Skip to main content

Privacy Policy

Customer and Marketing Database Privacy Statement

Hublet Oy (”Hublet”, “we” or “us”) respects your privacy and is dedicated to protecting the privacy of persons (“you”) using Hublet’s webpages and all services provided by Hublet (“Services”).

This Privacy Policy helps you to understand what Personal Data we collect through our website,, and how we use it. Personal Data refers to information, which allows a person to be directly or indirectly identified as an individual person.

Personal data, data subject, controller and other key terms are defined in the General Data Protection Regulation (2016/679, “GDPR”). Hublet complies with the GDPR in all processing of personal data in conjunction with other applicable national data protection legislation (“data protection legislation”). We are committed to protecting the privacy of data subjects and to complying with the GDPR, applicable data protection laws and other applicable national laws.

Our Services may also contain links to external websites and services operated by other organizations that we do not manage. This privacy policy is not applicable to their use, so we encourage you to review the privacy policies that apply to them. We are not responsible for the privacy policies of other websites or external services (even if you access them using the links on our website). We provide these links only as additional information to better serve you.


1. Who we are – “Controller” Contact Information

Hublet Oy
Business ID: 2631894-9
Address: Itälahdenkatu 22 A, 00210 Helsinki, Finland
Website address:


2. Legal Basis and Purpose of the Processing of Personal Data

We process personal data only for necessary purposes, as set out below. We process personal data in accordance with the applicable data protection legislation. The legal basis for the processing of your personal data is, where not stated otherwise or another legal basis is otherwise applicable, the performance of providing our Services to you. We can also process your personal data where we have a legitimate interest to do so, such as for marketing purposes. Where we rely on legitimate interests as a reason and legal basis for processing personal data, we have considered whether or not those interests are overridden by the rights and freedoms of the data subjects and we have concluded that they are not.

Where the processing is such that your consent is required by the applicable legislation, we will state so and obtain your consent, and this will be the legal basis for the processing. However, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. If such withdrawal means that we are no longer able to provide the Services to you, we may cease to provide the Services. 

Personal data will be processed for the following purposes: 

  • Customer service and communication 
  • Provision, design and development of the Services 
  • Measuring customer satisfaction 
  • Marketing, including market research, other marketing promotion and analysis, and the production of statistics and the measurement of marketing effectiveness 
  • Improving the user experience of our Services and tracking user traffic 
  • Handling inquiries related to Services 
  • Prevention of abuse

3. Personal Data Processed and Sources of Information

Personal data collected and processed by Hublet is mainly collected directly from you. Hublet will only collect such personal data that is relevant for the purposes described in this privacy policy, including information you give to us, and technically gathered information when you use our Services. 

While the provisioning of certain personal data is necessary for the use of our services, certain personal data is provided voluntarily. Personal data may be updated and supplemented by collecting data from private and public sources, such as commercially available directories and websites. 

Personal data and non-personal data are collected directly from you, such as through registration or by logging the activities in the Services. This data may include:

Category of personal data Examples of information content
Customer information: Information gathered at registration* Name, email address, payment information and other customer-identifying information.
Technical behavioural data and identification data Monitoring the data subject’s web behaviour and use of Services, for example by means of cookies or similar technical identification data. Examples of data that can be collected include unique device identifiers, IP addresses, device software version numbers and identifiers, and rough location information via GPS, IP address or mobile networks.
Rights management of the data subject, such as consents and prohibitions Marketing prohibitions and consents. Communication and measures relating to the rights of the data subject (see the rights of the data subject below).
Other (additional) information provided voluntarily Preferences related to the contract or marketing / marketing event. Other additional information provided in contacts or appointments.


*sections thus marked are necessary to provide the Services and fulfil legal obligations. Furthermore, the blocking or the non-provisioning of certain personal data may affect the proper functioning of the Services or Hublet may not be able to provide the Services if said data is not provided. 

If you do not provide Hublet the required information, this may mean that We are not able to provide the Services to you, perform the contract necessary for the provisioning of the Services or to comply with Hublet’s legal obligations. 

In addition to personal data, Hublet will collect non-personal data relating to you. This information includes either anonymous or anonymized data or data linked to personal data that is generated during the use of the Services, such as actions in the Services and access times. 


4. Retention of Personal Data

The personal data we collect is retained for the period necessary to fulfil the purposes outlined in this privacy policy unless a longer retention period is required by law. Thereafter, the personal data will be deleted within a reasonable timeframe or rendered anonymous. The retention periods depend on the purpose of the processing and type of the information. Personal data and retention periods are listed in the table below:

Personal Data Retention period or criteria used to determine the period
Information you give to us As long as necessary to fulfill the purpose personal data has been gathered for or as required by applicable laws.
Technically gathered data As long as necessary to fulfill the purpose personal data has been gathered for or as required by applicable laws.




