Skip to main content

Registers

IN NET OY’S CUSTOMER AND DIRECT MARKETING DATA FILE PRIVACY POLICY

  1. Data controller

In Net Oy (“In Net” or “we”) processes the personal data of its customers for the management of customer relationships, enabling customer communications, and for direct marketing purposes.

In addition to private individual customers, In Net may process the personal data of representatives of current or potential corporate customers and business partners as part of this register.

It is important to In Net that you understand how we process your personal data. Below, we provide further information regarding the processing of your personal data.

Please note that this Privacy Notice applies only to the processing of personal data carried out by In Net in its capacity as a data controller.

  1. Contact information

Contact details of the data controller:

In Net Oy

Business ID: 0735508-2
Address: Kerintie 20, 15500 Lahti, Finland
Telephone: +358 40 831 6150
Email: tuki@innet.fi
Website: innet.fi

Hygga’s data protection officer:

Jenna Vihervuori, jenna.vihervuori(at)innet.fi

  1. Collected data
  • First and last name
  • Email address
  • Postal address
  • Telephone number
  • Invoices and billing information
  • Other information provided by the customer
  • For representatives of corporate customers or business partners: organization, position, and other information relating to the customer or partnership relationship

Customer and marketing data may also be used for customer relationship management, communications, or marketing purposes.

The personal data of representatives of corporate customers is used solely for communications and marketing directed at the represented organization.

  1. How do we collect personal data?

The personal data processed under this Privacy Notice is obtained from the data subjects themselves.

The personal data of representatives of corporate customers or partners may also be obtained from the organization that employs or is represented by the individual concerned.

In addition, personal data may be collected from public and private registers.

  1. Purposes and legal basis of data processing

Customer and marketing data may also be used for the following purposes:

Customer communications and customer relations management (legal basis of processing: performance of a contract and legitimate interest)

Customer data is used for managing, administering, maintaining, and developing the customer relationship between In Net and the customer.

Direct marketing (legal basis of processing: legitimate interest)

We process personal data to contact our customers concerning services. Personal data may be used for In Net’s marketing activities. You have the right to object to direct marketing.

Complying with our legal obligations (legal basis of processing: legal obligation)

In certain situations, In Net may process personal data in order to manage and fulfil its statutory obligations. This includes, for example, processing data to comply with accounting requirements.

Processing of claims and legal procedures (legal basis of processing: legitimate interest)

In Net may process personal data in connection with legal claims, debt collection, and legal proceedings. We may also process personal data to prevent fraud and misuse of our services and for information, system, and network security purposes.

Legal basis of processing

In Net primarily processes personal data in order to fulfil its contractual obligations towards you or the organization you represent, as well as to comply with legal obligations.

In addition, we process personal data on the basis of our legitimate interests to conduct, maintain, and develop our business operations and to establish and maintain customer and partnership relationships.

When we process your personal data on the basis of legitimate interest, we balance our legitimate interests against your right to privacy.

  1. Retention period

We retain our customers’ personal data only for as long as required by law or as necessary for the purposes specified above. The retention period depends on the nature of the data and the purpose of processing. Consequently, the maximum retention period may vary on a case-by-case basis.

  1. Transfer of personal data outside the European Economic Area

As a rule, In Net stores your personal data within the European Economic Area (EEA).

However, in some situations we may transfer personal data to be processed outside this area. In such cases, we shall take measures to ensure a sufficient level of protection for your personal data in the location where it is processed. We shall ensure a sufficient level of data protection for personal data transferred to countries outside the EEA by signing agreements with our service providers that are in compliance with the standard clauses set out by the European Commission or other similar arrangement, such as a Privacy Shield arrangement.

  1. Processors of personal data

We do not disclose your personal data to parties outside the In Net organization except in the following situations:

Legal grounds

We may disclose personal data to parties outside the In Net organisation if access to said personal data is necessary, on reasonable grounds, for (i) compliance with applicable legislation, regulations or court decisions; (ii) the detection, prevention or other processing of fraud, money laundering, terrorism financing or issues related to information security or technical difficulties; or (iii) the protection of the property or safety of In Net or its customers, or purposes carried out in the public interest in compliance with legislation.

Authorised service providers

We may disclose personal data to authorized service providers performing services on our behalf. Our agreements with service providers contain commitments requiring them to limit the use of personal data and to comply with privacy and security standards at least equivalent to those set forth in this Privacy Notice.

With your express consent

We may disclose personal data to third parties outside the In Net organization for reasons other than those described above where we have the explicit consent of the data subject. The data subject has the right to withdraw consent at any time.

