Join Queue

Privacy Policy

Last updated May 8th 2026

GENERAL INFORMATION ON DATA PROCESSING

LFG Brands Oy (“LFG Brands”, “we”) and its affiliate M Room Oy are responsible for processing personal data within the group and acts as the data controller. LFG Brands manages and oversees the group’s operations, including its brands and online stores. Detailed information about our brands can be found on our website: https://lfgbrands.fi/brandimme/.

This privacy policy may be updated to reflect changing business needs, legal requirements, or service changes. The latest version of the privacy policy is always available on our website.

Contact details:
Name: LFG Brands Oy
Business ID: 2344679-3
Postal address: Jaakonkatu 5, 00100 Helsinki, Finland
Inquiries regarding data protection: privacy@lfgbrands.fi

Supplementary Privacy Notice

For individuals who access and use our cloud-based service as authorised users or contact persons on behalf of a business customer, M Room Oy acts as the data controller and we have prepared a supplementary privacy notice that complements this Privacy Policy and describes in more detail how we process their personal data in that context. The supplementary notice clarifies this Policy and shall prevail in the event of any inconsistencies.

The supplementary notice is available here: Supplementary Privacy Notice for Cloud Service Users

PERSONAL DATA PROCESSED AND THEIR RESOURCES

The information we collect may include:

  • Personal data: Name, contact details (email, phone number, address), date of birth
  • Customer data: Purchase transactions, membership information, customer feedback, complaints
  • Payment data: Information related to payment transactions
  • Technical data: IP address, device information, browser settings, data collected via cookies

Sources of information:

  • From the user themselves (e.g., when using services)
  • Through technical tools (e.g., cookies and analytics)
  • From reliable external sources (e.g., official registers)

PURPOSES AND LEGAL BASES FOR PROCESSING PERSONAL DATA

Purposes of processing:

  • Providing and maintaining services
  • Customer service and customer communication 
  • Marketing and improving the customer experience
  • Compliance with legal obligations

Legal grounds for processing:

  • Performance of the contract
  • LFG Brands’ legitimate interest, such as business development and marketing
  • User consent, for example for direct marketing
  • Compliance with statutory obligations

COOKIES AND TECHNICAL INFORMATION

Our website uses cookies to improve the user experience and to provide personalized content. Cookies are used, among other things, for the following purposes:

  • Enabling basic site functionality
  • Analyzing usage and developing services
  • Providing targeted marketing

Third-party cookies:

We may use third‑party cookies, such as Google Analytics, to analyze website usage and improve our services. More information about the use of these services can be found in the service providers’ own privacy policies.

Cookie management:

You can control or block the use of cookies in your browser settings. Please note that blocking cookies may affect the functionality of the website.

DATA RETENTION

We retain personal data only for as long as necessary to achieve the purposes set out in this privacy notice or to comply with legal obligations, but in any case for no longer than five years. The retention period for data may vary depending on the following factors:

  • Duration of the customer relationship
  • Legal obligations imposed by law, such as accounting and reporting requirements
  • User’s consent to the processing of data

When the data are no longer needed, they will be deleted or anonymized within a reasonable time.

TRANSFER AND DISCLOSURE OF DATA

Personal data may be shared:

  • With service providers: We use third parties such as IT service providers, payment service providers and marketing partners
  • For legal reasons: We may share data with authorities or other parties as required by law
  • Within the group: Personal data may be processed within LFG Brands for business purposes

Transfers of data outside the EEA:

If personal data is transferred outside the EEA, we ensure an adequate level of data protection and apply appropriate safeguards, such as using standard contractual clauses and the EU–US Data Privacy Framework.

DATA SUBJECT RIGHTS

Registered users have the following rights:

  • Access to your data: The right to know what information has been collected about you
  • Correction of data: Correcting inaccurate or incomplete information
  • Deletion of data: Deleting information unless there is a legal basis to retain it
  • Restriction of processing: Restricting the processing of personal data in certain situations
  • Data portability: The right to receive your data in electronic form and transfer it to another system
  • Right to object: The right to oppose the use of your data, for example for direct marketing

A data subject may exercise their rights by contacting us by email: privacy@lfgbrands.fi. Please verify your identity when requests are processed

RIGHT TO LODGE A COMPLAIANT WITH THE SUPERVISORY AUTHORITY

The data subject has the right to lodge a complaint with the data protection authority if they consider that their personal data have been processed in violation of applicable law.

INFORMATION SECURITY

We protect personal data with appropriate technical and organizational security measures.

Our information security measures include:

  • Use of encryption and necessary safeguards
  • Access control system
  • Regular security testing

Any potential data security breaches will be reported promptly to the affected data subjects and the authorities.

Contact us if you have any questions about data protection or wish to exercise your rights.

Email address: privacy@lfgbrands.fi