Privacy Policy

v1.0.0

privacy-policy


1. Data Controller

Company: HI Ventures Oy
Business ID: 3201552-2
Address: Kaivokatu 12, 00100 Helsinki, Finland

2. Contact Person for Data Protection Matters

Data Protection Contact: Samuli Ala-Kasari
Telephone: +358 40 9610 067
Email: hello@hiengine.ai

3. Scope of This Privacy Notice

This Privacy Notice describes how HI Ventures Oy (hereinafter “HI Engine” or “the Company”) processes personal data in the course of its business operations.

It applies to the following categories of data subjects:

  • representatives and contact persons of current or former corporate or institutional customers;

  • individuals who have ordered or use the Company’s products or services;

  • prospective customers and representatives of prospective customers;

  • representatives and contact persons of partners and collaborators.

All the above persons are hereinafter referred to as the “Data Subject”.

This Privacy Notice is supplemented by the Company’s Cookie Policy, which provides further information on the use of cookies and similar technologies.

4. Purposes and Legal Bases for Processing Personal Data

HI Engine processes personal data on the following legal bases:

  • Consent, where required by applicable law (e.g. electronic direct marketing or certain cookies);

  • Legitimate interests, particularly in connection with customer relationship management, marketing, and the development of business and services;

  • Compliance with legal obligations, such as accounting, record-keeping, and information security obligations.

Where processing is based on legitimate interest, HI Engine has conducted a balancing test and determined that such processing does not override the Data Subject’s fundamental rights and freedoms.

HI Engine does not process special categories of personal data.

Personal data may be processed for the following purposes:

  • providing, producing, delivering, and developing products and services;

  • managing customer relationships, communications, invoicing, and reporting;

  • handling maintenance, warranty, and support requests;

  • marketing and communications;

  • complying with statutory obligations;

  • analysing and developing websites and business operations;

  • ensuring security in connection with physical premises and meetings.

5. Categories of Personal Data

The following categories of personal data may be processed:

  • basic identification and contact details (e.g. name, email address, telephone number, address, role within an organisation);

  • customer, contract, and order-related information;

  • communications and customer service records;

  • event registration details;

  • technical and usage data (e.g. IP address, browser type, cookies, visited pages, referrer URL, timestamps);

  • technical metadata (e.g. data source and storage date).

Not all of the above data necessarily constitute personal data, as some information may relate solely to organisations.

6. Retention of Personal Data

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected and in accordance with applicable legislation.

Retention periods are determined based on:

  • the duration of the customer or contractual relationship;

  • statutory retention requirements;

  • the need to establish, exercise, or defend legal claims.

Where a Data Subject objects to direct marketing, a record of such objection will be retained. Records related to the exercise of Data Subject rights may also be retained for applicable limitation periods.

7. Sources of Personal Data

Personal data may be collected from:

  • the Data Subject;

  • the organisation represented by the Data Subject;

  • the Company’s websites and online services;

  • publicly available sources (e.g. company websites or LinkedIn);

  • third-party service providers (e.g. marketing or data providers);

  • public authorities and registers.

8. Disclosure of Data and Transfers Outside the EU/EEA

HI Engine may use service providers that process personal data on its behalf, including providers located outside the EU/EEA.

In such cases, appropriate safeguards are implemented, such as the European Commission’s Standard Contractual Clauses or other lawful transfer mechanisms.

9. Data Security

HI Engine implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure.

Access to personal data is restricted to authorised personnel who require access for their duties and are bound by confidentiality obligations.

10. Right to Object and Direct Marketing

The Data Subject has the right to object at any time to the processing of personal data for direct marketing purposes.

The Data Subject also has the right to object, on grounds relating to their particular situation, to processing based on legitimate interests, unless the Company demonstrates compelling legitimate grounds.

11. Other Rights of the Data Subject

Under the General Data Protection Regulation (GDPR), the Data Subject has the right to:

  • access their personal data;

  • request rectification or erasure;

  • request restriction of processing;

  • lodge a complaint with a supervisory authority.

In Finland, the supervisory authority is:

Office of the Data Protection Ombudsman
P.O. Box 800, FI-00521 Helsinki, Finland
Visiting address: Ratapihantie 9, FI-00520 Helsinki, Finland
Telephone: +358 29 566 6700
Email: tietosuoja@om.fi
Website: www.tietosuoja.fi

12. Contact

All requests and inquiries regarding this Privacy Notice and Data Subject rights should be directed to the contact person listed above.

HI Engine does not carry out automated decision-making or profiling.

Terms of Use ›