  1. Rights of the data subject

Right of access to information

Data subjects have the right to access their personal data processed by Hygga. If you wish, you can contact us to learn more about the type of personal data we process and their purposes of processing.

Right to request rectification

Data subjects have the right to access the personal data processed by In Net. You may contact us to find out what personal data we process and for what purposes it is used.

Right to request erasure of data

You may request us to erase your personal data. We will perform the requested measures, barring legitimate grounds to refrain from erasing the personal data.

Right to object to and restrict processing

You have the right to object to the processing of your personal data or profiling when your data is processed for direct marketing purposes. You also have the right to request restriction of processing, for example where the personal data concerning you is inaccurate. In certain specific situations, you additionally have the right to object to processing based on a personal situation.

Right to transfer data to another system

Data subjects have the right to receive a copy of their personal data stored by us in a structured, commonly used format, as well as the right to independently transfer their data to a third party.

Exercising your rights

If you wish to exercise any of the rights described above, please send In Net the following information by post or email:  name, address, telephone number, and a copy of a valid identification card. We may request that you provide further details in order to confirm your identity.

We may deny requests that recur unreasonably often or are excessive or clearly unfounded.

  1. Direct marketing

We may send you newsletters and other direct marketing communications regarding our services.

In Net also sends marketing communications to prospective corporate customers whose personal data has been collected from public registers.

Data subjects always have the right to prohibit the use of their personal data for direct marketing, market research, or profiling by contacting us using the contact details above or by using the unsubscribe option provided in marketing communications.

  1. Information security

We have implemented administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process.

Our security measures are designed to maintain an appropriate level of confidentiality, integrity, and availability of personal data.

Personal data may only be processed by persons whose work duties justify such access. Access to personal data is protected by appropriate user-specific credentials, passwords, and access rights.

If, despite our security measures, a personal data breach occurs that is likely to adversely affect your privacy, we will notify the relevant individuals, other affected parties, and, where required under applicable data protection legislation, the competent authorities as soon as possible.

  1. Filing a complaint

You have the right to lodge a complaint with a supervisory authority if you believe that In Net’s processing of personal data violates applicable data protection legislation.

The Data Protection Ombudsman acts as the local supervisory authority in Finland (tietosuoja.fi)

Last updated: 30.6.2026

 

WEBSITE PRIVACY POLICY FOR IN NET OY

  1. Data controller

In Net Oy (“In Net”) processes information relating to website visitors in connection with the provision and maintenance of its website. We store analytics data relating to website visitors.

It is important to us that you understand how we process your personal data. Below we provide further information regarding the processing of your personal data.

Please note that this Privacy Notice applies only to the processing of website visitors’ personal data carried out by In Net in its capacity as a data controller on the website hyggasolutions.com.

Information used for direct marketing is processed as part of our Customer and Direct Marketing Register, the Privacy Notice for which can be found at the beginning of this page.

  1. Contact information

Contact details of the data controller:

In Net Oy

Business ID: 0735508-2
Kerintie 20, FI-15500 Lahti, Finland
Telephone: +358 40 831 6150
Email: tuki@innet.fi
Website: innet.fi

Hygga’s data protection officer:

Jenna Vihervuori
jenna.vihervuori(at)innet.fi

  1. Processed personal data

We process feedback submitted through our website.

In addition, we may process certain technical information relating to all website visitors, which in some circumstances may constitute or contain personal data. Such information includes:

  • your IP address;
  • the time of your visit;
  • operating system and device type;
  • the URL through which you accessed our site;
  • your URL path on our site;
  • your geographical location.

 

  1. Cookies and analytics tools

We use cookies to improve the usability and functionality of our website. In addition, we use cookies for collecting analytics information and integrating social media accounts into our website.

A cookie is a small text file stored on a user’s computer. If you do not wish websites to store cookies on your device, you may disable cookies in your browser settings. In such cases, we cannot guarantee that our website will function in the best possible manner.

We use Google Analytics on our website. Further information regarding Google Analytics’ privacy practices is available on Google Analytics’ privacy website.

Additional information about cookies can be found here.

  1. How do we collect personal data?

When using the feedback functionality on the website, we receive information directly from the visitor.

Technical analytics data is collected automatically during website visits.

  1. Purposes and legal basis of data processing

Personal data may be processed for the following purposes in accordance with applicable legislation and consent where required.

Customer communications and customer relations management (legal basis of processing: performance of a contract and legitimate interest)

Information submitted through feedback forms may be used for customer service, communications, and the management and maintenance of customer relationships.

If you contact our customer service through a feedback form, we use the information provided to respond to inquiries, resolve potential issues, and process your message.

