These are the Jaakkoo-Taara Oy register and data protection details as per the Finnish Data Protection Act (Henkilötietolaki sections 10 and 24) and the EU General Data Protection Regulation (GDPR). These details were updated on 17 November 2021.

1. Register Controller
   Jaakkoo-Taara Oy, Ruissalontie 4, FI-20200 Turku
   
2. Contact person responsible for the register
   Jani Kokkonen, jani.kokkonen@jt.fi, +358 (0)40 014 5866
   
3. Register Name
   Website customer register
   
4. Legal Basis and the Purpose for Processing Data
   The legal basis for processing data under the EU GDPR is an individual’s consent. The purpose for processing personal data is maintaining customer relations.
   
5. Register Dataset
   Data filed in the register include:
   – An IP address used in network access, guest logins
   – An individual’s name, company/organisation, contact information (phone number, e-mail address)
   
6. Regular Sources of Information 
   The data to be filed in the register will be provided by the customer through online forms.
   
7. Regular Disclosure of Data and Transferring Data to Parties Outside the EU or ETA
   Data will not be disclosed to any other party.
   
8. Principals of Register Security  
   Register processing exercises due diligence, and information processed under the data systems will be appropriately secured. The register data are stored in online servers, and the hardware is properly safeguarded in terms of both their physical and digital data security. Jaakkoo-Taara Oy sees to the fact that filed data and the user rights of the servers and other critical information in terms of personal data security is confidentially processed and will only be carried out by those employees whose job description states they may do so.
   
9. Right of Access and the Right to Request Data Correction
   Every individual in the register has the right of access to their filed data and the right to request that any inaccurate or incomplete information be corrected or completed. If the individual wishes to access their data or request a correction, they must send a written request to the controller. The controller may, if necessary, ask the person making the request to prove their identity. The controller will reply to the customer within a time limit as set by the GDPR (usually within a month).
   
10. Other Rights Involving the Processing of Personal Data
    An individual in the register has the right to request the removal of personal data concerning them (“the right to be forgotten”). Likewise, those in the register have other rights under the GDPR, such as restricting personal data processing under certain circumstances.  Any requests must be submitted to the controller in writing. The controller may ask to see a proof of identity. The controller will reply to the customer within a time limit as set by the GDPR (usually within a month).