Tyylidata logo

Privacy Policy

Privacy Policy

This privacy policy applies to the collection, storage, and use of personal data on the Tyylidata website. The policy is drafted in accordance with the General Data Protection Regulation (GDPR) of the European Union.

1. Data Controller

Tyylidata, Tytti Lakka
Business ID: EL-173450850
Street Address: SAVVA DIAKOU 6 – ΡΟΔΟΣ, Greece
Email: info@tyylidata.fi
Phone: +30 694 8120234

If required under applicable law, Tyylidata will appoint a Data Protection Officer and publish the contact details on this page.

2. Purpose and Legal Basis for Processing Personal Data

Personal data is processed for the following purposes:

  • managing and maintaining customer relationships

  • responding to inquiries submitted via the website

  • providing information about services

  • fulfilling contractual obligations

The legal bases for processing personal data are:

  • legitimate interest of the data controller in managing customer relationships and communication

  • performance of a contract between the data subject and Tyylidata

  • consent provided by the data subject (for example when submitting a contact form or subscribing to communications)

When processing is based on legitimate interest, Tyylidata considers that processing is necessary for operating its business and communicating with customers and potential clients.

3. Categories of Personal Data

The register may contain the following personal data:

  • first and last name

  • email address

  • phone number

  • company name

  • company website

  • information submitted through contact forms or communication channels

  • other information voluntarily provided by the individual

4. Source of Personal Data

Personal data is primarily obtained directly from the data subject when they contact Tyylidata via:

  • website contact forms

  • email communication

  • other communication channels

Personal data may also originate from publicly available sources, such as company websites, if necessary for business communication.

5. Recipients of Personal Data

Personal data is not regularly disclosed to third parties.

However, data may be processed by trusted service providers such as:

  • website hosting providers

  • email service providers

  • IT system providers

These service providers process personal data only to the extent necessary for delivering their services and are bound by confidentiality and data protection obligations.

6. Transfers of Personal Data Outside the EU/EEA

Personal data is primarily processed within the European Economic Area (EEA).

If personal data is transferred outside the EEA, appropriate safeguards required by the GDPR will be applied, such as standard contractual clauses or other legally approved mechanisms.

7. Retention Period

Personal data is retained only for as long as necessary for the purposes described in this policy.

Typical retention periods include:

  • customer communication data: as long as necessary to manage the relationship

  • accounting records: retained according to statutory requirements (minimum seven years)

  • marketing-related data: until the data subject withdraws consent or requests deletion

8. Security of Personal Data

Personal data is protected using appropriate technical and organizational security measures.

Manual data is stored in secure facilities. Electronic data is stored in protected systems with access controls, authentication mechanisms, and monitoring of access.

Access to personal data is restricted only to individuals whose job responsibilities require such access. All persons handling personal data are bound by confidentiality obligations.

9. Rights of the Data Subject

Under data protection legislation, data subjects have the following rights:

  • the right to access their personal data

  • the right to request correction of inaccurate data

  • the right to request deletion of personal data

  • the right to restrict the processing of personal data

  • the right to object to processing based on legitimate interest

  • the right to data portability where applicable

  • the right to withdraw consent at any time where processing is based on consent

Requests related to these rights can be submitted by contacting:
info@tyylidata.fi

Data subjects also have the right to lodge a complaint with the relevant supervisory authority.

10. Obligation to Provide Personal Data

Providing personal data through the website contact form is voluntary. However, certain information may be necessary in order for Tyylidata to respond to inquiries or provide services.

If required information is not provided, it may not be possible to respond to the request or establish a customer relationship.

11. Automated Decision-Making

Tyylidata does not use automated decision-making or profiling that would have legal or similarly significant effects on individuals.

12. Use of Cookies

The Tyylidata website does not use cookies.

The website has been designed to operate without analytics, marketing, or tracking cookies, and no data is stored on the user’s device.