Privacy Notice
As a responsible operator, we want to ensure that your personal data is processed appropriately. Read more about how Toyrock processes your personal data.

Toyrock acts as the data controller for the processing activities described in this privacy notice. In some cases, we may act as joint controllers together with other companies within the same group.

For what purposes do we process your personal data?
We process personal data for various purposes. Below we describe situations and needs in our operations that require the processing of different types of personal data:

  • Customer register data is processed to manage and develop customer relationships.
  • Stakeholder register data is processed to support business development and partnerships.
  • Marketing register data is processed for the marketing of our services.
  • Recruitment register data is processed for making hiring decisions.
  • Employee register data is processed to fulfill employer obligations.
  • User account register data is processed to manage user accounts, enable login, and improve services and customer experience.
  • CCTV register data is processed to ensure security.

We use cookies to personalize content and advertisements, enable social media features, and analyze our traffic.

Who do we disclose or transfer your data to?
We may disclose your personal data to third parties if required for our operations or if you have given your consent. Such parties may include partners and authorities.

We have also entered into agreements with certain service providers who may process personal data on our behalf as part of their services. In such cases, we ensure appropriate data processing through proper agreements.

Personal data may also be processed and shared within the same group, including companies within the Toyrock Group (such as Juhlamaailma and Ilmapallokeskus), for customer management, business development, and marketing purposes.

In these cases, group companies may act either as independent data controllers or joint controllers, depending on the purpose of processing. The allocation of responsibilities is defined in internal agreements.

How do we protect your data?
We use various technical and organizational measures to ensure adequate security of personal data. Access to data is also restricted based on roles and permissions.

How long do we retain your data?
We retain your data for as long as necessary for our operations or as required by law. Retention periods vary between different registers.

Your rights
You have rights under the GDPR to influence the processing of your personal data. In certain situations, you also have the right to access your data, request deletion, or correct inaccurate information.

Further information
If you have any questions about our privacy practices or wish to exercise your rights, please contact us by email: privacy(a)toyrock.fi

Barbie
Hot Wheels
Fisher-Price
Disney Frozen
Disney Princess
Monster High
Mattel Games
Bestway
Clementoni
Geomag
Elastikorps
Jiggly Pets
Koolspeed
Mavrix
Magic City
Dinos Unleashed
Trollius ‘n roll
Rollytoys
Disney Cars
VIP Pets
Escape Room
Cry Babies
Brain Games
Club Petz
Vet Squad
Revell
Action Fun
Minecraft
Jurassic World
Bloopies
Matchbox
Enchantimals
Wubble Bubble
Harry Potter
Little Me
H2O Clear pool
Toyrock Summer
Toyrock Sport