Our privacy policy

Your privacy and keeping you informed on processing your personal data are important to us. This Privacy Notice provides you with information on how we collect and process personal data of our clients, potential future clients and our business contacts.

GDPR

When processing your personal data, we are bound by the European Union Regulation 679/2016 ("GDPR"). Sako Limited is the owner of brands SAKO and TIKKA and this privacy policy will be applied to personal data processing under both brands. Sako Limited is a company of Beretta Holding Group.In case of any questions, please contact: info@sako.fi.

Sako Limited March 2023

1. Why we process personal data?

We process your personal data for the purposes of

  1. Managing business relationships with you as our client or business partner,

  2. Fulfilling our contractual obligations to you either as our business partner or as our client,

  3. Fulfilling our legal obligations,

  4. Offering, marketing and advertising our products and services,

  5. Developing our products and services,

  6. Creating and developing understanding of our markets and client basis, and

  7. Developing our client management and retention programs.

2. What is our legal basis for processing personal data?

When processing your personal data for the purposes described above, our processing is on our legitimate interest as a data controller in accordance with the GDPR and fulfilling our contractual obligations to you either, as our business partner, or as our client while providing our products and services unless otherwise defined below. In case you, as our client or business partner, give your consent, your personal data will be processed by Sako Limited and its data processors for the creation of profiles based on tastes, preferences, habits, on the details of your purchases as well as on data directly supplied by you to improve our market understanding and the quality of services offered to you by Sako Limited.

In case you, as our client give your consent, your personal data will be processed by Sako Limited and its data processors for offering, marketing and advertising our products and services to you.

3. What personal data we process and what are our data sources?

Your personal data that we process mainly includes the following:

  1. Customer identification information, such as your name and your contact information (email, address, phone number(s)), together with information of your fire arm(s) as provided by you;

  2. Business partner’s identification information, such as your name and your contact information (email, address, phone number(s)), together with information of your role in connection to us such as your company or employer information, position and title as provided by you, your employer or company representative or as available on public sources such as company websites and company registers;

  3. Regarding business partner’s also data obtained and/or collected from public information sources such as your company websites and public registers in course of possible business partner identification and while conducting our business with you;

  4. Information regarding your purchases as provided by you or as generated during the purchase process;

  5. Managing business relationships with you as our client

  6. Information provided to us by you for attending our meetings and events or responding to our surveys and queries or using our mobile applications;

  7. Information about your participation to our events; and

  8. Data generated by us while providing our services or products to you or conducting our business with you otherwise in order to provide our products and services.

4. How long do we store your personal data?

Your personal data processed for the purposes of points i-iii referred in Section 1 (managing business relationships with you as our client or business partner; fulfilling our contractual obligations to you either as our business partner or as our client; and fulfilling our legal obligations) will be stored as long as our business relationship or contractual obligations to you including without limitation possible product warranties or periods of liability remain in force and, in any case, in compliance with the time limits indicated by the applicable regulatory and regulatory provisions. The data processed for the purposes of points iv-vii referred in Section 1 (offering, marketing and advertising our products and services; developing our products and services; creating and developing understanding of our markets and client basis; and developing our client management and retention programs) will be retained until you request the withdrawal of consent given to the pursuit of the aforementioned purposes, with the exception of data relating to the details of purchases that will be kept for 12 months from registration for profiling purposes and for 24 months from registration for marketing purposes.

After this period the data will be deleted or completely anonymized.

