Privacy Policy


This Privacy Policy will inform you about the personal information we deal with regarding the production and marketing of our services, management of customer relations, billing, and development of marketing services, as well as who has access to this information and under what grounds.

We may update this Privacy Policy by publishing a new version of it online, so you should check it regularly. Continuing to use our website and its ancillary services after the new version is published will be seen as an agreement to the edited terms and conditions. By using our website, you are agreeing to us using your information in accordance with this Privacy Policy.

1 Administrator

Kommeet Oy (henceforth Smilee)

Yrttipellontie 1

90230 Oulu

Phone +358 405 528 702

2 Contact Person for Matters Regarding the Privacy Policy

CEO: Teuvo Karppinen,

3 Registry Name and those Registered 

Smilee | Customer and Marketing Registry 

In our registry we manage the personal information of our customers and potential customers and their representatives.

 4 The Purpose of Processing Personal Information

We process personal information regarding customer management issues
(including service production and delivery, billing and recovery, handling
complaints, recruiting, customer service and customer satisfaction
measurement), customer communication, and the marketing of Smilee and its
affiliates’ services as well as developing services.

The information may be collected and processed in accordance with legal
obligations, such as for accounting and official purposes.

We only collect, maintain and process personal information for the purposes stated above.

5 The Data Content of the Registry

The following kind of information may be saved about the registered

·      Name

·   Company

·   Phone numebr

·   Email address

·   Address

·   Title

·   Consent information

·   Publicly available classification information

·   Customer feedback information

·   Order, billing and delivery information

·   IP-address or other identifier

·   Information gathered through cookies

·      What page you visit, how long you stay on the page, the way you came to the page and what links you click

·      Information gathered through social media channels

Other information collected by the customer’s consent

6 The Sources of the Register

We mainly collect the personal information when the customer contacts us
or later on while using our services. We may also collect information regarding
our customers from public sources or records, such as LinkedIn or other social
media channels.

We collect information about visitors on our site by using Google
Analytics and MailChimp services, in order for us to analyse and develop our
website to be even better than before and to target our website visitors with
relevant marketing. The information is saved in the register automatically when
a user gives their information on our website or while using the

The purpose of the automated marketing we use is to help us better serve the visitors on out site.

7 The Grounds for Processing Information

We ensure that we always have the legal grounds for processing personal

We mainly process information regarding the fulfillment and preparation
of contracts (for example, producing and delivering our services, customer
management, handling complaints and customer feedback) and our justified
advantages (such as direct marketing to our customers and product development
for our services).

With your consent, we may use your email address for sending newsletters
and marketing letters or process other information with your consent. Provided
that we only process your information with your consent, you may withdraw your
consent at any time.

We may also process your information
to meet legal obligations.

 8 Handing Over of Information

For us to serve you in the best way possible, the information can also be handed over outside of the EU or ETA for example to carry out the technical maintenance and processing of information by our subcontractors.

The registrar will not hand over personal information of the customers,
unless the Finnish authorities demand so.

The personal information is mainly processed by the personnel working for our company in their work.

The information may be handed over confidentially to our affiliates or subcontractors, who handle personal data under a written assignment agreement. These include cloud services meant for saving information.

Our subcontractors and our affiliates handle personal information in an
agreed manner, in accordance with our written instructions, and only to promote
agreed, legitimate purposes.

We may also disclose information otherwise to fulfill contractual obligations or, if required by law or the competent authority. We may also disclose your information if we are involved in a company or business transaction.

We may disclose anonymized or statistical information that cannot be
linked to a person. If such information is no longer considered personal data,
we may also disclose information to third parties for purposes other than those
mentioned herein. 

9 Moving Information outside of the EU/EEA

We use service providers to process personal data that may have access
to personal data outside the EU / EEA, such as the United States. We will
ensure the proper and lawful implementation of the transfers in accordance with
the legislation on the processing of personal data.

In all situations, we will only pass personal data outside the EU / EEA area under one of the following legal grounds:

·      The European Commission has decided that the recipient country in question has been ensured to have a sufficient level of data protection;

There are other legitimate grounds for transferring your personal data outside the EU / EEA, such as the United States Privacy Shield, approved by the European Commission.

