Terms and Conditions
Privacy Policy
This Privacy Policy informs solely about the customer register of Jarcce Oy’s Johku online store and the principles of data processing.
We may occasionally update our privacy practices and this policy. We recommend reviewing our privacy policies regularly.
1. Data Controller
Jarcce Oy
Kotilehto 3
+358408210426
info@jarcce.fi
Business ID: 3106983-6
2. Contact Person Responsible for Register Matters
Jari Romppainen
Kotilehto 3
+358408210426
info@jarcce.fi
3. Register Name
Customer register of Jarcce Oy’s online store
4. Legal Basis and Purpose of Processing Personal Data
The legal basis under the EU General Data Protection Regulation (GDPR) for processing personal data is the contract formed when a customer orders products and/or services from Jarcce Oy’s online store.
The register enables online commerce, including the transmission of order, billing, payment confirmation, and processing information between Jarcce Oy and the customer. The register is also used for customer service, maintaining the customer relationship, and electronic marketing communication when the customer has given their consent.
Jarcce Oy does not store orders or related information for products from other merchants.
Data is not used for automated decision-making. Profiling may be used.
5. Data Content of the Register
First and last name
Address
City
Country
Phone number
Email address
Personal identity number (private billing customers)
Order source page
For companies:
Company name
Business ID
E-invoice address
Intermediary ID
Reference
Identifier
Customers may also provide other relevant free-form information in the process-specific additional information field.
Data Retention Period
Data is retained as long as there is a valid agreement and/or consent between the user and Jarcce Oy.
Data may be retained longer if required by law, such as accounting or consumer sales obligations.
6. Regular Data Sources
Data is collected using electronic forms in the Johku service. Customers input the data personally when ordering from Jarcce Oy’s Johku online store.
7. Regular Data Disclosures and Transfers Outside the EU/EEA
Data is not disclosed to third parties and remains with the data controller. Data may be technically processed outside the EU/EEA.
8. Principles of Data Protection
Care is taken when handling the register, and information processed via systems is appropriately secured. When register data is stored on internet servers, physical and digital data security is ensured. Access to stored data is restricted to authorized employees only.
Electronically Stored Data
The register is hosted on the Johku platform and technically maintained by Aptual Commerce Oy. Only the data controller and technical support staff at Aptual Commerce Oy have access to complete register data.
More about Johku’s privacy principles: johku.fi/fi/tietosuoja
Manual Material
We primarily avoid printing register data. If manual material is created, it is stored in a locked space with access only by the data controller.
9. Right to Access and Rectify Data
Everyone has the right to review their data and correct any incorrect or incomplete information. Jarcce Oy uses the Johku system to automate this right:
Johku communicates with users via the “Oma Johku” service, linked in confirmation messages. In Oma Johku, users can view and correct their data, download it in structured format, or delete their Oma Johku profile. The service is available at johku.com/customer.
If a user terminates their Oma Johku profile, automated tools become unavailable. Further requests (access, correction, deletion, restriction, portability) must then be made in writing directly to Jarcce Oy. Proof of identity may be required. Jarcce Oy will respond within one month as required by the GDPR.
The Oma Johku service is free to use.
10. Other Rights Related to Personal Data Processing
The data subject has the right to request the erasure of their data (“right to be forgotten”) and other rights under the GDPR, such as restriction of processing.
Please note that data in Jarcce Oy’s customer register is created when a customer purchases products and/or services. Therefore, legal obligations like accounting and taxation may require retention of such data.
Requests must be submitted in writing to the data controller. Proof of identity may be required. The data controller will respond within the timeframe set by the GDPR (typically within one month).
11. Cookies
This website uses cookies. A small file is sent to your browser and saved on your device. Both session cookies (deleted when the browser is closed) and persistent cookies (stored on the device) are used.
Cookies improve the user experience. For registered users, they manage login and access to restricted pages. Cookies may also track user interests and affect service usability.
Browsers usually accept cookies by default. You can disable cookies in your browser settings, though this may affect functionality.
Advertising cookies may help optimize the user’s ad experience. Some third-party providers, such as Google, may use cookies or web beacons (1-pixel images) to enhance advertising.
Information collected via cookies and web beacons does not contain personal data and cannot be linked to an individual.
Prepared: August 6, 2025