1. General Information

This Privacy Policy outlines how Kasvula processes, collects, uses, and protects your personal data. Our registered address is Steniuksentie 43 A 7, Helsinki Uusimaa 00320, and we comply with the General Data Protection Regulation (GDPR) as applicable within the European Union.

2. Users and Audience

Our services are intended exclusively for business users ("Users"). We do not target or knowingly collect data from individuals under the age of 18.

3. Data We Collect

We may collect the following categories of personal data:

Identification Data: Name, company name, email address, and physical address.
Contact Information: Phone numbers and other contact details.
Financial Data: Payment details processed via Stripe.
Technical Data: IP addresses, device information, and location data.
Usage Data: Information on how you interact with our services.

We do not collect sensitive personal data such as health or religious information.

4. Purpose of Data Processing

We process personal data for the following purposes:

Providing and managing our services.Customer support and communication.Marketing and promotional activities (where permitted).Analytics and performance monitoring (e.g., Google Analytics).Compliance with legal obligations.

5. Data Sharing

We do not share personal data with third parties, except as required by law or as necessary to comply with legal obligations.

6. Data Retention

We retain personal data:

For the duration of the customer relationship.Up to five (5) years after the termination of the customer relationship, unless a longer retention period is required by applicable laws. Longer if necessary to resolve disputes or meet legal obligations.

7. Data Protection Measures

We take the following steps to protect personal data:

Encryption: Data transmission is secured using encryption protocols (e.g., SSL/TLS).Access Control: Access to personal data is restricted to authorized employees and service providers.Security Protocols: We use firewalls, secure servers, and monitoring systems to safeguard information.

8. Third-Party Services

We use the following third-party services in connection with personal data processing:

Google Analytics: For website usage analysis.Stripe: For secure payment processing.Google Cloud: For data storage and operational needs.Cookies: We use cookies and similar tracking technologies to enhance user experience and gather analytics data. For more information, please refer to our Cookie Policy.

9. User Rights Under GDPR, Users have the following rights:

Access: To request access to personal data we hold.Correction: To request correction of inaccurate or incomplete data.Deletion: To request the deletion of personal data, subject to legal and contractual restrictions.Objection: To object to certain types of data processing, including direct marketing.Data Portability: To request a copy of personal data in a structured, commonly used, and machine-readable format.Complaint: To lodge a complaint with the relevant data protection authority.

10. Legal Basis for Processing

Our processing of personal data is based on:

The performance of a contract.

Compliance with legal obligations.Legitimate interests, such as service improvement and fraud prevention.

11. Updates to This Policy

We may update this Privacy Policy from time to time. Users will be notified of significant changes via our website or other communication channels.

12. Contact Information

If you have any questions or concerns about this Privacy Policy or your personal data, please contact us at: [email protected]

This Privacy Policy was last updated on 12/17/2024.