5. Do we share and transfer your personal data?

We may use subprocessors to process your personal data and in that case we will take appropriate safeguards and contractual obligations required by applicable data protection laws to ensure your privacy. The list of subprocessors is constantly updated and is available, upon request, by sending a communication to the address below or an e-mail to info@sako.fi. For your information, at the time being, we utilize Salesforce as our system to store and process your personal data to extent of purposes defined above. This data may be processed outside the EU/EEA. The Salesforce Privacy Policy is available at https://www.salesforce.com/company/privacy/full_privacy/ and we together with our subprocessors have taken appropriate safeguards and contractual obligation required by applicable data protection laws while using Salesforce. Namely, Salesforce Inc. is certified to the EU-U.S. Privacy Shield Frameworks as administered by the U.S. Department of Commerce, in order to implement appropriate safeguards for transferring personal data outside the EU/EEA and the European Commission-approved standard contractual clauses or binding corporate rules will apply with respect to personal that is transferred outside the EU/EEA, either directly or via onward transfer, to any country not recognized by the European Commission as providing an adequate level of protection for personal data. We also utilize HubSpot to store and process your personal data to extent of purposes defined above. This data may also be processed outside the EU/EEA. The HubSpot Privacy Policy is available at https://legal.hubspot.com/privacy-policy and we have taken appropriate safeguards and contractual obligation required by applicable data protection laws while using HubSpot. Namely, HubSpot Inc. is certified to the EU-U.S. Privacy Shield Frameworks as administered by the U.S. Department of Commerce, in order to implement appropriate safeguards for transferring personal data outside the EU/EEA and the European Commission-approved standard contractual clauses will apply with respect to personal that is transferred outside the EU/EEA, either directly or via onward transfer, to any country not recognized by the European Commission as providing an adequate level of protection for personal data.We may share your personal data with other companies of Beretta Holding Group, and with our importers in different countries as well as with our suppliers when they perform services, local marketing and other such actions on our behalf under contractual obligations to us and only to the extent of the purposes defined above. Otherwise we do not distribute or share your personal data to third parties for marketing purposes.

6. How do we protect your personal data?

We implement appropriate technical and organizational measures against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to personal data by, for example, maintaining security policies and procedures to ensure our systems are secure and protected. Processing of your personal data is limited to personnel who needs to access data for the purposes above while we provide our services. We provide training to our personnel regarding privacy, data protection and security.

7. Your rights as a data subject

You have certain rights relating to your personal data, subject to local data protection laws. Depending on the applicable laws and these rights may include:

  • To access your personal data held by us (right to access);

  • To rectify inaccurate personal data and, taking into account the purpose of processing the personal data, ensure it is complete (right to rectification);

  • To erase/delete your personal data, to the extent permitted by applicable data protection laws (right to erasure; right to be forgotten);

  • To restrict our processing of your personal data, to the extent permitted by law (right to restriction of processing);

  • To object to any processing of your personal data carried out on the basis of our legitimate interests (right to object). Where we process your personal data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection;

  • Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects;

  • To the extent we base the collection, processing and sharing of your personal data on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.

  • Kindly notice that we need to be able to check your identification for enabling you to exercise your rights.

  • In case of complaints that should be filed to supervising authority, please visit at

     

    https://tietosuoja.fi/havaitsitko-epakohdan-henkilotietojen-kasittelyssa (in Finnish)

     

    or

     

    https://tietosuoja.fi/en/have-you-noticed-a-processing-violation (in English).

8. Cookies and instructions for using cookies

We use cookies for monitoring traffic in our network and for identifying network visitors and for developing our service in order to improve client experience as well as to target advertising, marketing and remarketing. Cookies are small code files which are stored by browsers and are often used for distinguishing website visitors from each other.Each visitor has the option to choose whether or not a cookie is installed in the browser in connection with a visit. When you visit our website for the first time, we ask you about using a cookie, and a cookie will not be installed on your computer without your consent. A cookie will only be installed if you accept the cookie by selecting the "Accept" button. If you object to the installation of cookies, you should select the "Decline" button, and in this case the cookie will not be installed. If you have previously accepted the cookies, we will not display the cookie notification again. You may also choose to visit our website in incognito mode. In this case we will not record your visit. If you want to remove all cookies from your computer, we recommend that you access the instructions for using your web browser and delete all the installed cookies yourself. We also use Facebook Pixel cookies for applying functions of advertising and marketing relating to target groups, conversions, targeting and optimization, as well as for using Facebook Analytics data. You can always check and edit your own settings relating to the targeting of Facebook advertisements. Further information is available at https://www.facebook.com/help/568137493302217?helpref=faq_content.

9. How to contact us?

Data controller: Sako Limited Address: P.O. BOX 149, FI-11101 RIIHIMÄKI, FINLAND Email: info@sako.fi Phone: (+358) 10 830 5200