Data protection policy

We respect Your privacy.

We at Destia Group Plc (“Destia”) are processing your personal data as a part of our daily operations. We are committed to process the personal data reliably, securely and transparently. For the personal data processed within Destia’s operations, Destia Oy or one of its group companies acts as a controller as acknowledged in Data Protection Regulation.

Processing of Personal Data in Destia

Principally, we collect the data from the individual itself, but if needed, we can also collect data from publicly available sources, e.g. from the Internet. The personal data we process is, for example, your contact information, the information you have filled in for the possible feedback, inquiries and reclamations, as well as the information you have given to any enquiries/surveys and campaigns. The personal data we process also includes the information you have published yourself in our social media. In addition to this, when you visit -internet site, with your consent, we collect pseudonymized analytic information regarding your visit. This information is used, for example, for target marketing purposes and other similar marketing purposes.

The processing of personal data is based on either your explicit consent or our legitimate interest. While participating in any of our activities or being a member of our stakeholders, for example, when you are working for our customer, there is a meaningful and appropriate relationship between us. Based on this relationship, we have a legitimate interest to process your personal data for our usual communication and marketing purposes. If you are considered as a new contact to us, we have approached you based on the fact that your information has been publicly or otherwise easily available and based on your position we can assume that this type of communication is usual to you.

We use your personal data to reply to your feedback or inquiries, for any communication or direct marketing purposes as well as to collect statistics and in order to develop and improve our communication in all our channels. If your personal data is processed for a specific purpose, such as a campaign or draw, we will notify you of any special circumstances that may be associated with such processing while we are collecting your information.


We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you have provided to them or that they have collected from your use of their services. You can read more information about cookies as well as at any time change or withdraw your consent regarding the usage of cookies on our Cookies-site.

Data retention and Transfer of Personal Data

We will process your personal data as long as there is an appropriate relationship between us and you. For example, any information you have provided for a campaign or draw will be deleted when it is no longer needed for that purpose (unless we have specifically stated that we will process your information for other purposes). When your personal data is no longer needed for any purpose, it will be deleted or anonymised securely.

We do not regularly disclose or transfer your personal data to anyone. It is possible to disclose and transfer information to the authorities on a case-by-case basis, for example, in connection with a criminal investigation or legal proceedings.

Location of Personal Data

Generally, the personal data will not be transferred outside EU or EAA. In addition to the EU, some personal data may be technically processed in a cloud service outside the EU. The cloud used to store personal data may also have a possible access from outside the EU, if needed. Destia transfers personal data only to countries where the EU Commission has agreed to have an adequate level of data protection or where standard data protection clauses have been concluded with the recipient or other appropriate measures have been taken to ensure the level of data protection. Further details and a copy of the applicable safeguard measures can be obtained by submitting a request to the address below.

Rights of the Data Subject

Under data protection regulation, the data subject has the right to be informed whether the data subject’s data is processed or not. In addition, the data subject has a right to request access to personal data concerning the data subject, to request rectification or, in so far as the data cannot be rectified, to obtain supplemented data. Furthermore, the data subject has the right to request the deletion of his data or the restriction of processing if the conditions of the GDPR are met. The data subject also has the right to object to the processing of personal data where the processing is based on a public or legitimate interest, for example in direct marketing situations. After this, this information can no longer be used for example for direct marketing purposes.

To the extent that the data has been collected with your consent and the processing is performed automatically, you also have the right to request the transfer of your data from one system to another. In addition, to the extent that your data is processed based on your consent, you also have the right to withdraw your consent at any time, in which case the processing of your data will cease in that respect. Please note, however, that the withdrawal of consent does not affect the lawfulness of the processing carried out before the withdrawal.

Any questions?

If you have any questions regarding the processing of personal data as a part of Destia’s operations or you want to use your rights as a data subject, please contact us tietosuoja(at)