Privacy Policy

Last updated: May 23, 2026

1. Introduction

Welcome to the website of Asetus Oy.

We are committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (GDPR) and applicable Finnish data protection laws.

This Privacy Policy explains:

  • what personal data we collect,

  • how we use it,

  • how we store and protect it,

  • and your rights regarding your personal data.

2. Data Controller

Asetus Oy

Puistokatu 9 C62, 90120 Oulu, Finland

Vat number: 3476965-1
Email: contact@asetusclimbing.com

The data controller is responsible for ensuring that your personal data is processed lawfully and securely.

3. What Personal Data We Collect

We may collect the following personal data when you use our website or place an order:

Information you provide directly

  • Name

  • Billing address

  • Shipping address

  • Email address

  • Phone number

  • Order details

  • Information submitted through contact forms

Payment Processing

Payments on this website are processed securely through Squarespace Payments.

When making a purchase, payment-related information may be processed by Squarespace and its payment processing partners for the purpose of completing transactions, fraud prevention, and legal compliance.

We do not store full payment card information on our own servers.

Additional information about how payment data is processed can be found in the
Squarespace Privacy Policy.

Information collected automatically

When you use our website, we may automatically collect:

  • IP address

  • Browser type and version

  • Device information

  • Pages visited

  • Date and time of visits

  • Referring websites

This information may be collected using cookies and analytics tools.

4. How We Use Your Data

We process personal data for the following purposes:

  • Processing and fulfilling orders

  • Shipping products

  • Customer service and responding to inquiries

  • Processing payments

  • Maintaining accounting records

  • Improving website functionality and performance

  • Preventing fraud and misuse

  • Complying with legal obligations

We do not send marketing emails or newsletters.

5. Legal Basis for Processing

We process personal data based on the following legal grounds under GDPR:

  • Contractual necessity — to process orders, payments, and deliveries

  • Legal obligation — for accounting, taxation, and consumer protection requirements

  • Legitimate interest — for website security, fraud prevention, and improving website functionality

  • Consent — where required for non-essential cookies

6. Cookies

Our website uses cookies and similar technologies to improve website functionality and analyse website traffic through services such as Google Analytics. Cookies may include:

  • Essential cookies

  • Analytics cookies

  • Preference cookies

You can control or disable cookies through your browser settings.

Where required by applicable law, non-essential cookies such as analytics cookies will only be used after obtaining your consent.

7. Third-Party Services

We use trusted third-party providers necessary for operating our website and online store.

“These providers process personal data only as necessary to provide their services and are required to protect personal data in accordance with applicable data protection laws.”

These services may include:

  • Squarespace for website hosting and e-commerce functionality

  • Squarespace Payments for secure payment processing

  • Google Analytics for website analytics and performance monitoring

  • Shipping and logistics providers

For more information about how Squarespace processes personal data, please refer to the
Squarespace Privacy Policy

For more information about how Google processes data, please refer to the
Google Privacy Policy

8. International Data Transfers

Some service providers may process data outside the European Economic Area (EEA).

When personal data is transferred outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR, such as:

  • adequacy decisions by the European Commission,

  • or Standard Contractual Clauses (SCCs).

9. Data Retention

We retain personal data only as long as necessary for the purposes described in this Privacy Policy or as required by law.

For example:

  • order and transaction data may be retained for accounting and tax purposes as required under Finnish law,

  • customer service communications may be retained for handling inquiries and disputes,

  • analytics data may be retained according to the settings of the analytics provider.

10. Your Rights Under GDPR

Under GDPR, you have the right to:

  • Access your personal data

  • Correct inaccurate or incomplete data

  • Request deletion of your data

  • Restrict or object to processing

  • Withdraw consent where processing is based on consent

  • Request transfer of your data to another service provider

  • Lodge a complaint with a supervisory authority

In Finland, the supervisory authority is the Office of the Data Protection Ombudsman.

To exercise any of these rights, please contact us at contact@asetusclimbing.com.

11. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, misuse, disclosure, alteration, or destruction.

However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

12. Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of external websites.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Any changes will be published on this page with an updated revision date.

14. Contact

If you have questions about this Privacy Policy or how we process personal data, please contact us via email or our contact form:


Email: contact@asetusclimbing.com

Contact