top of page

Customer and marketing register
Privacy statement

Milestone Coaching & Consulting Oy's customer and marketing register data protection statement

1. Registrar
Milestone Coaching & Consulting Oy, Y-ID 1764356-3   (hereinafter also "Milestone")
Address: Milestone c/o Innovation House Finland
Tekniikantie 2, 02150 Espoo, Finland

2. The person handling registry matters

Antti Harjuoja, +358 50 5714011

In its investigations, Milestone Coaching & Consulting Oy has come to the conclusion that it does not need to appoint a data protection officer.

3. Register name

Milestone Coaching & Consulting Oy's  Customer and marketing register


4. Purpose and basis of personal data processing

The primary basis for the processing of personal data is the customer relationship between Milestone's customer and Milestone, the order given by the customer, the consent given by the data subject or other relevant connection.
Personal data can be processed for the following purposes: 

  • Managing, implementing and monitoring customer relations, customer service and related communication and marketing. 

  • Analysis, grouping and reporting of customer relations, implementation of the customer program and other purposes related to the development of overall customer and Milestone's business. 

  • Collecting and processing customer feedback and customer satisfaction data.

  • Various marketing measures, such as telephone marketing, e-mail marketing and other electronic marketing communications

Personal data is used to produce reports and reports describing the operating style and/or cooperation of a person or several persons. The person answers a series of questions or statements based on which the report is created. The basis for the processing of personal data is the consent given by the person before the data is disclosed. Processing tasks can be outsourced to external service providers in accordance with data protection legislation and within the limits set by it.

5. Data content of the register

The register may contain the following information; 
Registered person's name, nickname, social security number, customer number, employer, education, position, address, phone number, email address and other necessary contact information, language, gender, data entry date. Gender information is used to ensure the correctness of the language of the report to be produced (cf. English he / she).  Data related to data processing, such as recording date and data source. Content produced by the registrant himself and additional information provided by him, which is used to carry out the assignments. 

In connection with the collection of register data, e.g. IP address, browser type, Internet service provider, page from which you reach and go to next, operating system, time of visit, click data are automatically saved as cookie data. The processor of the register data uses cookies and similar technology, e.g. for analyzing trends, managing the website, tracking user movement on the site. The user can control usage at the individual browser level by disabling cookies. 


6. Personal data retention period

Milestone stores personal data in the customer and marketing register until the customer relationship between the registered person and Milestone can be considered terminated. The end date is determined from the data subject's most recent service contact or contact, to which five years are added. 

From the customer register, personal data and other data are collected from the registered as separate data for the preparation of personal behavior and activity profiles (e.g. DISC Profile).

Regarding behavioral and activity profiles made for the consent of the registered person, the procedure is as follows. These are stored by Milestone for a maximum of 2 years after preparation, after which they are transferred to the service provider for storage. Milestone destroys this information upon transfer, and does not keep a copy of it. The registrant will be informed about the transfer of data and he can deny it if he wishes.

The purpose of use is also the account established and managed by the registered person in the service, the functionality of which requires the storage of the person's data in the register referred to here. Unless the customer has set up a account or unless otherwise agreed, the data will be stored for two calendar years following the year of fulfillment and will be deleted by the end of June of the following third year. 

7. Personal data sources

Information is primarily obtained from the following sources:

  • Events related to the registered person and the registrant's customership, use of services, communication and transactions.

  • Provided by a registered employer.

  • Provided by a coach, coaching organization, educational institution or similar.

  • Address and joint information provided by other partners of Milestone can also be added to the register

  • Updates of name, address and other contact information are obtained based on the activity of customers and their communities. 

  • The ban on direct marketing and the ban on registration of purchases are saved from separate notifications made by the customer to the data controller.

  • Personal data can also be collected and updated from generally available data sources, for example from company websites and service providers (e.g. Suomen Asiakastieto Oy), public and private registers.

8. Regular data transfers and data transfer outside the EU or the European Economic Area 

In addition to the registered person himself, the information is disclosed to his employer or coach in situations related to training or development programs in which the person participates. When the purpose of the above-mentioned programs is to develop interpersonal interaction or cooperation skills or otherwise promote cooperation between individuals, data may be disclosed to other participants for joint processing in accordance with the nature of the program. 
Customer data will not be disclosed outside of Milestone or parties involved in the production, development or maintenance of services and communications acting on its behalf, other than in accordance with the agreement, separate consent and/or specific regulations. 
Information is not transferred outside the EU or the European Economic Area, unless it is necessary for the implementation of the service. Even then, Milestone takes care of an adequate level of data protection in accordance with the data protection legislation and within the limits set by it.

9. Description of the principles of registry protection

Any manual material is stored in a locked space, to which only persons who have received the right have access. Currently with CEO. 

The material is stored in digital form after its training use. The digital material can only be accessed with the personal username and password of an employee or partner of the data controller entitled to it. 


There are different levels of access rights, and each user is given access rights that are sufficient for the performance of the task, but as limited as possible. Only named persons have the right to process and maintain the data in the register. Users are bound by a duty of confidentiality. 


Information is stored technically protected. Access to information requires sufficient rights and multi-step identification. Unauthorized access to personal data is also prevented e.g. with the help of firewalls and technical protection. Registry data is backed up regularly and can be restored if necessary. The level of information security and the adequacy of protection are checked regularly and the necessary changes are made.


10. Profiling

Milestone does not perform profiling of its customers or other persons as defined in the Data Protection Regulation.

11. The data subject's right to object to the processing of personal data and direct marketing (right to object)

The registrant has the right to personally object to the processing of personal data that Milestone applies to the registrant's personal data to the extent that the data processing is based on a customer relationship between Milestone and the registrant or the registrant's consent. in accordance with 13. In connection with the request, the registered person must specify the special situation based on which he objects to the processing. Milestone may refuse to implement a request for objection on the basis of the law. The registrant can give Milestone consents or prohibitions regarding direct marketing.

12. Other rights of the data subject related to the processing of personal data

12.1. The data subject's right to access data (right of inspection)
The registered person has the right to check what information about him has been stored in Milestone's customer register. The inspection request must be made in accordance with section 13 of this privacy statement. The right of inspection can be denied on the basis of the law. Exercising the right of inspection is basically free of charge.


12.2. The data subject's right to demand rectification, deletion or restriction of processing
The registered person has the right to demand that incorrect, unnecessary, incomplete or outdated information in the register be corrected, deleted or supplemented.
Milestone has no obligation to delete personal data if it is processed or stored a) to comply with a legal obligation requiring processing b) to prepare, present or defend a legal claim.


The data subject also has the right to demand that the data controller limit the processing of his personal data, for example in the situation when the data subject is waiting for Milestone's response to a request to correct or delete his data.


12.3.The right of the registered person to file a complaint with the supervisory authority
The registered person has the right to file a complaint with the competent supervisory authority if the data controller has not complied with applicable data protection regulations in its operations.


12.4. Other rights
If personal data is processed based on the data subject's consent, the data subject has the right to withdraw his consent by notifying the Company in accordance with section 13 of this privacy statement.


13. Contacts

In all questions related to the processing of personal data and in situations related to the exercise of own rights, the data subject should contact Milestone
a) Mail to: 
Milestone c/o Innovation House Finland, 
Tekniikantie 2, 02150 Espoo, Finland

b) By sending an email [from the email address in Milestone's register] to or

If necessary, Milestone can ask the registrant to clarify his request in writing and, if necessary, the identity of the registrant can be verified before taking other measures.


I'm always looking for new and exciting opportunities. Let's connect.


bottom of page