en 
fiData protection policy
Created on 12 April 2018. Last updated on 23 May 2025.This is the privacy and data protection policy of SF-Fennica Oy, in accordance with the Finnish Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR).
Data Controller
SF-Fennica Oy / Mokkimies.com
Sulankaari 8, 13
04320 Tuusula, Finland
TEL. +358-10-525 1826
VAT Reg. FI22901109
Customer Service +358 10 525 1826
Weekdays 10:00 - 16:30
The data processor is Cloud City Oy, Tähdenlennonkuja 1, 02240 Espoo. The data controller is responsible for the protection of personal data and cannot collect personal data without consent. The processor handles personal data on behalf of the controller.
We collect personal data to manage the customer relationship. The legal basis for processing personal data is the agreement between us and the customer and the statutory obligations arising from it. Providing personal data is a prerequisite for entering into the agreement. In other words, you cannot order products or services from us without consenting to the processing of your personal data.
We also collect personal data for marketing purposes. In this case, the legal basis for processing is consent.
We do not carry out profiling or make automated decisions concerning you.
Your personal data may be disclosed to:
- yourself
- our company and its employees
- the company responsible for our website operations (Cloud City Oy, Oscar Software Oy)
- payment processors receiving your payments (Paytrail Oyj, Klarna, PayPal)
- the delivery company transporting goods to you (Posti Group Oyj, Matkahuolto Oy, DHL, UPS)
- the accounting firm handling our bookkeeping (Talenom Oy)
- auditor reviewing our accounts (Eurotase Oy Finland, Pekka Niemi, KHT)
- CRM and personal data processing system (Klaviyo)
- other parties involved in website operation
- Paytrail collects IP address, payment method, and timestamp during payment
- https://www.paytrail.com/en/data-privacy-notice
- in the online store for at least five years
- in email archives for at least seven years
- in accounting materials for at least seven years
- the right to access your personal data
- the right to rectify the data
- the right to restrict processing
- the right to object to processing
- the right to withdraw consent
- the right to lodge a complaint with the supervisory authority
We use Oscar Software and Klaviyo systems for customer management. These systems are used to process the following information related to you:
- Website usage data: such as pages viewed, downloaded content, and orders placed
- Customer data: name and email address
- Online store behavior: interests, product categories, and order history
- Email communication: delivery, opens, and clicks through the Klaviyo platform
Cart Reminder:
The cart reminder system collects information entered at checkout even if the order is not completed. Our system saves the email address and cart contents to send a reminder. If the customer does not complete the purchase, a reminder email is sent automatically. You can always choose whether you want to receive cart reminder emails in the future.
More Information:
Individuals listed in the register have the right to request the deletion of their personal data (“right to be forgotten”). Additionally, data subjects have all rights granted by the EU GDPR. Requests must be submitted in writing to the data controller. The controller may request proof of identity if necessary. The controller will respond within the time specified in the GDPR (typically within one month).
The data stored in the register is collected from the customer via web forms, email, phone, social media services, agreements, customer meetings, and other situations where the customer voluntarily provides their information. Data may also be transferred by the controller outside the EU or EEA.
Please note that you only have the “right to be forgotten” if there are no legal obligations requiring us to retain your personal data.