Analytics (legal basis of processing: legitimate interest)

We process website visitor information to analyze the volume and quality of website traffic, including the number of unique visitors and their geographical locations. We also analyze visitor navigation within our website and information regarding how visitors arrive at our website.

Direct marketing (legal basis of processing: legitimate interest)

If you contact us through a feedback form and indicate that you wish to receive direct marketing materials, we may process your personal data to send you direct marketing communications, including information about current offers and events.

More information regarding the use of personal data for direct marketing is available in our Customer and Marketing Register Privacy Notice.

You always have the right to object to electronic direct marketing.

Legal grounds for processing personal data

We process information relating to website visitors based on our legitimate interest in maintaining and developing our business operations, including collecting website analytics.

When processing personal data based on legitimate interest, we balance our legitimate interests against your right to privacy.

In addition, we process personal data on the basis of consent where a visitor has provided consent for such processing.

  1. Duration of storage

We retain website visitors’ personal data only for as long as required by law or as necessary for the purposes specified above. The retention period depends on the nature of the data and the purpose of processing. Consequently, the maximum retention period may vary on a case-by-case basis.

  1. Transfer of personal data outside the EEA

We mainly process the personal data of website visitors within the European Economic Area.

However, in some situations we may transfer personal data to be processed outside this area. In such cases, we shall take measures to ensure a sufficient level of protection for your personal data in the location where it is processed. We shall ensure a sufficient level of data protection for personal data transferred to countries outside the EEA by signing agreements with our service providers that are in compliance with the standard clauses set out by the European Commission or other similar arrangement, such as a Privacy Shield arrangement.

9.Recipient groups of personal data

We do not disclose website visitor information to parties outside the In Net organization except in the following situations:

Authorized service providers

We may disclose personal data to authorized service providers performing services on our behalf, such as hosting providers. Our agreements with service providers include obligations requiring them to limit the use of personal data and to comply with privacy and data security standards at least equivalent to those described in this Privacy Notice.

For legal grounds

We may disclose personal data to parties outside the In Net organisation if access to said personal data is necessary, on reasonable grounds, for (i) compliance with applicable legislation, regulations or court decisions; (ii) the detection, prevention or other processing of fraud, money laundering, terrorism financing, or issues related to information security or technical difficulties; or (iii) purposes carried out in the public interest in compliance with legislation.

With your express consent

We may disclose personal data to third parties outside the In Net organization for reasons other than those stated above where we have obtained the explicit consent of the data subject. You have the right to withdraw your consent at any time by contacting us.

 

10. Rights of the Data Subject

Right of Access

You have the right to access the personal data processed by In Net.

You may contact us to find out what personal data we process and for what purposes such data is used.

Right to Rectification

You have the right to have inaccurate, incorrect, incomplete, outdated, or unnecessary personal data corrected or supplemented.

Right to Erasure

You may request that we delete your personal data.

We will comply with your request unless we have a legitimate reason not to erase the information.

Right to Object and Right to Restriction of Processing

You have the right to object to the processing of your personal data or profiling where your data is used for direct marketing purposes.

You also have the right to request restriction of processing, for example where the information relating to you is inaccurate.

Furthermore, in certain specific situations, you have the right to object to the processing of your personal data where the objection is based on your particular personal circumstances.

Right to Data Portability

You have the right to receive the personal data you have provided to us in a structured, commonly used format and to transfer that data independently to a third party.

Exercising Your Rights

If you wish to exercise any of the rights described above, please provide us by post or email with sufficient information to identify your website visit.

To verify your identity, we may request additional information.

We may refuse requests that are unreasonably repetitive, excessive, or manifestly unfounded.

  1. Information security

We have implemented administrative, organisational, technological and physical protective measures aimed at ensuring the information security of the personal data we collect and process. Our protective measures are designed to maintain a level that is appropriate for ensuring the confidentiality, integrity and availability of data.

Personal data may only be processed by persons authorised to do so on grounds of fulfilling their work duties. The processing of personal data is protected with the appropriate user-specific credentials, passwords and access rights.

If regardless of data security measures there is a data security breach that is likely to have negative effects on your privacy we shall notify the appropriate persons and other affected parties of the breach as soon possible in accordance with applicable legislation, as well as authorities if required by applicable data security legislation.

  1. Filing a complaint

You have the right to lodge a complaint with a supervisory authority if you believe that In Net’s processing of personal data violates applicable data protection legislation.

The Data Protection Ombudsman acts as the local supervisory authority in Finland (tietosuoja.fi)

Last updated: 30.6.2026

News