Privacy Policy


The data controller in accordance with the applicable data protection laws is Finlandia-talo Oy. Finlandia-talo Oy is responsible for ensuring that your personal data is processed in accordance with this policy and applicable data protection laws.

Contact details of the data controller:
Finlandia-talo Oy
Business ID 2036668-3
Mannerheimintie 15 A, 00260 Helsinki
Tel. (09) 40241

Contact person of the data controller:
Minna Sauramaa, Marketing and Communications Director
Tel. (09) 4024 430

Responsible party for data protection:
Office Management Oy
Tel. 010 8411 169


Your personal data may be collected in various ways.

Primarily, we collect and process personal data that you:

Have provided to the data controller when contacting or doing business with us, e.g., when purchasing our services, subscribing to our newsletter, or contacting us to request a quote or responding to our feedback survey.
Are generated when using the service or by filling out a request form on the website.
Are obtained from other sources to the extent permitted by applicable laws, e.g., the Trade Register, Population Information System, Business Information System, or the Postal Address System.

You are not obligated to provide us with your personal data, but if you choose not to do so, we may not be able to provide our services to you.

We collect and process, for example, the following categories of personal data:

Customer relationship-related information, such as name, job title, your relationship to the company you represent, and contact details (email, address, and phone number) as well as the language of communication. Information regarding the service and order, payment details, billing information, marketing permissions, and prohibitions.
Basic information, such as name and email address.
Information collected during the use of our website, e.g., information collected from the website through cookies or similar technologies (device ID and type, operating system, and application settings).
Other information specifically defined on a case-by-case basis based on your consent.


We only collect and process personal data necessary for conducting our business, managing customer relationships, and for legitimate commercial purposes.

We process your personal data for the following purposes:

Service provision and customer relationship management

We primarily process personal data to offer and deliver services to you or the company you represent. In order to do so, we maintain and manage the customer relationship between you or the company you represent and Finlandia-talo. In this case, the processing of personal data is based on the contract between you or the company you represent and the data controller.


We may contact you to inform you about new features of the service or to market and sell other services to you. We may also process your personal data for marketing research and customer surveys. The processing of personal data is based on our legitimate interest to provide information as part of the service and to market our other services to you. You have the right to object to the processing of your personal data for direct marketing at any time. (see section 8 of this policy.)

Service development, security, and internal reporting

We also process personal data to ensure the security of the service and website, to improve the quality of the service and website, and to develop the service. We may also compile internal reports based on personal data for the proper management and development of customer relationships and business.

Compliance with laws

We may process your personal data to fulfill our legal obligations or to respond to information requests from authorities based on legal requirements.

Other purposes with consent

We also process your personal data for other purposes if you have given your consent to such processing.


We may disclose your personal data to third parties

to the extent permitted or required by law, e.g., to fulfill information requests from competent authorities.
when our partners process personal data on our behalf and in accordance with our instructions. We always ensure the proper handling of personal data.


We may transfer personal data outside the EU or the European Economic Area when our partner handling the assignment is located outside these areas. In these cases, we ensure appropriate safeguards for the rights and freedoms of the data subjects in accordance with applicable data protection laws, such as the EU General Data Protection Regulation (679/2016).


We also use cookies and similar technologies on the website Cookies are small text files placed on your device for collecting and remembering useful information, improving the functionality and usability of our website. We may use cookies and similar technologies for statistical purposes, such as compiling statistics on website usage to understand how users use the website and to improve the user experience.

You can prevent the setting of cookies, restrict their use, or delete cookies from your browser. However, since cookies enable the operation of our website, restricting the use of cookies may affect the usability of the website.


Personal data is retained only for as long as necessary for the purposes defined in this policy. Personal data is retained for the duration of the customer relationship. Personal data may be retained to the extent necessary even after the termination of the customer relationship in accordance with applicable law. For example, we may retain personal data to comply with your direct marketing opt-out request. Personal data is deleted when its retention is no longer necessary for the fulfillment of legal obligations or the rights and obligations of either party.


You have the right to access your personal data. You may also at any time request the correction, updating, or deletion of your personal data. Please note, however, that personal data necessary for the purposes defined in this policy or required by law cannot be deleted.

You have the right to object to or restrict the processing of your personal data to the extent required by applicable law. In certain cases, you have the right to transfer the personal data you have provided to us to another controller, i.e., the right to receive your personal data in a structured, commonly used, machine-readable format and to transfer your personal data to another controller, in accordance with applicable law. If we process your personal data based on your consent, you have the right to withdraw your consent at any time. After that, we will not process your personal data unless there is another legal basis for processing. You can exercise your rights by sending a request to the data protection officer mentioned above.

If you believe that the processing of your personal data is not appropriate, you have the right to lodge a complaint with the supervisory authority.


We implement appropriate measures (including physical, digital, and administrative measures) to protect personal data against loss, destruction, misuse, and unauthorized access or disclosure. Access to personal data is only granted to individuals who need it to perform their duties. Users are bound by confidentiality obligations.

Please note that even appropriate measures cannot prevent all possible data security breaches. In the event of a personal data breach, we will inform you in accordance with applicable laws.