Data protection statement

This data protection statement applies to Sargo Oy Ab and the realisation of electronic services.

In this data protection statement, we go through why we process your personal data and what your rights are in the processing of your personal data when you visit our websites, contact us and use our products.

We respect your privacy and undertake to protect your personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Data Protection Act.

This privacy statement was most recently updated on 13 November 2025.

1. Personal data controller

Sargo Oy Ab (hereinafter “we”, “us” or “Sargo”)
Corporate ID number: 0522715-9
Isokarintie 4
67900 KOKKOLA
Finland

Phone number:
+358 682 40 700

Website:

https://sargoboats.fi/

The contact person for the personal data controller is Johannes Sarin (info@sargoboats.fi).

2. Name of the register

Sargo’s customer and user register (hereinafter “Register”).

3. Purpose and scope of personal data processing

We collect, store and process personal data in our Register only for the purposes that we have defined in advance and we always ensure that we have a legal basis for storing and processing personal data.

3.1. Why do we collect personal data?

The personal data in our Register is primarily used to offer products, customer communication, business planning and development, management, the maintenance and development of customer relationships and the improvement of user experiences. Regarding the improvement of user experiences, this primarily refers to the maintenance and development of the webpages in order to ensure that the webpages are functional (more information about cookies can be found further down).

Processing of personal data is carried out based on your consent, to fulfill your order and our contract, to comply with statutory obligations (such as accounting and taxation), and based on our legitimate interests.

When it comes to marketing our products or other information about our company, the processing of personal data is based on our legitimate interest to promote our business, gain new customers and nurture customer relationships.

 

3.2. Personal data and social media

In connection with contact requests via, for example, various social media channels such as Facebook and Instagram as well as via email, text messages and the communication tool Whatsapp, we undertake not to process any sensitive data through these various social media channels.

When you, as a user of different channels on social media, have accepted the terms of use for the respective channel and use the channel in question, you are the data controller. We are not responsible for your personal data as a registered user of one or more channels on social media and thus do not commit to protecting such information.

4. What data do we collect and how?

A large part of the data in our Register consists of data provided by the registered subjects themselves, for example through orders or emails in connection with the customer relationship.

Please note that the personal data processed, and the extent to which it is processed, depend on your relationship with us, for example whether you are a customer or merely visiting our websites.

On our website, we collect personal data when certain features are used. We process the following categories of personal data in our Register for the purposes referred to in paragraph 3 above:

Forms

In order to send information via form on the website, you must consent to the processing of the information you provide (e.g., name, email address, messages, and other information you enter in the form) in accordance with what is stated in this document. Consent is given by ticking the box that links to this Privacy Policy/Data Protection Statement.

When you visit our website, an encrypted connection (HTTPS) is established between the website and your browser. This means that any information submitted, for example via a form, cannot be accessed by unauthorised parties while it is being transmitted from your browser to the website.

Cookies

Our website and the third-party services we use store cookies in your browser, provided that you have chosen to accept them. You can still access the information on the website even if you decline the storage of cookies, but some features may not function as intended. More information about the cookies collected can be found under the “Cookie Declaration” tab in CookieHub. Most browsers accept cookies automatically. Please refer to your browser’s help menu for information on how to disable cookies.

Google Analytics

Here you can read about the cookies that Google stores in your browser. Google Analyticsis only activated if the user has given us permission to store cookies in the browser.

Meta Pixel

Here you can read about the cookies that Meta stores in your browser. Meta Pixel is only activated if the user has given us permission to store cookies in the browser.

Visitor statistics

Provided that the visitor has given us permission to do so, we collect anonymous data to help us understand how the website is used. This also enables us to improve our services. This data is collected using Google Analytics and Meta Pixel. You can read more about this further down.

5. How do we share and use collected data?

We collect, store and process personal data in our Register only for the purposes that we have defined in advance and we always ensure that we have a legal basis for storing and processing personal data.

Forms

The data provided via any form is not shared with any third party. A very small number of people have been trusted to read and process the data that visitors submit through the website.

When a user sends data, the submitted data is transported over an encrypted connection between the browser and the website (HTTPS). The website then encrypts the data and stores it. The stored data from the website can only be read by those entrusted with a login and an additional password for decryption. You can read more about the cookies we use under the ”Cookie Declaration” tab in CookieHub.

Google Analytics

We use Google Analytics to collect statistics on our visitors. Google Analytics creates a profile of the visitor by collecting anonymous data, such as the browser used and the type of device used.

When you visit the website, information is transferred to Google, which processes the information as an independent data controller. Data about website visitors is transferred to Google, which processes the data as a data controller for its own purposes. Google may also combine the data with its other information about the visitor. For indirect identification, Google uses the visitor’s unique identifier (IP address) to identify users, but it is also possible to link this IP address directly to a natural person, for example when logging into a Google account.

