Smartbutlers - Home Smartbutlers - Home

Privacy Policy

Updated 23 May 2026

This privacy policy explains how Smartbutlers Oy processes personal data on its website, in connection with contact requests, and in customer and marketing communications. This policy is based on the EU General Data Protection Regulation (EU) 2016/679 and the Finnish Data Protection Act 1050/2018.

Controller

Smartbutlers Oy
Business ID: 2539517-6
Porthaninkatu 3, 20500 Turku, Finland
Email: service@smartbutlers.com

What personal data do we process?

We only process personal data that is necessary for the relevant purpose. The data may include, for example, name, company name, job title, email address, phone number, message content, and information provided by the person in connection with a contact request or customer relationship.

Technical data may be processed in connection with website use, such as IP address, browser and device information, website usage data, and data generated through cookies and similar technologies. Cookies are described in more detail in a separate cookie policy.

For what purposes is personal data used?

We process personal data for the following purposes:

  • responding to contact requests and managing communications
  • maintaining customer and partner relationships
  • preparing and carrying out offers, assignments, and contracts
  • developing services, quality assurance, and customer service
  • marketing communications and informing contacts about our services
  • ensuring the functionality, security, and usability of the website
  • analysing website traffic and usage
  • complying with legal obligations and establishing, presenting, or defending legal claims

Legal bases for processing

Depending on the situation, the processing of personal data is based on one or more of the following legal bases:

  • Contract or pre-contractual steps: when we process data to prepare an offer, carry out an assignment, or manage a customer relationship.
  • Legitimate interest: when we respond to contact requests, maintain customer and partner relationships, develop our services, protect the website, or communicate about our services to business customers and other professional contacts.
  • Consent: when processing is based on separately given consent, for example for non-essential cookies or certain marketing activities.
  • Legal obligation: when processing is necessary for accounting, official obligations, or another statutory obligation.

Sources of data

We primarily receive personal data from the person themselves, for example through contact forms, email, phone calls, meetings, and customer or partner relationships. We may also receive data from company websites, public company registers, professional social media profiles, and other public sources where appropriate for the purpose of processing.

Recipients and processors of personal data

We do not sell personal data to third parties. We may disclose or provide access to personal data only to the extent necessary to fulfil the purposes described in this policy.

Personal data may be processed on our behalf by service providers involved in website, server, and WordPress environment maintenance; providers of email and communication services; analytics and cookie management services; backup and security services; and service providers related to accounting, invoicing, or statutory obligations.

Transfers of data outside the EU or EEA

We aim to use service providers that process personal data within the EU or EEA. If personal data is transferred outside the EU or EEA, we ensure that the transfer has a valid transfer mechanism under the GDPR, such as a European Commission adequacy decision, standard contractual clauses, or another applicable safeguard.

Retention periods

We retain personal data only for as long as necessary for the purposes described in this policy or as required by law.

  • Data related to contact requests is generally retained for as long as handling the request and related follow-up communication requires.
  • If a contact request leads to a customer, offer, or partnership relationship, data may be retained for the duration of that relationship and afterwards for as long as necessary for accounting, contractual responsibilities, or legal claims.
  • Data related to marketing is retained for as long as the person has a relevant connection to Smartbutlers or until the person objects to marketing or withdraws their consent, where applicable.
  • Technical log and security data related to the website is retained only for the time necessary to ensure the website’s functionality and security.

Data subject rights

Under applicable law, the data subject has the right to:

  • receive information about the processing of their personal data
  • access personal data concerning them
  • request the rectification of inaccurate or incomplete data
  • request the erasure of data
  • request restriction of processing
  • object to the processing of personal data where processing is based on legitimate interest
  • object to direct marketing at any time
  • withdraw consent where processing is based on consent
  • receive data they have provided in a structured and machine-readable format, where the right to data portability applies to the processing

Requests concerning the exercise of these rights can be sent by email to service@smartbutlers.com or in writing to Smartbutlers Oy, Porthaninkatu 3, 20500 Turku, Finland. We may request additional information where necessary to verify identity.

If the data subject considers that personal data is processed in violation of data protection legislation, they have the right to lodge a complaint with a supervisory authority. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman: tietosuoja.fi.

Providing personal data

Sending a contact form or other message is not a statutory requirement. However, we need sufficient contact details and message content to respond to the contact request or handle the requested matter.

Cookies and analytics

The website uses cookies and similar technologies for technical functionality, security, user experience, and analysing website traffic. The use of non-essential cookies is based on consent where required by applicable law.

The website uses Complianz cookie management. More detailed information about cookies, their purposes, retention periods, and consent management is provided in the separate cookie policy and cookie banner.

Security

We protect personal data with technical and organisational measures. Access to personal data is limited to persons and service providers who need to process the data for their duties. We use appropriate access rights, confidentiality obligations, backups, and other security measures to protect personal data.

Changes to this policy

We may update this privacy policy if the processing of personal data, our services, or legislation changes. The up-to-date version is available on this page.