Privacy Policy – Dobra Finland Oy Ab
Privacy policy
Data Controller
Dobra Finland Oy Ab (Business ID 2994719-3), hereinafter “the Company”
Jaakonkatu 13, 68600 Pietarsaari
E-mail: info@dobrafinland.fi, tel. +358 44 787 8782
Contact Person for Data Protection Matters
Dobra Finland Oy Ab
Antti Flander, CEO
+358 44 545 1370
antti.flander@dobrafinland.fi
Name of the Register
Customer and marketing register, as well as a register related to website cookies and usage data.
Purpose and Legal Basis for Processing Personal Data
We process personal data for the following purposes:
- Managing the customer relationship and providing services (communication, contract management, invoicing, customer service)
- Sales and marketing (e.g., newsletters, sending offers, targeted marketing)
- Business development and reporting (e.g., service development, statistics)
- Website functionality and information security (e.g., logs, prevention of misuse)
The legal basis depends on the situation:
- Performance of a contract or pre-contractual measures
- Consent (e.g., certain marketing permissions and non-essential cookies)
- Legitimate interest of the controller (e.g., customer relationship management, basic analytics, service security)
- Legal obligation (e.g., bookkeeping-related obligations)
The data is not used for automated decision-making or profiling that would produce significant legal effects for the data subject.
Contents of the Register
The register may include, as necessary, the following data:
- Basic and contact details: name, company/organisation, position/title, address, email, phone number
- Customer and contract details: ordered services/products, agreements, assignments, invoicing and payment details, customer communications
- Marketing details: newsletter subscription and unsubscribe details, consents and opt-outs, campaign details
- Website usage data: IP address (typically temporarily), browser details, page loads and events (via cookies and similar technologies)
Sources of Data
Data is mainly obtained:
- from the data subject (e.g., inquiries, forms, phone calls, email, contract negotiations)
- from the use of the Company’s services and the management of the customer relationship
- from the use of the website (cookies and similar technologies)
- when necessary, from public sources (e.g., companies’ contact details)
Regular Disclosures and Transfers of Data
Data is not regularly disclosed to third parties. Data may be disclosed:
- to authorities, where required by law
Data may be processed on behalf of the Company by service providers (processors), such as:
- IT and hosting services, email and communication services
- CRM and invoicing/accounting/financial administration systems
- analytics and marketing technologies (only to the extent used and in accordance with consents)
If a service provider processes data outside the EU/EEA, transfers are carried out with appropriate safeguards in accordance with applicable law (e.g., EU Standard Contractual Clauses).
Data Retention
We retain personal data only for as long as necessary:
- to manage the customer relationship and fulfil the contract
- to comply with legal obligations (e.g., accounting records)
- for consent-based marketing until consent is withdrawn / an opt-out is made
Security of the Register
Data is processed only by persons who need it to perform their duties. We protect the data, among other measures, by:
- user-specific accounts and access management
- secure systems and backups
- protection of devices and connections
- any paper records (if such exist) are stored in a locked premises
Data Subject Rights
The data subject has the right to:
- access their personal data and obtain a copy
- request rectification or completion of data
- request erasure (“right to be forgotten”) under applicable conditions
- request restriction of processing
- object to processing where the legal basis is legitimate interest
- data portability where processing is based on consent or contract and is carried out by automated means
- withdraw consent at any time (withdrawal does not affect the lawfulness of processing carried out before withdrawal)
- lodge a complaint with the supervisory authority (in Finland, the Office of the Data Protection Ombudsman)
Requests can be sent in writing to: info@dobrafinland.fi
Cookies and Website Usage Data
On the Company’s website (dobrafinland.fi), data is collected using cookies (including anonymous usage data, browser, device and on-site behaviour). Cookies are small text files used to store information. They are stored on your device when the website loads in your browser. These cookies help us make the website more secure, provide a better user experience, and understand what works and what needs improvement.
Like most online services, our website uses first-party and third-party cookies for various purposes. First-party cookies are mostly necessary for the website to function properly and do not collect personally identifiable information. Third-party cookies used on our website are mainly intended to understand how the website performs, how you interact with our website, keep our services secure, provide you with relevant advertisements, and overall provide you with a faster and better user experience.
Users can manage non-essential cookies in the cookie settings (consent can be given or withdrawn). An up-to-date list of cookies in use and their purposes is presented in the cookie settings / cookie policy.
The following cookies are used on the Company’s website:
Necessary cookies
| Cookie | Duration | Purpose |
| __cf_bm | 1 year | Set by Cloudflare to support Cloudflare Bot Management. |
| pll_language | 1 year | Set by Polylang to remember the user’s selected language when returning to the website, and to obtain language information when it is not otherwise available. |
| _lfa | 1 year | Set by Leadfeeder to identify the IP address of devices visiting the website and thereby enable remarketing to multiple users coming from the same IP address. |
| cookieyes-consent | 1 year | Set by CookieYes to remember users’ consent preferences so that they are respected on subsequent visits. It does not collect or store any personal information about site visitors. |
| wordpress_test_cookie | session | Set by WordPress to determine whether cookies are enabled in users’ browsers. |
| PHPSESSID | session | Native to PHP applications. Stores and identifies a user’s unique session ID to manage user sessions on the website. It is a session cookie and is deleted when all browser windows are closed. |
| wordpress | session/varies | WordPress sets necessary cookies for user login, session management, wp-admin settings, and to ensure security (e.g., wordpress_sec_, wordpress_logged_in_, wp-settings-, wp-settings-time-). |
Analytics cookies
| Cookie | Duration | Purpose |
| ga* | 1 year 1 month 4 days | Set by Google Analytics to store and count page views. |
| _ga | 1 year 1 month 4 days | Set by Google Analytics to calculate visitor, session and campaign data and to track site usage for analytics reporting. Stores data anonymously and assigns a randomly generated identifier to recognise unique visitors. |
| _clck | 1 year | Set by Microsoft Clarity to preserve the browser’s Clarity User ID and settings for that website, so actions by the same user can be linked across visits. |
| _clsk-consent | 1 day | Set by Microsoft Clarity to store and combine a user’s page views into a single session so that session recordings function properly. |
Advertising Cookies
| Cookie | Duration | Purpose |
| _fbp | 3 month | Set by Meta (Facebook) to deliver targeted ads on Facebook and other services within Meta’s ad network after a user has visited the website. |
| _gcl_au | 3 month | Set by Google Tag Manager (Google) to measure and test advertising effectiveness (e.g., evaluating conversions and campaign performance) on sites using Google’s services. |
Unclassified cookies
| Cookie | Duration | Purpose |
| wp-postpass_d5bfcda35a3a5fe250bc3fedaef299ec | session | WordPress cookie used to display a password-protected page/post after the user has entered the password. |
| _lfa_test_cookie_stored | Less than a minute | Test cookie to verify whether Leadfeeder-related cookies can be stored and that cookies are blocked before user consent. |
Recruitment-Related Personal Data
If you apply for a job or submit an application via the Company’s recruitment channels, the processing of recruitment-related data is described in a separate recruitment privacy policy (Career Site / jobs.dobrafinland.fi).
Changes to This Notice
We may update this notice if our operations or legislation change. The most up-to-date version is kept available on the Company’s website.
Date of preparation / latest update: 19 December 2025