Espatent

Asiantunteva ja innostunut patenttitoimisto

Data Controller

Espatent Oy
Kaisaniemenkatu 4, 00100 Helsinki, Suomi
Y-tunnus: 2029889-5
+358 10 219 0720
info@espatent.fi

Contact Person for Data Protection Matters

Sanna Kalliola
+358 40 8457265
sanna.kalliola@espatent.fi

Purposes for Processing Personal Data

Espatent Oy processes personal data for the following purposes:
– management of customer and stakeholder relationships (communication, assignments, contracts, invoicing)
– management of employment relationships and fulfilment of employer obligations
– sales and marketing communications
– compliance with legal obligations

Personal data are processed on the following lawful bases under the GDPR:
– performance of a contract or steps prior to entering into a contract
– employment relationship
– compliance with a legal obligation
– legitimate interest of the data controller

Categories of Personal Data Processed

Rekisteri voi sisältää mm. seuraavia tietoja:
– name
– employer / company
– contact details (address, email address, telephone number)
– customer, assignment, and correspondence information
– invoicing and contract‑related data
– with respect to employees: personal identity code, bank account details, education and employment data, absence and sick leave information
– The sender’s IP address is stored when forms are submitted via the website

Sources of Personal Data

Personal data are obtained primarily from the data subject, or from customers or stakeholders.

Disclosure and Transfer of Personal Data

Personal data are disclosed to third parties only when necessary and only to the extent required for the purposes of processing,

Personal data may be transferred to public authorities as required by law.

Personal data are not used for direct marketing purposes.

Personal data may be transferred to service providers selected by the data controller, who process personal data on behalf of the data controller on the basis of an agreement between the parties. Personal data are not transferred outside the EU or EEA unless requested by the customer or unless appropriate safeguards are in place.

Data security

Due care is exercised in the processing of personal data, and data processed by means of information systems are appropriately protected. Backup, technical protection, and security against data breaches and other intrusions are entrusted to professional service providers.

Retention Periods

Personal data are retained only for as long as necessary to fulfil the purposes for which they were collected or as required by applicable legislation. Employment‑related data are retained in accordance with statutory retention obligations.

Rights of the data subject

Each person whose data are recorded in the register has the right to inspect their personal data and to request the rectification of inaccurate data, completion of incomplete data, or deletion of data that are unnecessary for the purposes of processing. The data subject also has the right to prohibit the data controller from processing their personal data for direct advertising, distance selling, other forms of direct marketing, as well as market and opinion research.

If a person wishes to inspect the data stored about them or request rectification, the request must be submitted in writing or by email to the data controller’s contact person. The data controller may, if necessary, request the requester to verify their identity. The data controller shall respond within the time limits set out in the EU General Data Protection Regulation.

Cookies

The website espatent.fi uses cookies. Cookies are used, among other things, for statistical purposes. Cookies are small text files exchanged between the browser on a device and a server.

This document is a combined register description and information notice in accordance with the Finnish Personal Data Act (523/1999, Sections 10 and 24) and Articles 12 and 13 of the EU General Data Protection Regulation (EU) 2016/679.

This notice was last updated on 26 April 2026.

Back to top