Terms and Conditions

Privacy Policy

This Privacy Policy informs solely about the customer register of Jarcce Oy’s Johku online store and the principles of data processing.

We may occasionally update our privacy practices and this policy. We recommend reviewing our privacy policies regularly.

1. Data Controller

Jarcce Oy
Kotilehto 3
+358408210426
info@jarcce.fi
Business ID: 3106983-6

2. Contact Person Responsible for Register Matters

Jari Romppainen
Kotilehto 3
+358408210426
info@jarcce.fi

3. Register Name

Customer register of Jarcce Oy’s online store

4. Legal Basis and Purpose of Processing Personal Data

The legal basis under the EU General Data Protection Regulation (GDPR) for processing personal data is the contract formed when a customer orders products and/or services from Jarcce Oy’s online store.

The register enables online commerce, including the transmission of order, billing, payment confirmation, and processing information between Jarcce Oy and the customer. The register is also used for customer service, maintaining the customer relationship, and electronic marketing communication when the customer has given their consent.

Jarcce Oy does not store orders or related information for products from other merchants.

Data is not used for automated decision-making. Profiling may be used.

5. Data Content of the Register

  • First and last name

  • Address

  • City

  • Country

  • Phone number

  • Email address

  • Personal identity number (private billing customers)

  • Order source page

For companies:

  • Company name

  • Business ID

  • E-invoice address

  • Intermediary ID

  • Reference

  • Identifier

Customers may also provide other relevant free-form information in the process-specific additional information field.

Data Retention Period

Data is retained as long as there is a valid agreement and/or consent between the user and Jarcce Oy.

Data may be retained longer if required by law, such as accounting or consumer sales obligations.

6. Regular Data Sources

Data is collected using electronic forms in the Johku service. Customers input the data personally when ordering from Jarcce Oy’s Johku online store.

7. Regular Data Disclosures and Transfers Outside the EU/EEA

Data is not disclosed to third parties and remains with the data controller. Data may be technically processed outside the EU/EEA.

8. Principles of Data Protection

Care is taken when handling the register, and information processed via systems is appropriately secured. When register data is stored on internet servers, physical and digital data security is ensured. Access to stored data is restricted to authorized employees only.

Electronically Stored Data

The register is hosted on the Johku platform and technically maintained by Aptual Commerce Oy. Only the data controller and technical support staff at Aptual Commerce Oy have access to complete register data.

More about Johku’s privacy principles: johku.fi/fi/tietosuoja

Manual Material

We primarily avoid printing register data. If manual material is created, it is stored in a locked space with access only by the data controller.

9. Right to Access and Rectify Data

Everyone has the right to review their data and correct any incorrect or incomplete information. Jarcce Oy uses the Johku system to automate this right:

Johku communicates with users via the “Oma Johku” service, linked in confirmation messages. In Oma Johku, users can view and correct their data, download it in structured format, or delete their Oma Johku profile. The service is available at johku.com/customer.

If a user terminates their Oma Johku profile, automated tools become unavailable. Further requests (access, correction, deletion, restriction, portability) must then be made in writing directly to Jarcce Oy. Proof of identity may be required. Jarcce Oy will respond within one month as required by the GDPR.

The Oma Johku service is free to use.

10. Other Rights Related to Personal Data Processing

The data subject has the right to request the erasure of their data (“right to be forgotten”) and other rights under the GDPR, such as restriction of processing.

Please note that data in Jarcce Oy’s customer register is created when a customer purchases products and/or services. Therefore, legal obligations like accounting and taxation may require retention of such data.

Requests must be submitted in writing to the data controller. Proof of identity may be required. The data controller will respond within the timeframe set by the GDPR (typically within one month).

11. Cookies

This website uses cookies. A small file is sent to your browser and saved on your device. Both session cookies (deleted when the browser is closed) and persistent cookies (stored on the device) are used.

Cookies improve the user experience. For registered users, they manage login and access to restricted pages. Cookies may also track user interests and affect service usability.

Browsers usually accept cookies by default. You can disable cookies in your browser settings, though this may affect functionality.

Advertising cookies may help optimize the user’s ad experience. Some third-party providers, such as Google, may use cookies or web beacons (1-pixel images) to enhance advertising.

Information collected via cookies and web beacons does not contain personal data and cannot be linked to an individual.

Prepared: August 6, 2025