top of page

Privacy statement, provider/cooperation register

​​1. Data controller

Walki Flexipack

Kappelinmäentie 240, 65370 Vaasa


2. Contract person for the controller in matters concerning personal data registers

Stefan Söderlund

Kappelinmäentie 240, 65370 Vaasa

+358 500 866 085,

3. Name of the register 

The supplier and other stake holders register

4. Purpose and basis of processing personal data

The register contains contact and other information about providers of goods and services, principles and other partners. The main purpose of the register is the management and maintenance of provider and principal relationships. The personal data in the register are used for contact, cooperation and coordination of cooperation, communication, paying invoices and complying with other obligations, evaluation of providers and feedback. The basis for processing personal data is, depending on the case, either the controller's legitimate interest or a contract.

5. Data content of the register

It is possible to store the following data in the personal register:

  • name 

  • e-mail address

  • mobile and/or other telephone number

  • position/title

  • e-mail message thread

6. Storage period of personal data

The personal data of active contact persons of active providers are stored throughout the cooperation. Outdated and unnecessary data are removed in an appropriate manner. Personal data are only stored for as long as it is necessary to implement the personal data processing purposes defined in this privacy statement. Due to the obligations of the law or the controller, data may be stored longer than mentioned above. The register is regularly checked for outdated  data

7. Regular sources of data

The data are collected when  entering into or evaluating cooperation  from the company or the data subject of the company itself, from cooperation networks and regarding organisation data , possibly from the Business information System maintained by the Finnish Patent and Registration Office or from public sources such as WWW-pages.

8. Regular disclosure of data

Data can be disclosed to the controller's group companies. Data will not be disclosed to third parties for marketing purposes or for other purposes, except if required by authorities. The disclosures are, however, always implemented in accordance with and within the limits of the data protection law.

9. Transfer of data outside EU or the EEA

Personal data may be transferred outside European Union or European Economic Area in accordance with and subject to the applicable data protection legislation. The data controller ensures adequate level of data protection  as required by applicable data protection legislation also in situations in which the  personal data is transferred outside European Union or European Economic area by complying with adequacy decisions  issued by the European Commission and by using, when required, standard contractual clauses approved by the  European Commission together with necessary additional safeguards for such transfers. 

10. Principles of register protection

We respect the confidentiality of personal data, Caution is exercised in processing the register and electronically stored data are properly protected. The data security of the equipment is adequately taken care of. The processing of personal data is only enabled for the employees whose job description includes it.

10.1 Manual material

Is stored in a place to which only appropriate people have access.

10.2 Electronically stored data

The register operate in protected environments of the controller or the service providers. An agreement on the processing of personal data in accordance with the General Data Protection Regulation has been concluded 

11. Profiling

12. The data subject's right to object to processing of personal data and direct marketing

13. Other rights of the data subject regarding processing of personal data


13.1 Right to lodge a complaint with a supervisory authority



bottom of page