Privacy policy


We want to take good care of your personal data. Just as we care for our customers.

Business Mill: Privacy Notice

Business Mill, based in Lappeenranta, provides incubator services to businesses and individuals in the South Karelia region. We are part of LAB University of Applied Sciences. Business Mill is committed to protecting the privacy of the clients. This Privacy Notice describes what personal data we collect, what principles we apply when processing such data, and what rights and possibilities to influence individuals have regarding the data collected about them. The collected data is processed as described in this Privacy Notice and according to the EU General Data Protection Regulation (GDPR) and other applicable legislation.

Business Mill’s services can be offered on various technical platforms, and the services may include links or access to other operators’ websites or services. We recommend that you familiarize yourself with such third-party data protection policies and terms of use. Business Mill is not responsible for third-party data protection policies or terms of use.

What personal data do we collect?

We collect and store only such personal data that is required to carry out expert work, including names, phone numbers, email addresses, or other information that is essential for the purposes stated in this Privacy Notice.

Where does the collected data come from?

We collect personal data from the registered persons themselves or from other general sources available to us, such as the user data from our social media channels.

Why do we process personal data?

The primary basis for processing personal data is the use of Business Mill’s services, a person’s other relevant connection to our services, or the person’s consent. In all cases, we aim to collect minimum identifying data.

We process your personal data for one or several of the purposes specified below.

1. Provision of services

Your personal data can be used to provide Business Mill’s services, to answer your requests and questions, to fulfill other similar tasks, and to prevent the misuse of services.

2. Service development

Your personal data can be used for developing Business Mill’s services and enhancing the user experience. In addition, your personal data can be used for implementing questionnaires and studies related to Business Mill’s services.

3. Marketing and customer communications

Your personal data can be used for the marketing of Business Mill’s services and events and for customer communications. For example, we can send you targeted notifications about our services or contact you in matters related to our services or customer service.

How do we use cookies?

Business Mill uses cookies, web beacons and other similar techniques to provide and develop the Business Mill webpages and services, as well as to target content and communication. Our webpages may include third-party components relating to, for example, social network services. 

What are your rights?

Registered persons have, according to the EU General Data Protection Regulation, the right to inspect their own collected data. They have also the right, at any time, to request Business Mill to correct, remove or limit their data, or request transferring of their data to another data controller. In addition, registered persons have, at any time, the right to cancel their consent to process their personal data.

If you want to use the rights described in the above data protection regulation, please contact our data controller. You will find the contact information below, under “Controller’s contact details”.

At any time, you can forbid Business Mill to use your data in direct marketing and in customer satisfaction or other surveys. Notwithstanding this, we can send you notifications about changes or faults and malfunctions in our services.

The registered persons have the right to send a complaint to the Data Protection Ombudsman’s office if they believe that existing laws have been violated in the processing of their personal data.

Transferring or handing over of data

The collected personal data is not transferred or handed over to parties outside Business Mill without the consent of the person affected. On our website, we use tools such as Google Analytics. Those services may be provided by an operator located outside the European Union (EU) or the European Economic Area (EEA). In these cases, too, privacy is protected according to the GDPR regulations.

Register protection principles

The register is maintained and used with due diligence and care. The data processed in data systems is protected appropriately. When register data is stored on web servers, proper measures are applied to secure that the hardware fulfils the requirements of physical and digital data security. The controller ensures that the stored data, permissions to access the servers, and other critical data related to privacy protection are processed in confidence and only by the employees whose job duties require them to access such data. The persons who have the right to access our clients’ personal and other data are under obligation of confidentiality.

Pipedrive is the company that provides our customer management system. You can read their privacy notice at

We store the collected data as long as it is necessary for our operations.

Controller’s contact details

The controller of your personal data is LAB University of Applied Sciences Oy (business ID 2630644-6) at Yliopistonkatu 36, 53850 Lappeenranta. The contact details for the data protection officer at Business Mill in Lappeenranta are:

Emma Latvala
LAB University of Applied Sciences, Yliopistonkatu 36, 53850 Lappeenranta
050 572 8772

In matters concerning privacy protection, you can contact Anne Himanka, who is the legal counsel responsible for data privacy at LAB University of Applied Sciences.

Anne Himanka, Legal Counsel
Lappeenranta-Lahti University of Technology LUT, Yliopistonkatu 34, 53850 Lappeenranta 
050 564 4623