Privacy Policy
In accordance with the EU General Data Protection Regulation – GDPR
Created: 7 April 2026
Data Controller
FUTUARTS Oy
Business ID: 3340819-2
Töölönkatu 11
00100 Helsinki, Finland
Contact Person for Data Protection Matters
Kira Palin
+358 40 7535245
Purpose and Legal Basis for Processing Personal Data
The legal basis for processing personal data under the EU General Data Protection Regulation (GDPR) includes:
Legitimate interest of the data controller based on a customer or business relationship
Performance of a contract
Compliance with legal obligations
Personal data is processed for the following purposes:
Managing and maintaining client relationships
Delivering services and products
Communication and marketing
Fulfilling legal and regulatory requirements
Personal data is not used for automated decision-making or profiling.
Categories of Personal Data Processed
The following types of personal data may be collected and processed:
Contact information:
Name, title, company/organization, phone number, email address, postal address
Client relationship data:
Information related to purchased services, changes to services, billing details, and other relevant client information
Technical data:
IP address, user identifiers, and social media profiles
Website visitor IP addresses and essential cookies are processed based on legitimate interest, including ensuring security and collecting visitor statistics where such data qualifies as personal data. Consent is obtained separately where required for third-party cookies.
Data Retention
Personal data is retained only for as long as necessary to fulfill the purposes outlined in this policy or as required by applicable law.
Sources of Personal Data
Personal data is collected primarily from:
The data subject directly (e.g. via email, phone, social media, contracts, meetings)
Public sources such as websites and directories
Other companies or organizations, where applicable
Disclosure and Transfer of Data
Personal data is not disclosed to third parties unless required for service delivery or by law.
Data is not transferred outside the EU or EEA without appropriate safeguards.
Data Protection and Security
Personal data is handled with due care and protected using appropriate technical and organizational measures.
Where data is stored on internet servers, both physical and digital security measures are implemented. Access to personal data is restricted to authorized personnel only and handled confidentially.
Right of Access and Rectification
Data subjects have the right to:
Access their personal data
Request correction of inaccurate or incomplete data
Requests must be submitted in writing to the data controller. Identity verification may be required. Requests are processed within the timeframe set by GDPR (generally within one month).
Other Rights of the Data Subject
Data subjects have the right to:
Request deletion of their personal data (“right to be forgotten”)
Restrict processing in certain situations
Object to processing
Withdraw consent at any time
Requests must be submitted in writing to the data controller. Identity verification may be required. Requests are handled within GDPR timelines.
Cookies
The website uses cookies to enhance user experience and to analyze website traffic and usage.
Users can accept or decline cookies through their browser settings. Where required, consent is requested for non-essential cookies.
Changes to This Privacy Policy
This Privacy Policy may be updated from time to time. The latest version will always be available on the website, and users will be informed of significant changes where appropriate.