5. Recipients of Personal Data

Hublet will not disclose personal data to third parties unless there is a justified reason, legitimate interest, or express consent. Personal data may be disclosed to third parties for processing in accordance with this privacy policy in order to ensure the functioning of the service and customer relationships, regulatory obligations, marketing and customer communications. 

The personal data may also be disclosed to third parties if required under any applicable law or regulation or order by competent authorities, and to investigate possible infringing use of the services as well as to ensure the safety of the Services. In addition, personal data may have to be disclosed in connection with legal proceedings or for similar dispute resolution purposes. 

Hublet may use a variety of service providers and other partners to process data, such as IT-services, Customer Relationship Management services, and Analytics services. The third parties may change. These third parties process information only on behalf of and for the benefit of Hublet. 

Some of the services used by Hublet for processing personal data may operate outside the territory of the European Union (EU) or the European Economic Area (EEA). Thus, personal data can be transferred regularly outside the EU and the EEA. In case personal data is transferred outside EU/EEA, such transfers are either made to a country that is deemed to provide a sufficient level of privacy protection by the European Commission or transfers are carried out by using appropriate safeguards such as the standard data protection clauses adopted or otherwise approved by the EU Commission. 

We will provide more information regarding the processing and third parties upon request.


6. Protection of Personal Data

We use appropriate technical, administrative and organizational security measures to protect personal data against unauthorized access, disclosure, destruction or other unauthorized processing. 

All parties processing personal data have a duty of confidentiality in matters related to the processing of personal data. Access to personal data is restricted to those employees who need it to perform their duties. Employees and other processors of personal data have personal usernames and passwords. We also require our service providers to have appropriate methods in place to protect personal data. 

Nevertheless, considering the cyber threats in modern day online environment, we cannot give full guarantee that our security measures will prevent illegally and maliciously operating third parties from obtaining access to personal data or absolute security of the personal data during its transmission or storage on our systems.   


7. Rights of the Data Subjects and Supervisory Authority

Right to access 
You have the right to contact us, and we will inform you what Personal Data we have stored regarding you, and the purposes such data is used for. 

Right to rectification 
You have the right to have us correct any incorrect, incomplete, outdated, or unnecessary personal data stored about you by contacting us at the email address provided herein. 

Right to erasure 
You may also ask us to delete your personal data from our systems. We will comply with such request unless we have a legitimate ground to not delete the data. After the data has been deleted, we may not immediately be able to delete all residual copies from all of our systems. Such copies shall be deleted as soon as reasonably possible. 

Right to Object or Restrict Processing 
You may object to certain use of personal data when such processing is based on legitimate interest, including direct marketing or profiling. You may opt-out of receiving promotional emails by following the instructions in those emails. If you opt-out, we may still send you non-promotional customer information, such as emails about your account, providing our services and products or our ongoing relationship with you. 

You may request that we restrict processing of certain personal data. Your personal data will then only be stored and not processed otherwise; this may however lead to fewer possibilities to use the Services. If such restriction means that we are no longer able to provide the Services to you, we shall be entitled to stop providing the Services. 

Right to data portability 
You have the right to receive personal data provided by you to us in a structured, commonly used format. We provide no guarantee that this information will be compatible, relevant or useful to any other service. 

Withdrawal of consent 
You can deny any direct marketing and withdraw your consent regarding electronic direct marketing. You can always withdraw any other consent including parental consent. 

How to exercise your rights 
These rights may be used by sending an e-mail to the addresses set out in this Privacy Policy. Your identity will be verified before the information is given out, which is why we may have to ask for necessary additional details. We will respond to the request within a reasonable amount of time and, where possible, within one month of the request and the verification of your identity. If your request cannot be met, the refusal shall be communicated to you in writing. Hublet may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded. 

Right to lodge a complaint with the supervisory authority 
In case you consider our processing activities of your Personal Data to be inconsistent with the General Data Protection Regulation (GDPR) (EU) 2016/679, you have the right to complain to the applicable data protection supervisory authorities.     

8. Changes to this Privacy Policy

Hublet may make changes to this privacy policy at any time by giving a notice on the website and/or by other applicable means. The data subjects are highly recommended to review the privacy policy on our website every now and then. If the data subject objects to any of the changes to this privacy policy, the data subject should cease using the services, where applicable, and the data subject can request that we remove the personal data, unless applicable laws require us to retain such personal data. Unless stated otherwise, the then-current privacy policy applies to all personal data we process at the time. 

This privacy policy was published on 13th June 2024.


9. Additional Information

Our cookie policy is defined here: Cookie Policy

Please read our cookie policy to understand what cookies are, how we use them, the types of cookies we use i.e, the information we collect using cookies and how that information is used and how to control the cookie preferences. 

You can at any time change or withdraw your consent from the Cookie Declaration on our website. 

Embedded content from other websites 
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. 

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


 < Back to Home