Sporttihubi

Privacy Policy

  1. 1. Data controller

    Name: Gatecom Oy Business ID: 2643035-9

  2. 2. Contact for register matters

    tietosuoja@sporttihubi.fi

  3. 3. Register name

    The name of the register is Customer Register.

  4. 4. Purpose and legal basis of processing personal data

    Personal data is collected for a specific, explicit and legitimate purpose to fulfill contractual obligations related to the customer relationship. Personal data is collected in accordance with this privacy policy and is not used, altered or transferred in any way other than as specified herein.

  5. 5. Contents of the register

    The register contains personal data of the controller’s customers, which include: name, address, phone number, email address, company name, company website address, and other information related to managing the customer relationship.

  6. 6. Cookies

    The controller’s website uses a third-party site analytics and marketing system (Google Analytics). The system collects information about visitors via cookies, which is not used to identify individual users, but to develop the website and services. Google Analytics transmits and stores the data on its own servers.

  7. 7. Regular sources of information

    The register is compiled from information provided by customers and stakeholders. In addition, data is collected from public sources, such as company contact information on websites or address directories.

  8. 8. Regular disclosures of data

    Necessary customer information may be disclosed to authorities for legal purposes. The controller does not disclose data to third parties or automatically to other partners. In individual cases, the controller may disclose customer information to a designated party if the customer requests the controller to act as described above or if a legally valid authority requires disclosure of specified data from the controller’s database.

  9. 9. Transfer of data outside the EU and EEA

    Data in the Customer Register is not transferred outside the EU and EEA.

  10. 10. Right of access

    The data subject has the right to inspect what information concerning them is stored in the register. After making a sufficiently precise and individual access request, they have the right to obtain their data and the contents of the records. The access request must be made in writing, signed, addressed to the controller’s contact person, and accompanied by a copy of a photo ID.

  11. 11. Right to request correction and deletion of data

    The controller must correct any inaccurate information in the personal data register as pointed out by the data subject. The controller is also obliged to ensure the accuracy and timeliness of the data in the register through its own activities. The data subject may also request the controller to delete information concerning themselves from the register.

  12. 12. Other rights related to personal data processing

    The data subject has the right to request restriction of processing of personal data. The data subject also has the right to receive the personal data they have provided to the controller in a commonly used and machine-readable format and the right to transfer such data to another controller. In addition, the data subject has the right to object to the processing of their data, to automated decision-making, and profiling.

  13. 13. Data subject’s right to lodge a complaint with a supervisory authority

    The data subject has the right to lodge a complaint with the competent supervisory authority if they consider that the processing of their personal data does not comply with applicable data protection legislation.

  14. 14. Erasure of data and retention period

    The controller erases the customer’s data from the register when there is no longer a business reason for processing or if the data subject requests deletion under law. Personal data is destroyed appropriately, taking data protection into account, once there is no longer a basis for processing or retention. However, data will not be deleted if otherwise required by law or if a competent authority has initiated proceedings requiring the controller to retain the information or if another party has obtained a data protection decision from the Finnish authorities concerning the data.

  15. 15. Approval of the privacy policy

    This privacy policy has been approved as ongoing and reviewed on 29 April 2025.