up to five years. Pursuant to legislation on accounting, we must keep records of our operations and store our accounting material for the period defined by law. We do not store data that we no longer require.

What actions can you request?

You can exercise your rights as a data subject by contacting us by email at rekisteri@isku.fi or Isku-Yhtymä Oy, Data Privacy Manager, PO Box 240, 15210 Lahti, FINLAND.

Requests must be signed and submitted in writing. We will reply to your request within a month of receiving it. Note that we may request more information to verify your identity and to gain necessary clarifications, in which case the month’s processing period is interrupted.

We will send you a confirmation of the steps we have taken as a result of your request (for example, a confirmation on the deletion of data). If we are unable to realise your request, you will be informed of the grounds for this. The personal data to be disclosed as a result of your request will be delivered in writing and sent by post to the address provided by you.

Inspection of data

You have the right to inspect the data relating to you stored in Isku’s register once a year free of charge. You have the right to request a copy of your personal data by sending email to rekisterit@isku.fi. We will deliver the data to you unless we have legal grounds for not sharing the data with you and as long as the disclosure of data does not violate your rights or those of others.

Rectification of data

You have the right to rectify or update any erroneous or incomplete data relating to you. A request for rectification can be sent to rekisterit@isku.fi.

Erasure of data

You have the right to request us to delete the data relating to you from our systems in certain situations, such as when it is no longer required for the purpose it was collected for, or if the basis for processing is consent from you and you have revoked the consent. We erase the data relating to you without delay if we have no legal basis for continuing the processing pursuant to legislation on data protection.

Transfer of data

You have the right to receive the data you delivered to us in a commonly used electronic format and to transfer the data to a third party yourself.

Objections to data processing

We can process your data on the basis of legitimate interest as part of our business operations after taking steps to ensure that such processing does not violate your privacy. You have the right to request us to restrict the processing of your data on the grounds of personal circumstances. You may ask us to delete the data in question or restrict its processing while your objection to data processing is pending.

Furthermore, you have the right to prohibit at any time the use of your data for direct marketing or profiling. You can stop receiving marketing messages via the “cancel the newsletter” link.

Restriction of data processing

You have the right to restrict the processing of your data. Once the processing of your data is restricted, Isku as a rule only stores your data. You can request us to restrict processing if the data relating to you is not accurate, if you believe that the processing violates data protection laws, or if you have objected to the processing of your data and this objection is pending.

If you believe we have not processed your data appropriately, you may lodge a complaint with the Data Protection Ombudsman.

Who can you contact with regard to data privacy?

Isku-Yhtymä Oy, Data Privacy Manager
Mukkulankatu 19, PO Box 240
15210 Lahti, FINLAND

rekisterit@isku.fi