Privacy Policy

This privacy policy was last updated on 26 February 2025 and applies to citizens and lawful residents of the European Economic Area and Switzerland.

In this privacy policy we explain what we do with the data we receive from you via https://hiil.fi. We recommend that you read this statement carefully. Our processing complies with data protection law. This means, among other things, that we:

  • clearly state the purposes for which we process personal data (through this privacy policy);
  • aim to limit the collection of personal data to what is necessary for lawful purposes;
  • ask for your explicit consent where required before processing your data;
  • take appropriate security measures to protect your data and require the same from processors;
  • respect your right to access, correct or delete your data on request.

If you have questions or want to know exactly what data we process about you, please contact us.

1. Purpose, data collected and retention

We collect or receive personal data for the following purposes related to our business:

  • Contact form: name, email, phone number and message. Purpose: to respond to your enquiries. Data is not stored permanently on our servers; it is sent by email to Hiil recipients. Email correspondence is retained for the duration of the communication.
  • Sample box order form: name, company, email, phone, postal address (street, postal code, city, country) and message. Purpose: to process and deliver sample box orders. Data is not stored permanently on our servers; it is sent by email. Email correspondence is retained for processing the order and any follow-up contact.
  • Nordbygg booking form (meeting slots): name, company, email, phone, message and chosen time slot. Only the booked slot identifier is stored on our servers (no name, email or other personal data). Personal data is sent by email to Hiil and a confirmation is sent to the person who made the booking; it is processed in accordance with this policy.

Form data is processed via email. We use the Resend service to send emails (as a processor); Resend processes data only for the purpose of transmitting the message.

2. Cookies

Our site does not use analytics or marketing cookies. The site may use only strictly necessary technical cookies to ensure functionality (e.g. language preference); these do not collect personal data. For more information see our cookie policy.

3. Disclosure

We may disclose personal data when required by law or court order, in response to a law enforcement request, or as otherwise permitted by law (e.g. matters of public security).

If our website or organisation is acquired, sold or involved in a merger or business transfer, your data may be disclosed to our advisers, potential buyers and the new owners.

4. Security

We are committed to the security of personal data. We take appropriate measures to limit misuse and unauthorised access, ensure that only necessary persons have access, and review our security measures regularly.

5. Third-party websites

This privacy policy does not apply to third-party websites linked from our site. We cannot guarantee that those third parties process your personal data in a reliable or secure manner. We recommend reading their privacy policies before use.

6. Changes to this policy

We reserve the right to change this privacy policy. We recommend that you review it periodically. We will inform you of changes where reasonably possible.

7. Your rights regarding your data

If you want to know what personal data we hold about you or to exercise your rights, please contact us using the details below. You have, among others, the following rights:

  • Right to be informed why your data is needed, what happens to it and how long it is kept.
  • Right of access: to obtain access to your data.
  • Right to rectification: to have your data completed, corrected or erased.
  • Where processing is based on consent, you have the right to withdraw consent and to request erasure of your data.
  • Right to data portability: to receive your personal data and have it transferred to another controller.
  • Right to object: you may object to processing of your data; we will comply unless we have compelling legitimate grounds.

Please identify yourself clearly so that we do not modify or delete the wrong person’s data.

8. Complaints

If you are not satisfied with how we process your personal data, you have the right to lodge a complaint with a supervisory authority (in Finland: Office of the Data Protection Ombudsman).

9. Contact

Hiil Oy
Huoltotie 3
80790 Kontiolahti
Finland

Website: https://hiil.fi
Email: joona.kotilainen@hiil.fi
Phone: +358 50 569 0586