Privacy Policy | Aurora Racing Parts

Updated November 13, 2025

This privacy notice complies with the EU General Data Protection Regulation (GDPR) and the Finnish Personal Data Act.
Prepared on November 13, 2025.

1. Data Controller

TTM Finland Ltd.

Rantatie 22
37600 Valkeakoski, Finland
Email: Company@TTMFinland.com

2. Contact Person for Data Protection Matters

Julias Rouvali
Email: juliasrouvali03@gmail.com

Phone: +358 45 3541005

3. Name of the Register

TTM Finland Customer Register

4. Purpose and Legal Basis for Processing Personal Data

Personal data is processed for:

Managing customer relationships

Processing and delivering orders

Maintaining and archiving transaction records

The data is not used for automated decision-making or profiling.

Processing is based on a legitimate interest, contractual necessity, or the data subject’s consent, depending on the context.

5. Data Content of the Register

The register may contain the following information:

Name of the individual

Contact details (phone number, email address, postal address)

Billing and payment information

Details relating to the customer relationship and ordered services

Personal data is retained only for as long as necessary to fulfill the purposes listed above. Some information may be stored longer if required by law — for example, to comply with accounting or consumer protection obligations.

6. Regular Sources of Information

Data is primarily collected directly from the customer through:

Online forms

Email correspondence

Telephone communication

Order processes or other customer interactions

7. Regular Disclosure of Data and Transfers Outside the EU/EEA

Personal data may be disclosed only to trusted partners necessary for providing services, such as:

Logistics and delivery companies

Payment service providers

Data is not transferred outside the EU or EEA unless adequate safeguards (such as standard contractual clauses) are in place.

8. Principles of Data Protection

We take appropriate technical and organizational measures to protect personal data.
Information systems are secured, and access to personal data is restricted to employees whose duties require it.

Servers hosting the register are protected both physically and digitally. All processing of data is handled confidentially.

9. Right of Access and Rectification

Every person listed in the register has the right to:

Request access to their personal data

Request correction of inaccurate or incomplete information

Requests must be submitted in writing to the data controller. Proof of identity may be required.

Responses will be provided within one month, as specified in the GDPR.

10. Other Rights Related to the Processing of Personal Data

Registered individuals also have the right to:

Request erasure of their data (“right to be forgotten”)

Restrict processing of personal data in certain situations

Withdraw consent where processing is based on consent

All requests must be made in writing to the data controller, who may ask the requester to verify their identity.
Responses will be provided within the timeframe set by the GDPR (generally within one month).