Privacy Policy in accordance with the EU General Data Protection Regulation (2016/679)

Data controller

Clonet Oy (2796796-7)
Luuvantie 42
02620 Espoo

Contact person for data files

Sari Siitonen

Name of the database

The user register of the service

Purpose and legal basis for processing personal data

The data controller processes personal data for the general purpose of providing member services and managing the organization's activities. The controller uses personal data for the company's marketing purposes following the applicable data protection legislation.

Content of the database

The database contains the following personal data related to the identification of the registered user: username, email address, country of origin, and type of user (business user, private individual, researcher, verifier). Other information includes the initial data for the emission calculation given by the user.

Data sources

Personal data is collected from users when they register for the service and/or use it.

Data recipients

The database and the data it contains are used only by the administrative team of the service, which includes, in addition to the data controller, Codelia Oy, a subcontractor of Clonet Oy. The controller will not disclose any personal data to third parties unless legally obliged by a public official.

Transfer of data outside the EU or EEA

The data controller will not actively transfer or disclose personal data outside the EU or EEA.

Data retention

Personal data is stored in the database for as long as a member is registered to the service.

Database security principles

The database is used by the administrative team of the service. Personal data will be kept confidential. The network and equipment on which the database is stored are protected by a firewall and other necessary technical and organizational measures, taking into account the available technical possibilities and the cost of the measures.

Registered user rights

According to current applicable data protection legislation, persons whose personal data is stored in the register have the right to:

  • Check their personal data stored in the database.
  • Demand the correction of false or incomplete information or the removal of outdated information by sending a written request to or by personally updating their information in the database.
  • Prohibit the use of their personal data for direct marketing by sending a written request to
  • Make a complaint to a public official if they think their personal data has been handled contrary to this Privacy Policy and the current applicable personal data legislation.

This Privacy Policy was updated on May 24, 2018.