Privacy policy

Last updated: 02/26

This Privacy Policy describes how Oona Rintatalo collects and processes personal data of website users and clients. Personal data is processed in accordance with applicable data protection legislation and the principles of the EU General Data Protection Regulation (GDPR).

Data Controller

The data controller is:

Name: Oona Rintatalo
Email: [your@email.com]
Business ID: FI34430711 (y-tunnus: 3443071-1)
Country: Finland

Personal Data We Collect

We collect only personal data that is necessary for operating this website and providing our services.

Personal data may be collected when:

  • you contact us via email or contact forms

  • you become a client or request information or a quote

  • you visit this website

The data collected may include:

  • name and contact details (such as email address)

  • messages and correspondence

  • technical data related to website usage (such as IP address, device type, browser information, and cookies)

Purpose and Legal Basis for Processing

Personal data is processed for the following purposes:

  • communicating with clients and potential clients

  • providing services and managing client relationships

  • developing and maintaining the website

  • ensuring website security

The legal basis for processing personal data is:

  • performance of a contract

  • compliance with legal obligations (e.g. accounting legislation)

  • legitimate interest related to business operations and website functionality

  • consent, where applicable

Cookies

This website uses cookies to ensure proper functionality and to improve user experience. You can accept cookies or manage your cookie preferences through the cookie banner.

Data Sharing and Transfers

Personal data is not sold or rented to third parties.

Data may be shared with trusted service providers only when necessary for website operation or service delivery. Data processing agreements are in place where required.

The website is hosted on Squarespace, which may process personal data outside the EU or EEA using appropriate safeguards in accordance with GDPR.

Data Retention

Personal data is stored only for as long as necessary for the purposes described in this Privacy Policy or as required by Finnish law.

Accounting-related data is retained for the period required by law (generally up to 10 years).

Your Rights

Under GDPR, you have the right to:

  • access your personal data

  • request correction of inaccurate data

  • request deletion of your personal data

  • withdraw consent at any time

  • object to the processing of your data

  • restrict processing in certain situations

Requests regarding your rights can be sent to:
[your@email.com]

If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with the Finnish Data Protection Ombudsman.

Data Security

Personal data is protected using appropriate technical and organizational measures. Access to personal data is limited to those who need it for their work.

Changes to This Policy

This Privacy Policy may be updated when necessary. The latest version is always available on this website.

Contact

If you have any questions about this Privacy Policy or how your personal data is processed, please contact:
[your@email.com]