top of page




1. Introduction

In this privacy statement, we explain how we collect and process personal data from the wsite and its social media channels.


We are committed to protecting users' privacy in accordance with applicable legislation.


2. Processing purposes and legal basis

Purposes of personal data processing


We collect and process personal data in order to:

  • the user can be registered for certain services on our site;

  • the user can use certain services on our site; 

  • in accordance with the user's approval, our services or those of selected third parties may be marketed to the user;

  • we can improve the user's experience of using the Service by collecting site usage information using cookies and other analysis techniques;

  • our site can be managed.


Legal basis for processing personal data


We collect and process personal data to fulfill our obligations arising from the contract and to fulfill our obligations arising from legislation. In addition, we process personal data based on a legitimate interest in order to maintain and develop our business and service.


3. What personal data do we collect?

We collect personal data from users of our service necessary for the purposes defined in this privacy statement:


a)  Information you provide to Åbolly

  • Contact and registration information

  • Information related to the contractual relationship, such as product or service description information, invoicing and payment information, customer feedback and contact information

  • Profiling and interest information provided by the user

  • Permissions and consents

  • Other possible information provided by the user that we need for the purposes specified in the privacy statement


b) Any information collected from public registers


c) Information observed about the use of the services


Cookies and other analysis technologies are used to observe the use of services. The use of cookies is common and many sites make use of them. A cookie is a small data storage program that a computer browser installs on the hard drive of the user's computer. Whenever the user's browser retrieves the site from the Company's server, a message is sent back to the user's computer. The sent message speeds up the site and simplifies login, saves the user's usage data and targets the site to the user.


Cookies and other possible analysis technologies are used to collect, for example, the following information:


  • Usage and browsing data for the features of the service, such as ads that have been shown and information about clicking on ads

  • The page from which the user has moved to our pages, device model, unique device and/or cookie identifier, data collection channel, browser version, IP address, session identifier, session time and duration, as well as screen resolution and operating system

  • Location information, if the user has given express permission for this

  • Other information collected with the consent of the user


d) Information derived from the use of the services


Derived information is deduced with the help of analytics from the observed use of the Service and/or the information provided by the customer himself, for example the user's possible interests or segmentation into a group of certain types of users.


All the information we collect can be used to target the Service to the user. We use cookies to track information that our site's cookie has installed on the user's computer. In the menu of most browsers, there is a Help menu item, which tells you how to prevent the acceptance of cookies, how the browser notifies you of receiving cookies, and how cookies can be closed. If cookies are closed, use of the site may be limited or prevented.


4. How long is user data stored?

We retain users' personal data only as long as it is needed for the purpose for which it was collected or for the maximum period permitted by law. The length of the personal data retention period therefore varies depending on the data. This also means that we may retain your personal data even after your contractual relationship with us has ended, but only for as long as we have reason to do so.


5. Transfer of personal data to provide services


We transfer personal data only to the extent that third parties need access to the personal data we process in order to provide the Service for the purposes defined in this privacy statement.


Marketing and advertising by third parties


We do not share users' personal or identification information with marketing or advertising parties. In order to properly target communications or marketing, we may transfer to third parties anonymized demographic information, interests or, for example, location-based targeting values.


Your consent


If the user has given their consent, we may share the user's information with selected third parties so that they can contact the user.


For legal reasons


Your personal data may be disclosed in accordance with the requirements set forth by the competent authority and the conditions based on the law. If we sell, buy, merge or otherwise organize our business, the user's personal data may be disclosed to buyers and their advisors.


6. International Data Transfers

Åbolly strives to implement services and process personal data using operators and services located in the EU or EEA region.


Some of our subcontractors, distributors and partners are located outside the European Economic Area. In this case, your personal data may be transferred between different countries. Such transfers may include transfers of personal data outside the EU or EEA area to countries whose legislation regarding the processing of personal data differs from the requirements of Finnish law. In this case, Gugga ensures an adequate level of personal data protection, for example by agreeing on the matter with the personal data processor using model contract clauses or other means in accordance with data protection legislation for the transfer of personal data to third countries.


7. Protection of personal data

Åbolly uses up-to-date policies to protect personal data. This means that we use physical, administrative and technical security measures to reduce the risk of loss of personal data and to reduce misuse and unauthorized use, publication or modification. We store your personal information on secure servers, so only authorized persons can access the information on these servers. Åbolly can also protect the user's personal data using Secure Sockets Layer ("SSL") or other similar encryption software.


8. Third Party Sites

This Privacy Policy applies only to our Services and we are not responsible for the privacy practices of other sites. We recommend the user to check the privacy statements of the websites they use.


9. Changes to the data protection statement

We may change this privacy statement. The amended Privacy Statement is available on the Company's website so that users are always aware of how their personal data is processed.


 10. Your rights

Right of inspection


You have the right to check what information about you has been stored in the register. We deliver the information in the form required by law.


The right to demand rectification of information


You have the right to demand the correction or completion of incorrect, inaccurate, incomplete, outdated or unnecessary information.


The right to demand deletion of information


You can ask us to remove your personal data from our systems. We will carry out the measures according to your request, if we do not have a legitimate reason not to delete the information. Data may not be immediately removed from all of our backup or other similar systems.


The right to limit the processing of information


You can ask us to limit the processing of certain of your personal data. A request to restrict data processing may lead to more limited opportunities to use our website and services.


The right to object to the processing of information


You can also request restrictions on the processing of your personal data, if your data is processed for purposes other than the performance of our service or the fulfillment of a legal obligation. Objecting to the processing of personal data may lead to more limited opportunities to use our website. You have the right to opt out of electronic direct marketing by following the instructions included in all marketing messages we send.  


The right to transfer data from one system to another


You have the right to receive your personal data from us in a structured and commonly used format so that you can forward the data to another data controller.


The right to withdraw consent


If the processing of your data is based on consent, you have the right to withdraw consent at any time.


 11. Exercising your rights

You can exercise your rights by sending a letter or email containing your name, address, phone number and a copy of a valid ID. If your request concerns personal information contained in a cookie, you must attach a copy of that cookie to your request. We may request additional information that is necessary to verify your identity. We may reject requests that are unreasonably frequent, excessive, or unfounded.


If you feel that the processing of your personal data is in conflict with current legislation, you can file a complaint with the local data protection supervisory authority.


12. Who is the data controller and who can I contact?

The controller is:



In matters concerning the registry, you can contact:

bottom of page