Privacy policy

PRIVACY POLICY Register and Privacy Statement in accordance with EU General Data Protection Regulation (GDPR). Last updated on July 30, 2018.

PERSONAL REGISTER The registry administrator and the person responsible for the registry Orient Import Oy (Business ID 2108089-8), Janne Toivonen, Porttikatu 9, 15700 Lahti, Finland.

The contact details for the register are the same as above, in addition tel. +358 45 123 0077 and email

Processors of personal data
In the, only the controller processes personal data.

Collection of personal information
The register is used to register e-commerce customers, subscribers, potential customers and newsletter subscribers. Potential customers are customers whose Purchase Process has progressed to the point of the transaction and payment has been interrupted for one reason or another.

Purpose of processing of personal data
The personal data of the Incense Trade Customer Register is used for predefined purposes, which are customer relationship management and marketing purposes.

Purposes of processing personal data:
Customer Relationship
Management Order / complaint processing
Notification of our products and / or services and news coverage
Communication related to a payment transaction
We will retain the personal information collected for as long as is necessary for the purpose of processing.

Information content of the register
The following information on the data subject shall be collected in the register:


Customer information:
information about the products and services you have purchased, and the shipping and payment method you choose.

Regular sources of information
The registrar registers the information about the customers of the, which the user himself or herself discloses when registering as a customer and / or placing an order in the Online Store. The email address of the newsletter subscriber is saved. Wholesale customer information is collected from the websites of potential resellers, search engine results, and any information that may be communicated with each other.

Regular Disclosures
The Incense Store may authorize external partners or service providers to provide IT services, payment solutions or other digital services to the Incense Store. As part of the provision of these services, your Incense Trade Partners, both inside and outside the EU and the EEA, may have access to your personal information.

We have made sure that our service providers comply with privacy laws. We work with the following service providers:
Shopify (webshop)
Planeetta (domain)
Google (Email, Advertising)
Paytrail, PayPal (Payments)
Lemontree Oy (accounting, invoicing)
Posti, Matkahuolto (Delivery)

Registry security principles
The contact details of the incense store's online store customers are stored in a registrar system protected by security software. Accessing the system requires a user name and password. The system is protected by a firewall and other technical measures. Only certain, pre-defined employees of the Registrar are authorized to access the information contained in the Registry. The information contained in the register shall be located in locked and guarded premises.

Duration of treatment
The information is retained until the customer requests it to be deleted or, if possible, deletes the information. Registered users can opt out of our marketing list themselves via the link in each of the marketing emails we send or request removal by emailing our customer support request.

Rights of the data subject
The data subject has the following rights, requests for exercise of which must be made in writing or electronically to the above addresses.

The data subject shall have the right to prohibit the controller from processing data relating to him or her for direct marketing, distance selling and other direct marketing purposes. The ban should be addressed to the person responsible for registry matters.

The data subject has the right to request the deletion of the data if processing is not necessary. We process the request and then either delete the information or provide a valid reason why the information cannot be deleted. Please note that the controller may have a statutory or other right not to delete the information requested.

The data subject has the right to inspect the personal data stored in the register and to obtain copies thereof. The request for inspection must be addressed to the person responsible for registry matters. The data subject may request the correction of incorrect or incomplete information concerning him. The request for rectification must be addressed to the person responsible for registry matters and it must both justify and specify exactly what information the customer requests to be corrected. The request must state what the customer thinks is the correct information and how the repair should be done.

When you visit our site, a session cookie is stored on your device to track your activity and activity on our site. A session-specific cookie will expire when you end your session with us. Cookies do not tell us who you are or what you have ordered. In your browser settings, you can prevent cookies from being stored on your computer. As a result, however, you cannot order from our online store. By browsing our site, you consent to the use of cookies on your device.