Kapacity.io Privacy Policy

Kapacity.io values the protection of personal data, and we therefore place great emphasis on protecting your privacy. This Privacy Policy will apply in situations where Kapacity.io Solutions Oy  (hereinafter “Kapacity.io”, “we”, “us” and “our”) treats personal information to protect the personal data of those various stakeholders connected to the organization and is created in accordance with the European Union’s General Data Protection Regulation (GDPR). 

Definition of Data 

Personal data is any information relating to an identified or identifiable natural person; an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

In its everyday business operations Kapacity.io makes use of a variety of data about identifiable individuals, including data about: 

  • current, past and prospective employees & consultants
  • current, past  and prospective external visitors (e.g. auditors & peer visitors)
  • Users of its websites
  • Subscribers
  • Other relevant stakeholders

In collecting and using this data, the organization is subject to a variety of legislation controlling how such activities may be carried out and safeguards that must be put in place to protect it. The purpose of this policy is to set out the relevant legislation and to describe the steps Kapacity.io is taking to ensure that it complies with it. 

This control applies to all systems, people and processes that constitute the organisation’s information systems, including board members, employees, suppliers and other third parties who have an access to Kapacity.io systems. 

Data Controller 

This Privacy Policy outlines how we as the data controller collect, use and share personal data of people who use or are connected to our services, are interested in our services (or us), or with whom we otherwise do (or would like to do) business.

This privacy notice does not apply to the personal information we process as a “data processor” on behalf of our customers. In those situations, the customer that we provide services to and with whom we have entered into a data processing agreement is the “data controller” responsible for your personal information, and we merely process your information on their behalf in accordance with your instructions. If you want to know more about our customers’ privacy practices, you should read their privacy policies and direct any questions you have to them. 

Why do we collect your personal data?

We collect your personal data only when there is a legal basis for it. For every specific process of personal data, we collect from you, we inform you whether the provision of personal data is statutory or required to enter a contract and whether it is an obligation to provide the personal data and possible consequences if you choose not to.

Recipients of personal data 

We may disclose your personal information to all companies in our group (i.e., subsidiaries, our ultimate holding company and all its subsidiaries) insofar that it is reasonably necessary for the purposes stated in this privacy policy.

We do not sell, trade or otherwise transfer your personal information to third parties. Exceptions are trusted third parties that help us to run the site, conduct our business, deliver the goods you order or provide service, if these parties agree to keep the information confidential and not use it for other purposes that are not agreed upon.

Retention policy

We will only store your personal data for as long as it is necessary to perform our contractual obligations and if required by statutory storage time. When we store your personal data for purposes other than our contractual commitments, such as consent when you sign up to our events or receive a newsletter via email, we save the data only if necessary and / or statutory for the purpose.

When there is no longer a purpose or legal obligation of storing the personal data, it is deleted or anonymized.

Personal data that is only collected for a specific purpose is kept to a minimum to be able to perform the purpose, also known as data minimization.

Your personal rights

If you have questions about the privacy policy, how we process personal data or want to exercise any of your rights, such as requesting registry extracts or corrections, you are welcome to contact us at the contact details below. To submit any request, please contact us at hello@kapacity.io for more information.

Transfer To Third Countries 

Information we collect about you can be processed, stored and transferred between all Kapacity.io subsidiaries in the countries we operate in. However, Kapacity.io will not transfer the personal data you provide us to countries outside the European Economic Area (EEA) without explicitly informing you about that transfer.

Categories of Personal data we collect 

Kapacity.io website

We handle the personal information you provide to us by filling in different types of forms. For corporate representative accounts we process personal information such as name, email address and possibly phone number. 

Direct Marketing 

We use your personal data to send company news, updates, information about other similar products and services, Kapacity.io’s events and newsletters, etc. Personal data you provide to us by filling in the forms on our webpage is used only with your consent. We process the following categories of personal data: name, surname, company name, email address, phone number. We store your data for direct marketing until you withdraw your consent.


Mandatory Cookies 

Mandatory cookies are necessary for the website to function and cannot be switched off. Blocking these cookies may affect the performance of our site. These cookies do not directly store personal information but are based on unique identifying your internet browser and device. These cookies may be set by Kapacity.io or by third party service providers whose services Kapacity.io is using. 

Analytics Cookies

Analytics cookies allow Kapacity.io to monitor traffic and sources on our website to measure and optimize the performance of our site. All information these cookies collect is anonymous due to aggregation of data. If you do not allow these cookies, Kapacity.io will not be able to optimize and analyze the sites performance in the best possible way. 

Data Protection Officer

Kapacity.io’s Data Protection Officer is Sonja Salo (firstname.lastname@kapacity.io)

Privacy by Design

Kapacity.io commits before starting Processing activities using new technologies to carry out data protection impact assessments in accordance with GDPR and by undertaking appropriate actions accordingly.

Changes to the Privacy Policy 

We may make changes to this Data Privacy Policy at any time. If changes to Data Protection Policy are due to material changes in the processing or further processing, we shall provide the data subjects with necessary information.

You can always find the most recent version of our Data Protection Policy available at www.kapacity.io/privacy-policy