Privacy policy

Online store Guitar Well, on the website,

busines ID 1964641-8, in Korppoo (Finland), processes personal data provided by the customer, which fills and confirms the terms of use, the processing of electronic orders and deliveries, and the necessary communication within the time required by law.

General provisions

1. The controller of personal data that complies with the GDPR regulation (hereinafter the "regulation") is Guitar Well, business ID number 1964641-8, located in Korppoo (Finland) (hereinafter the "Controller")

2. The data controller's contact information is: email:

3. Personal data is all information related to an identified or identifiable natural person.

Source of personal data

1. The controller processes the personal data received with the customer's consent, which has been collected by contract for the purpose of obtaining and filling the electronic order of the online store from the customer.

2. The registrar only processes the customer's identification and contact information, which are necessary to fulfill the purchase contract.

3. The registrar processes personal data for sending and accounting purposes as well as for the time required by law to transmit the necessary information to the contracting parties. Personal data will not be made public or transferred to other countries.

Purpose of data processing

The controller processes the Customer's personal data for the following purposes:

1. Website registration in accordance with Chapter 4, Section 2 of the GDPR.

2. Electronic order created by the customer (name, address, e-mail, phone number).

3. Complying with the law and regulations resulting from the contractual relationship between the Customer and the Data Controller.

4. Personal information is necessary to fulfill the purchase contract. A contract cannot be concluded without personal information.

Duration of personal data storage

1. The Controller stores personal data as long as necessary to fulfill the rights and obligations arising from the contractual relationship between the Controller and the Customer and for three years after the termination of the contractual relationship.

2. The controller must delete all personal data after the time required to store personal data.

Recipients and processors of personal data

The third parties that process the customer's personal data are subcontractors of the Controller. The services of these subcontractors are necessary so that the agreement on the acquisition and processing of the electronic order in the contract between the Controller and the Customer can be implemented.

The subcontractors of the controller are:

Webnode AG (e-commerce system)

Cargo company; Finnish Post

Google Analytics (home page analytics)

Customer rights

In accordance with the regulation, the Customer has the right to:

1. the right to access personal data.

2. right to rectification of personal data.

3. the right to delete personal data.

4. the right to object to the processing of personal data.

5. the right to data portability.

6. the right to withdraw consent to the processing of personal data in writing or by email to:

7. the right to submit a complaint to the supervisory authority if a violation of the Regulation is suspected.

Security of personal data

1. The controller undertakes to implement all technical and organizational precautions necessary to protect personal data.

2. The registrar has taken technical precautions to secure the data storage facilities, in particular ensured access to the computer with a password, used anti-virus software and maintained the computers regularly.

Final provisions

1. By placing an electronic order on the website, the customer confirms that he is aware of all personal data protection terms and accepts them in full.

2. The customer accepts these rules by selecting the checkbox in the order form.

3. The registrar may update these Rules at any time. A new, updated version must be published on this website.

These rules enter into force on 25 September 2023