Privacy Notice
​
1. Introduction
​
Protecting your privacy and ensuring transparency in the processing of your personal data are of utmost importance to Klarity Oy. The purpose of this privacy policy is to inform you about how we process your personal data in our business operations and online services (www.klarity.fi).
​
2. Data Controller
​
Name: Klarity Oy
Business ID: 3365314-7
Address: Tikkurilantie 33 A 5, 01370 Vantaa
Email: klarity@klarity.fi
​
3. Categories of Data Subjects and Processed Personal Data
​
3.1 Categories of Data Subjects
​
Klarity Oy processes personal data from the following groups:
-
Customers and potential customers
-
Website users
-
Partners and subcontractors
​
3.2 Processed Personal Data
​
Personal data may include:
​
Customers and partners:
-
Name, position, and contact details (e.g., email and phone number)
-
Company name and billing information
-
Content of contracts and service requests
Website users:
-
Data collected by cookies, such as IP address, browser type, session duration, website visits, and other anonymous analytics data
Direct marketing:
-
Name and email address of business customer representatives
​
4. Sources of Personal Data
​
Personal data is primarily collected directly from the data subject in the following situations:
-
When you use our website
-
When you send us an email or contact us
-
When we enter into agreements or receive inquiries about our services
​
5. Purpose and Legal Basis of Processing
​
5.1 Purposes of Processing
​
We process personal data for the following purposes:
-
Customer relationship management and service provision
-
Handling inquiries and feedback received via email
-
Billing and contract management
-
Analyzing and improving website usage
-
Direct marketing
​
5.2 Legal Basis
​
The legal bases for processing personal data are:
-
Performance of a contract: Providing services and managing customer relationships
-
Legitimate interest: Direct marketing and website analytics
-
Consent: Use of cookies and receipt of marketing communications
-
Legal obligation: Compliance with accounting and other statutory requirements
​
6. Disclosure and Transfer of Personal Data
​
6.1 Recipients of Personal Data
​
Personal data may be disclosed to the following entities:
-
Wix.com: Website maintenance and cookie management
-
Microsoft Office: Email, document storage, and file sharing
-
Accounting services: Processing of billing and accounting data
​
6.2 Transfers Outside the EU/EEA
​
We use third-party services that may transfer data outside the EU and EEA. In such cases, we comply with GDPR requirements by implementing Standard Contractual Clauses or relying on the Data Privacy Framework to ensure data protection.
​
7. Data Retention Periods
​
We retain personal data only for as long as necessary to fulfill the defined purposes or to comply with legal obligations:
​
-
Customer data: Retained for the duration of the customer relationship and for 3 years thereafter to address potential legal claims
-
Email inquiries: Deleted within 12 months after processing
-
Cookie data: Retention periods vary depending on the cookie type. See our cookie policy for details
-
Direct marketing data: Retained for up to 12 months after consent withdrawal or, if based on legitimate interest, for up to 24 months after the last active contact
-
Billing data: Retained for 6 years from the end of the financial year, as required by accounting laws
​
We adhere to data protection principles when storing data and strive to delete unnecessary information promptly. Data may be anonymized for analytics purposes after the retention period expires.
​
8. Rights of the Data Subject
​
-
Right to information – The data subject has the right to clear and understandable information about how their personal data is processed.
-
Right to access data – The data subject has the right to confirm whether their data is being processed and to access that data.
-
Right to rectification – The data subject has the right to request correction of inaccurate or incomplete data without undue delay.
-
Right to erasure ("right to be forgotten") – The data subject can request deletion of their data under certain conditions, such as when it is no longer needed for its original purpose or if consent is withdrawn and there is no other legal basis for processing.
-
Right to restriction of processing – The data subject can request restriction of data processing in specific situations, such as when the accuracy of the data is contested or processing is unlawful but deletion is opposed.
-
Right to object – When processing is based on legitimate interest, the data subject can object to the processing based on personal circumstances.
-
Right to data portability – When processing is based on consent and carried out automatically, the data subject has the right to receive their personal data in a structured, commonly used, and machine-readable format and to transfer it to another controller.
-
Right not to be subject to automated decision-making – The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, if it has legal or significant effects on them.
​
Please note that not all rights can be exercised in all situations, as their applicability depends on the legal basis of the processing and other GDPR provisions.
​
9. Filing a Complaint with the Supervisory Authority
​
The data subject has the right to lodge a complaint with the Finnish Data Protection Ombudsman if they believe their rights have been violated:
​
​
Contact details:
Office of the Data Protection Ombudsman
-
Visiting address: Lintulahdenkuja 4, 00530 Helsinki
-
Mailing address: P.O. Box 800, 00531 Helsinki
-
Email: tietosuoja(at)om.fi
-
Switchboard: +358 29 566 6700
-
Registry: +358 29 566 6768
​
10. Cookies
​
We use cookies on our website for the following purposes:
-
Ensuring website functionality
-
Enhancing user experience
-
Analyzing visitor traffic
You can accept or reject cookies via the website's cookie banner. See our cookie policy for detailed information.
​
11. Changes to the Privacy Policy
​
We may update this privacy policy as necessary. Significant changes will be announced on our website. We encourage you to review the policy regularly.
​
This privacy policy was last updated on: January 17, 2025
​