Privacy Policies - Maston

Maston & GDPR

GENERAL: The EU Data Protection Regulation will enter into force on 25 May 2018. From that point on, all personal data processing must comply with the Privacy Policy.

Customer Privacy Policy

PRIVACY STATEMENT (Effective from 01.01.2018)
Personal Data Act (523/1999) § 10 and § 24

1.         Controller

Maston Oy

Teollisuustie 10, 02880 Veikkola, Finland

Tel.: 020 7188 580


Business ID: 0680640-0


2.         Person in charge of register matters

Jaana Stenbäck / Maston Oy

Customer services: 020 7188 580


3.         Name of the file

Maston Oy's customer register


4.         Purpose of processing personal data

Personal data recorded in the personal data file may be used for maintaining, management, analysing, and development of customer relationships or any other relationship based on relevant matters. As a part of maintaining and managing customer relationships data subjects may be sent customer communication, which may be produced either electronically or on paper. For instance, newsletters sent to customers constitute such customer communication. Maston Oy may use your personal data for customer communication purposes, e.g. in order to send you newsletters and other product related notices, in order to inform you about changes made to their services, and to request your feedback about products and services. Maston Oy may contact you in order to tell you about possible new products or services.

Personal data may also be used for Maston Oy’s advertising purposes, including direct advertising, as well as for purposes of market research and opinion polls. Data subjects may also be segmented and profiled such that they could be targeted with marketing materials of their interest. Profiling could be based e.g. on the areas of interest indicated by data subjects, or their purchasing history that may be collected on product-specific basis. Furthermore, personal data may also be used for planning and realisation of the controller’s business and for guiding their functions.


5.         Data content of the file

The following basic data and marketing related data of data subjects could be processed in the personal data file:

- give name and surname

- contact information (postal address, e-mail address, telephone and telefax numbers)

- gender

- personal identity number (subject to consent)

- beginning of the customer relationship

- campaigns / offers targeted towards the customers, as well as the use thereof

- direct marketing consents and denials

- direct marketing options

- technical information sent to the digital devices of Maston Oy’s customers (such as computers and mobile devices), as well as data concerning cookies and other similar techniques

- customer service calls, e-mails and on-line chats


Data concerning data subjects, who have purchased Maston Oy’s goods or services, given feedback and/or submitted claims in respect of the same 

- purchasing history

- data concerning invoicing, deliveries, returns, and collection (except for banking or credit card data, unless they are needed for refunding purposes)

- content of feedback and claims, any related communication, and follow-up measures.


Data concerning data subjects who have participated in Maston Oy’s events

- essential data about the organisation and the participation in the event


6. Regular sources of data

Data recorded in the personal data file are mainly received personally from the data subject, for instance at the beginning and in the course of the customer relationship, as well as from programs with which customers use our products and services. 


Maston Oy receives personal data and their updates also from authorities, organisations, and businesses that provide credit and personal data updating services, from social media companies, from public directories, and other public sources of information.


7. Regular disclosure of data and data transfer outside the EU or the European Economic Area

Personal data are not disclosed regularly outside the EU or the EEA. Otherwise personal data may only be disclosed within to the extent permitted and required by the currently effective legislation. For instance, subject to an effective order issued by a court of law, or another authority with sufficient powers. If transfer of data beyond the EU or the EEC is essential for purposes of processing of personal data, or technical implementation of data processing, the provisions regulating personal data protections shall apply.


Maston Oy may disclose your personal data in connection with a merger, takeover, and sale of assets of the company, or when the service is transferred to another service provider. Data may also be shared in connection with insolvency, bankruptcy, or liquidation proceedings, where users’ personal data are transferred to the other party in the course of the proceeding.


8. Protection of the file

Data recorded in the data file are stored in the electronic system of the controller, which can be accessed only by such pre-determined individuals being members of the controller’s staff, or acting in the name of the controller, who need access to the system due to their job duties or other similar reasons. The data file is located in an internet-based service, which is protected by an SSL protocol.