1. General information
The purpose of this Privacy Notice is to describe how Axopar process your personal data; what personal data we collect, how the data is used and to whom the data is disclosed. In addition, we tell you how you can control the processing of your personal data.

Axopar’s business is focused on providing well-made, competitively priced and recognisable boats. This Privacy Notice applies to our customers (mainly the dealers and their customers) and potential customers including newsletter subscribers and web site users (later “you”). Personal data refers to information, which allows a person to be directly or indirectly identified as an individual person. Personal data includes the Internet Protocol (IP) address of the user.

Our website contains links to websites and services run by other organizations which we do not control. Please, note that this Privacy Notice does not apply to those other websites‚ so we encourage you to read their privacy notices. We are not responsible for the privacy notices and practices of other websites and services (even if you access them using links that we provide).

2. Controller and contact information
Company: Axopar Boats Oy
Business ID: 2611096-1
Address: Itämerentori 2, 00180 Helsinki

Point of contact
Name:  Anne Hakala
Phone number: +358 40 560 7901

3.Processing of your personal data
We collect and process only personal data which is relevant and necessary for the purposes outlined this Privacy Notice.

You provide us personal data when entering into a business relation with us, ordering/purchasing our products or services, participating in our promotional events, games or opinion/marketing research, visiting us, contacting us or communicating with us, or using our products and services (e.g. IT tools and web pages)

We also receive personal data from 3rd parties supporting the delivery of our products and the improvement of our services (e.g. web site analytics and personalised web content), and finding potential customers interested in our products.


Purpose of the processing

Personal data

Retention times


Sales and after sales:
orders/purchases, delivery, invoicing, (debt collection)
warranties, reclamation

Warranty and reclamation content (possible personal contact information)

Dealer identity and contact information (name, email, company address, phone number)

Information about the boat including the buyers wishes and preferences.

Buyer identity and delivery information (Name, Adress, Email, Phone number)


10 years after the financial year/accounting period (legal obligation)


 Vendor and Partner management

Identity and contact information (name, email, company address, phone number)

As long as the contract relationship is valid. Accounting data is stored 10 years after the financial year/accounting period (legal obligation)


Customer services

Identity and contact information, feedback/inquiry content and related communications

X months after the case has been resolved or closed

unless the case is related to sales (see sales retention time)



Marketing; Distribution of the email newsletter to the subscribers

Name and email address
Date and time for subscribing
IP address

Until the subscriber cancels the subscription

Cancel the subscription


Marketing; direct marketing by phone and mail, promotional events, competitions, surveys and research

Name, phone number and address, wishes and preferences

Six months as a maximum after the related marketing campaign.


Marketing; Tracking of service usage and web page behaviour for market analysis, research, personalised services and targeted marketing

See Cookie policy



Improvement of the web site functionality

See Cookie policy



Ensuring the security of our IT environments and protection of data

Access management and log data

Documented in the IT procedures


Fraud prevention

“know your customer” data
Rahanpesun ja terrorismin rahoittamisen estämisestä annetun lain (444/2017) määrittämät tuntemistiedot.

As long as required by act of law


The legal basis for processing sales activities is the performance of a contract or its preparation.

The legal basis for processing personal data for customer services, marketing, improvement of our services and the security of our IT environment is primarily our legitimate interest to
• serve our customers properly,
• provide you meaningful information and web services,
• improve the usability of our services / web site for you,
• improve the user experience of our services for you,
• protect our IT environment
• and improve, grow and promote our business

Certain processing is based on your consent, such as newsletter subscription (electronic direct marketing) and additional data you provide voluntarily (e.g. in your feedback or other communications). You can withdraw your consent at any time by unsubscribing the newsletter following the instructions in the newsletter or using the unsubscribe function on our web site. We may also process personal data due to legal obligations e.g. to operate appropriate security measures for the protection of data and to perform fraud prevention.

The Personal data we collect are retained for the period necessary to fulfil the purposes outlined in this Privacy Notice unless a longer retention period is required by law, or we need it to protect our legal rights. Thereafter, the Personal data will be deleted within a reasonable timeframe or rendered anonymous.

4.Recipients of Personal data
We utilise 3rd parties to deliver our business and have delegated some of the business related operations to processors of your personal data. Those recipients are listed the table below.

Category of recipients



IT service providers

DL software, Hubspot, Entia It Oy Ab, Creamarketing, Microsoft (office365)
Dropbox, Genero, Streamsoft, Netvisor



 Marketing service providers (advertising)

Creamarketing, Adstream


Statistics and reports

Google Analytics


Transfer outside EU/EEA
When Personal data are transferred outside EU/EEA, the transfer is secured by legal measures, appropriate safeguards. The following recipients may process data outside EU/EEA:


Transfer safeguard


Google Analytics

EU-US Privacy Shield




EU-US Privacy Shield



EU-US Privacy Shield


Other transfers
In addition, we may share your information in connection with any merger, sale of our assets, or a financing or acquisition of all or a portion of our business and in connection with other similar arrangements.

Personal data are also disclosed to third parties if required under any applicable law or regulation or order by competent authorities, and to investigate possible infringing use of the products and services as well as to guarantee the safety of the products and services.

5. Protection of Personal data
We commit to follow to the security provisions of applicable data protection regulations, as well as to process Personal data in compliance with good processing practices.

Personal data are protected with appropriate technical and organizational measures. We store the information in secured IT-environments that are protected with adequate security technics. Our personnel and processors that process personal data are obliged to keep the personal data strictly confidential. Access to personal data is only granted to those employees that need the information to perform their work tasks. Employees and processors have personal IDs and passwords.

We inform the authorities and users of data breaches according to applicable information security and data protection regulation(s).

6. Your rights and the Supervisory authority
You have the rights set out in the applicable data protection legislation.
- You have the right to have confirmed if we process your personal data.
- You have the right to verify and access your personal data and to request us to provide you the data in writing or electronically
- You have the right to have corrected any incorrect or incomplete personal data. You have also the right to request us to remove data
- You have the right to transmit to another controller the personal data you have provided (based on your consent or contract relationship)
- You have the right to request us to restrict processing of your personal data in accordance with the conditions set out in the data protection legislation
- You have the right to object to processing of your personal data for certain purposes e.g. you have the right to deny any processing or transferring of data for direct marketing
- If the processing of your personal data is based on consent, you have the right to withdraw consent at any time (the withdrawal does not affect the lawfulness of processing based on consent before its withdrawal)

You can use your rights by submitting a request to the contact information in the beginning of this Privacy Notice. After receiving all the required information of your request (incl. confirmation of identity), we will start the processing of your request. We will do our best effort to process your request within a period of one month.

We may reject requests that are unreasonably repetitive, excessive or clearly abusive (manifestly unfounded).

In case you consider our processing activities of your Personal data to be inconsistent with the General Data Protection Regulation (GDPR) (EU) 2016/679, you have the right to lodge a complaint to the local data protection supervisory authority.

Data Protection Ombudsman

Address: Ratapihantie 9, 6th floor, 00520 Helsinki
Tel: +358 29 56 66700

7. Changes to this Privacy Notice
We may change this Privacy Notice from time to time, whenever necessary. All changes hereto will be made available on our website where we publish this Privacy Notice.

This Privacy Notice has been published on 2018-05-24, version 1.0

Change history

Version number

Change description




 Axopar first changes