top of page

Lorenz Oy privacy policy (updated 20.09. 2023)


Lorenz Oy

Vanha Turuntie 62

10420 Pohja

Social security number: 2950102-8

Contact person in matters concerning the register:

Jadwiga Aniol

+358 (0)465984150

Register name:

Lorenz Oy customer register

Purpose of the register:

Personal data is processed for purposes related to managing and managing customer relationships, providing and delivering services, and developing services. Personal data is also processed for the purposes required to settle possible complaints and other claims.

In addition, personal data is processed in communications aimed at customers, such as for information and news purposes, as well as in marketing, as part of which personal data is also processed for purposes related to direct marketing and electronic direct marketing.

We only use data for direct marketing if the customer gives permission.
The controller processes the data himself and uses subcontractors acting on behalf and on behalf of the controller in the processing of personal data.

Legal grounds for processing:

The legal bases for the processing of personal data are the following bases according to the EU General Data Protection Regulation 2016/679 (hereinafter also "GDPR"):

  • the data subject has given his consent to the processing of his personal data for one or more specific purposes (GDPR 6 art. 1.a)

  • the processing is necessary for the implementation of an agreement to which the data subject is a party, or for the implementation of pre-contractual measures at the request of the data subject (GDPR 6 art. 1.b)

  • processing is necessary to fulfill the legitimate interests of the controller or a third party (GDPR 6 art. 1.f)

The aforementioned legitimate interest of the data controller is based on a meaningful and appropriate relationship between the data subject and the data controller, which is a consequence of the fact that the data subject is a customer of the data controller, and when the processing takes place for purposes that the data subject could reasonably have expected at the time of the collection of personal data and in connection with the relevant relationship.

Contents of the register:

We store the following information in our customer register:

  • customer name

  • address

  • telephone number

  • email address

  • product information of the orders

  • other additional information provided by the customer

  • online store browsing and usage data

  • delivery and payment method

  • shipment tracking information

  • IP address

  • web browser

  • terminal device

  • Product reviews


Appropriate information is collected from customers for processing and sending orders and to improve the quality of the service. We also ask permission to send electronic direct marketing. For registered customers, the register also contains a username and password.

The information to be stored in the customer register is received from customers when ordering. 

Registry protection:

The register is used only by two persons whose job description includes its use. Both register users have a personal username and password. Users are bound by a duty of confidentiality.

The customer has the right to check, change or delete information about himself from the customer register. If the customer wants changes to his information, he should contact our customer service:

The Lorenz Oy online store declines responsibility if the customer's information comes to the knowledge of outsiders due to data breaches independent of Lorenz Oy online store. For example, if a data breach occurs on the server, which Lorenz Oy staff could not have prevented. The customer is responsible for his own registered user ID and is obliged to change the password if he suspects that it has come to the knowledge of outsiders.

Disclosure of information:

The Lorenz Oy discloses information to third parties whose services are used for processing and sending orders. Payment transactions are forwarded to payment intermediaries, address and contact information are forwarded to transport service providers. E-commerce transactions at the product level are transmitted to the marketing and content platform, which is used in email marketing if necessary. These third parties may under no circumstances use the information provided for their own purposes, and they will only be provided with information relevant to the implementation of the service. All data transfer with third parties takes place through an encrypted connection. If necessary, personal data can be disclosed to the authorities according to the law.

Data retention period

We store customer data throughout the customer relationship. This means that the data remains in our customer register until the customer indicates that the data must be deleted. Data deletion requires that all the customer's orders have been completed according to the law.


We use cookies on our website to improve the quality of the service, monitor user traffic and make our service more secure. A cookie is a small text file of the website that is sent to the user's own computer and stored there. Cookies do not damage users' computers or files. It is possible to disable cookies. Deletion takes place in the settings of your browser.

The website uses cookies to ensure that the service is safe, efficient and user-friendly. Cookies are used to generate statistical information and to control functions that facilitate the customer.

We collect information about cookies anonymously. Information collected with cookies is not connected to the customer register or orders.

bottom of page