Privacy Policy

PRIVACY POLICY
Beyond Visuals Oy
Business ID: [Insert Y-tunnus]
Registered in Finland
Last updated: [Insert Date]
1. CONTROLLER INFORMATION
Beyond Visuals Oy
Registered address: [Insert Address]
Email: [Insert Email]
Website: [Insert URL]
Beyond Visuals Oy acts as the data controller for personal data processed through this website and in connection with our services.
2. SCOPE OF THIS POLICY
This Privacy Policy explains how we collect, process, store, protect, and transfer personal data when:
• You visit our website
• You contact us
• You request a quote
• You enter into a service agreement
• You subscribe to newsletters
• You engage with us as a client, collaborator, supplier, or partner
This policy does not apply to third-party websites linked from our website.
3. PERSONAL DATA WE COLLECT
We may collect the following categories of personal data:
3.1 Contact Information
• Name
• Company name
• Job title
• Email address
• Phone number
• Address
3.2 Client & Business Information
• Billing details
• VAT number
• Business ID
• Contract information
• Payment information (excluding full credit card numbers)
3.3 Communication Data
• Emails
• Messages
• Meeting notes
• Call summaries
3.4 Marketing & Usage Data
• Website analytics (IP address, device type, browser type)
• Cookies and tracking data
• Social media engagement data
3.5 Content Production Data
Where relevant to projects:
• Photos and video recordings
• Publicly shared social media content
• Names of individuals appearing in deliverables
We do not intentionally collect sensitive personal data (e.g., health, political views, religious beliefs).
4. PURPOSES OF PROCESSING
We process personal data for the following purposes:
• Responding to inquiries
• Preparing proposals and contracts
• Delivering services
• Invoicing and accounting
• Marketing communications (where lawful)
• Improving website performance
• Protecting legal rights
• Compliance with legal obligations
We do not sell personal data.
5. LEGAL BASES FOR PROCESSING (GDPR ARTICLE 6)
We rely on the following legal bases:
5.1 Contractual Necessity
Processing necessary to perform a contract or take steps prior to entering a contract.
5.2 Legitimate Interest
Processing necessary for:
• Business operations
• Direct marketing to existing business contacts
• Website analytics
• Fraud prevention
We balance our interests against your rights.
5.3 Legal Obligation
Processing required under Finnish accounting and tax law.
5.4 Consent
Where required (e.g., newsletters, non-essential cookies), we rely on your explicit consent.
You may withdraw consent at any time.
6. DATA RETENTION
We retain personal data only as long as necessary for the purposes described above.
Typical retention periods:
• Accounting records: 6–10 years (Finnish Accounting Act)
• Contracts: up to 10 years after completion
• Marketing data: until consent withdrawn
• Website analytics: as configured in analytics platform
After this period, data is securely deleted or anonymized.
7. DATA SHARING
We may share personal data with:
• Accountants and financial advisors
• IT service providers
• Cloud storage providers
• Payment service providers
• Legal advisors
• Authorities where legally required
All processors are contractually bound to GDPR-compliant processing.
We do not sell or trade personal data.
8. INTERNATIONAL DATA TRANSFERS
If personal data is transferred outside the European Economic Area (EEA), we ensure adequate safeguards such as:
• EU Standard Contractual Clauses (SCCs)
• Adequacy decisions by the European Commission
• Additional technical safeguards where required
9. DATA SECURITY
We implement appropriate technical and organizational measures, including:
• Encrypted communications (HTTPS)
• Secure cloud storage
• Access control limitations
• Two-factor authentication where applicable
• Confidentiality obligations for staff and contractors
However, no internet transmission is completely secure.
10. YOUR RIGHTS UNDER GDPR
You have the right to:
• Access your personal data
• Rectify inaccurate data
• Erase data (“right to be forgotten”)
• Restrict processing
• Data portability
• Object to processing
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority
In Finland, the supervisory authority is:
Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto)
www.tietosuoja.fi
Requests can be sent to: [Insert Email]
We may require identity verification.
11. COOKIES & TRACKING
We use cookies and similar technologies for:
• Website functionality
• Analytics
• Marketing (if applicable)
Non-essential cookies are only used with your consent.
You can manage cookies via browser settings or cookie banner preferences.
A separate Cookie Policy may provide further detail.
12. DIRECT MARKETING
We may send marketing communications:
• If you are an existing business contact (legitimate interest), or
• If you have provided consent
You may opt out at any time via unsubscribe link or by contacting us.
13. CHILDREN
Our services are not directed to children under 16.
We do not knowingly collect data from children.
14. AUTOMATED DECISION-MAKING
We do not conduct automated decision-making or profiling that produces legal effects.
15. CHANGES TO THIS POLICY
We may update this Privacy Policy to reflect legal or operational changes.
The latest version will always be available on our website.
16. CONTACT
For privacy-related inquiries:
Beyond Visuals Oy
Email: [Insert Email]
Address: [Insert Address]