Privacy Policy


Our Privacy Policy was last updated on 20th June 2024.

Ferroplan Oy (Business ID: 0690413-1) respect your privacy and are committed to protect your personal data. This Privacy Statement outlines your rights to privacy and our commitment to safeguard your personal data. If you have any questions or inquiries concerning this Privacy Statement and/or your personal data, please contact

Organisation of contact in privacy matters:

Ferroplan Oy / Privacy Matters
Takojantie 4
FI-16300 Orimattila, Finland
Tel. +358 20 718 9720

Communication regarding privacy matters
Tanja Lehtinen, +358 400 645 179,

For all questions related to the processing of personal data and in situations related to the exercise of rights, the registrant is advised to contact the above-mentioned person. 

Name of the filing system 
Ferroplan Customer and Marketing Register 

The basis and purpose of personal data processing 
The legal basis for the processing of personal data is/are the following: 

  • Consent given by the registered person (registrant) to the processing of personal data
  • Contractual relationship between the registered (registrant) and the registrar
  • Fulfilling the legal obligations of the registrar
  • Legitimate interest of the registrar 
  • The public interest or the exercise of a public power vested in the registrar 
  • Protection of vital interests of the registrar 

We process personal data to manage, maintain, develop and analyse customer relationships. We also process personal data for the production, provision and development of the services. Personal data may be used for website development, marketing, market research and customer communications, which may be electronic and targeted. 

Regular data sources 
The personal data processed are regularly obtained from the following sources: 

  • from the registrant itself 
  • from the commercial register 

The collection of personal data is based on the customer relationship or other connection of the registrant with us. We collect information when we enter into a contract or when someone registers or uses our services. We track cookies – a person’s visit to our website leaves a trace, an IP address. We may also collect information in connection with various marketing activities and public information sources. 

Personal data to be processed
The Registrar only collects personal information about registrants that is relevant and necessary for the purposes described in this Privacy Policy.  The following information about the Registrant is processed 

  • The person’s name, title and position in the company
  • Company name, contact information and industry
  • The individual’s telephone number/mobile number and email address 
  • The person’s marketing authorizations and prohibitions
  • Information relating to online behaviour on websites, information collected through cookies 
  • Classification information provided by the individual or collected with the individual’s consent 
  • Publicly available classification information

Disclosure of personal data 
For example, information may be disclosed to government authorities as required by law. We do not disclose personal information for external marketing purposes. Due to the technical or operational implementation of data processing, some of the data may be located with our subcontractors or our partners. They process the data only to the extent necessary to provide the service. They will not use the information for any other purpose and will not disclose the information to third parties. 

Data Security
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Ensuring the confidentiality, integrity, and availability of our systems and services.
  • Regularly assessing and evaluating the effectiveness of our technical and organizational measures.

Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. The criteria used to determine retention periods include:

  • The nature and sensitivity of the data.
  • The potential risk of harm from unauthorized use or disclosure.
  • The purposes for which we process your data and whether we can achieve those purposes through other means.
  • The applicable legal requirements.

International Data Transfers
Unless you prohibit the disclosure of your data, we may disclose data to selected collaboration partners within the limits of the legislation for providing the service. We use service providers for maintaining newsletter mailing lists, managing customer/lead information, and processing information of individuals participating in events. In accordance with data protection agreements, each service provider can only process personal data to the extent necessary for the provision of the service in question. If personal data is transferred outside the European Economic Area (EEA), we ensure it is protected in a manner consistent with how it would be within the EEA.

User Rights
You have the following rights regarding your personal data:

  • Access: To request access to your personal data.
  • Rectification: To correct inaccurate or incomplete data.
  • Erasure: To request the deletion of your data.
  • Restriction: To restrict the processing of your data.
  • Portability: To obtain and reuse your data across different services.
  • Objection: To object to the processing of your data.
  • Withdraw consent: To withdraw consent at any time where we are relying on consent to process your personal data.

If you wish to exercise any of these rights, please contact us by using the contact details provided above.

Changes to the Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page with an updated effective date. You are advised to review this Privacy Policy periodically for any changes.

Effective Date: 20th June 2024