Please note that when you are logged into a Google account, Google collects even more unique identifiers about you, such as identifiers that identify your device, information about the browser or application you use, advertising identifiers for Android or IOS mobile users, language choice, your network of friends and your most popular YouTube videos.

Google uses data collected about website visitors for at least the following purposes:

  • Positioning (country, city, business or community-owned network)
  • Visitor behaviour on the website
  • Visitors’ interests on the website
  • Retargeting and advertising

To carry out retargeting, Google supplements your IP address with information based on how it is used. On this basis, Google classifies the user according to, among other things, location, address and age. You can find Google’s privacy policy and terms of use at https://policies.google.com/privacy.

Blocking cookies: The customer has the option to block the use of cookies by changing their browser settings. Blocking the use of cookies may affect the functioning of our services.

Clearing cookies: The registered user can clear cookies from the browser settings. By clearing cookies periodically, the user changes the set of data used to form a profile of the user. However, clearing cookies does not stop the data collection completely, but rather resets the profile based on previous behavioural data.

Meta Pixel

We use Meta Pixel to collect statistics on our visitors and to target our marketing.

No personally identifiable information is collected by Meta Pixel.

Read Meta’s Privacy Policy and Terms of Service to learn how they use the data we share with them.

Google reCAPTCHA

We use Google reCAPTCHA to assess if our visitors are people. This is to avoid robots sending spam via our forms. This means that Google’s Privacy Policy and Terms of Service apply.

Other

Any transfer of your personal data to third parties is based on written agreements that ensure your personal data is protected.

If personal data is transferred to parties outside the EU/EEA, this only occurs with companies in countries that the European Commission has decided provide an adequate level of protection under Article 45 of the GDPR, or with companies that have committed to the EU–US Data Privacy Framework.

Personal data is mainly stored and processed within the EU/EEA, but certain services from US-based companies (e.g. Google and Meta) may involve the transfer of data outside the EU/EEA. These companies have committed to the EU–US Data Privacy Framework, ensuring that your data is adequately protected.
You can read more about adequacy decisions and see which countries are covered here: European Commission – Adequacy Decisions (Article 45 GDPR).

We disclose personal data to authorities in accordance with the legal obligations imposed on us.

6. How long do we store collected data?

Your personal data is only stored as long as necessary to fulfil the purpose for which it was collected, or as long as we are legally required to store it.

The storage period is determined according to the following principles:

  • Information collected via the website’s forms is stored on the site for at least one (1) year. Data is kept as long as required to process the matter or maintain the customer relationship, usually up to 24 months after the last contact, unless a business relationship arises that requires longer retention.
  • Technical data and cookies are retained according to the settings of the respective service. Session cookies are deleted automatically when you close your browser, while analytics and tracking cookies (e.g., Google Analytics, Meta Pixel, and LinkedIn Insight Tag) are stored for between 6 and 26 months, depending on the settings of the respective service, unless you delete them earlier via your browser settings.

When the data is no longer required for these purposes, it is securely deleted or anonymised.
However, we may be obliged to retain some of our customers’ personal data in order to comply with the Accounting Act or other mandatory legislation even after the customer or user relationship or any other basis for processing personal data has ended.

7. The users have full control over their data

The users have full control over their data.

This means that:

  • You have the right at any time to request an account of the information we hold about you.
  • You have the right to request correction of personal data, the right to restrict or object to the processing of your personal data, and the right to data portability.
  • You can withdraw your consent at any time for the processing of personal data based on your consent (withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal).
  • You have the right to lodge a complaint regarding the processing of your personal data with supervisory authorities (contact details for the Information Commissioner’s Office can be found in section 9 of this Data Protection Statement/Privacy Policy).

As a general rule, there is no cost attached to exercising the rights you have as a data subject. However, we reserve the right to charge a reasonable fee if the request is repetitive in nature or manifestly unfounded or unreasonable.

If you wish to exercise your rights as a data subject, please contact Johannes Sarin (info@sargoboats.fi).

8. How do we protect collected data?

By taking organisational and technical measures, we ensure that all your data is safe, protected from unauthorised processing and not destroyed, deleted, altered or unlawfully transferred. The software that powers the site is continually updated to address security vulnerabilities that are revealed over time. The traffic between the visitor’s browser and our server is encrypted.

Individuals who process personal data are bound by confidentiality and secrecy. The data is stored in databases, which are protected by usernames and passwords and technically protected by firewalls.

9. Contact

Enquiries relating to this data protection statement/privacy policy may be sent to the person named at the beginning of this document.

Contact details of the supervisory authority:

Tietosuojavaltuutetun toimisto (Information Commissioner’s Office)

Visiting address: Lintulahdenkuja 4, 00530 Helsinki
Postal address: P.O. Box 800, 00531 Helsinki, Finland
Switchboard: 029 566 6700
Registry Office: 029 566 6768
Email: tietosuoja@om.fi