10 Information Retention Time

We only keep personal information for the time needed to meet the uses described in this policy. In addition, some information may be kept longer to the extent necessary to fulfill the obligations imposed by law, such as accounting responsibilities. Unnecessary data will be deleted regularly.

11 The Principles of Information Protection

Personal information is protected against external use by firewalls, antivirus software, personal user IDs, and passwords. Access to personal data is restricted to persons authorized by Smilee, whose work requires personal data processing. We only disclose personal information in a confidential and limited manner on the basis of our agreements to our contract partners, such as our subcontractors. Our contract partners must commit themselves to ensuring adequate security and to fully comply with the lawful processing of personal data. The personal data handlers are bound by the obligation of confidentiality.

Our website uses a TLS-protected HTTPS-connection, in which case all personal data in electronic form is protected. If the information is in manual form, they are kept from outsiders in locked areas and are destroyed with data security. 

12 Cookies

Cookies are small text files that are automatically saved to the computer / terminal when a visitor visits different websites. Our website utilises cookies so that we can offer our services as user-friendly and high-quality as possible.

The cookies we use are related to our marketing automation system (MailChimp), the chat service we provide (Smilee), Google Analytics, and the social media channels we use, namely LinkedIn and Facebook Services.

These software store, among other things, information on what page you visit, how long you stay on the site, how you came to the site, and what links you click. We may use cookies to develop our services and websites, analyse the use of the website, and target and optimize marketing. Website traffic tracking will help us improve our website to make it even better and we will be able to provide users with a better user experience.

The use of cookies can be disabled from the browser (most browser programs allow cookie activity to be disabled). Note, however, that the network service and chat service may not work smoothly. 

13 The Rights of the Registered Subjects

The right to deny direct marketing

The registered subject has the right, at any point, to
deny the processing of personal information for direct marketing purposes.

Every newsletter sent by Smilee has a link, from which
you can block direct mailing to your email in the future, if you wish.

The right to have access to information (the right to check)

Everyone has the right to know, what information about
him/her has been saved in the register.

The right to demand for the information to be
corrected or deleted (the right to be forgotten)x

Smilee deletes, corrects or completes the incorrect, unnecessary,
insufficient or outdated information from its register from our own admission
or by the request of the registered subject.

The right to limit processing

The registered subject has the right to demand that the processing of
his/her personal data be restricted, for example when he disputes the accuracy
of his/her personal data and demands that his/her personal data be corrected or
removed. In this case, such personal data may only be retained, not processed
otherwise. The limiting of the processing of information is ensured by
technical measures.

Before the limiting of processing is deleted, Smilee
will inform the registered subject about it.

The right to resist the processing of personal

If we deal with your personal information on the basis
of our public interest or legitimate interest, you have the right to object to
the processing of your personal information to you in so far as there is no
such cause that would overrule your rights or that processing is not necessary
to deal with legal claims.

The right to transfer information from one system to another

Insofar the registered subject has provided
information in the customer register that is processed by the data subject’s
consent or assignment, the registered subject has the right to obtain such
information for himself/herself mainly in a form that can be used in a
machine-readable manner and the right to transfer this information to another

Withdrawing consent

If personal data is processed based on the consent of
the registered subject, the registered subject has the right to withdraw his/her
consent by notifying Smilee. For example, every Smilee newsletter email has a
link, from which you may, if you wish, cancel your consent to direct mail in
your email in the future. You can also cancel your consent as described in
section 14.

The right to make a complaint to the supervisory authority

The registered subject has the right to file a
complaint with the competent supervisory authority if the registrar fails to
comply with applicable data protection rules 

14 Requests Regarding the Register

Queries and requests
related to the register can be submitted either personally on site by
submitting an identity document

Smilee responds to the requests within one (1) month of the request, unless there are special reasons to extend the response time. We may also refuse to execute your claim on the basis of the applicable law.

15 The Compulsion of the Information

If you do not agree to the processing of your personal data within the purposes and rights of this Privacy Policy, we will not be able to serve you and fully fulfill the purpose of our work. If you do not wish for us to process the information in accordance with these principles, we request that you do not share any information with us.