Privacy Policy

Privacy and Register Statement

This is a privacy and register statement prepared in accordance with the EU General Data Protection Regulation (GDPR). Prepared on 23 March 2026.

Data Controller

Business name: Blomgården
Business ID: 2871426-7

Contact Person Responsible for the Register

Kristiina Blom, kristiina.blom@blomgarden.fi

Name of the Register

Customer Register

Legal Basis and Purpose of Processing Personal Data

Under the EU General Data Protection Regulation, the legal basis for processing personal data is the individual’s consent and/or a contract to which the data subject is a party. There is a customer relationship between the data controller and the registered person.

The purpose of processing personal data is customer communication, maintaining customer relationships, and invoicing. The information is not used for any other purposes.

Contents of the Register

The register stores customer contact information (name, telephone number, email address, and when necessary, home address for invoicing purposes, as well as for business customers: position, company/organization, website address, and Business ID).

Other stored information includes data from feedback forms, information on ordered services and changes to them, invoicing details, and other information related to the customer relationship and ordered services.

Website visitors’ IP addresses and cookies necessary for the functioning of the service are processed on the basis of legitimate interest, including ensuring information security and collecting visitor statistics in cases where they may be considered personal data.

The information is not disclosed to third parties.

Principles of Register Protection

Care is taken in the processing of the register, and information processed through information systems is appropriately protected. When register data is stored on internet servers, the physical and digital security of the hardware is appropriately ensured.

The data controller ensures that stored data, server access rights, and other information critical to the security of personal data are handled confidentially and only by employees whose job responsibilities require it.

Physical documents are stored in a locked cabinet in a locked space.