Lumo Analytics’ Privacy and Cookie Policy for Website Visitors
Data Controller
Lumo Analytics Ltd (Business ID: 3202845-4)
Atomitie 5 C, 00370 Helsinki, Finland
(“Lumo Analytics”, “we”, “data controller”)
Contact Person for the Data Controller
Managing Director
Atomitie 5 C, 00370 Helsinki, Finland
info@lumoanalytics.com
1. General Information
This privacy and cookie policy explains how we process personal data of website visitors and users of our online services. The processing is in accordance with the European Union’s General Data Protection Regulation (GDPR) and applicable national legislation.
2. Purpose and Legal Basis for Personal Data Processing
We process personal data for the following purposes:
Ensuring and improving website functionality and user experience
Responding to contact form submissions and inquiries
Conducting website analytics and performance monitoring
Sending newsletters and marketing communications (with consent)
The legal bases for processing are:
Our legitimate interest in operating a secure and functional website and understanding visitor behavior
Consent, where required for cookies or marketing emails
3. Processed Personal Data
We may process the following personal data:
IP address (anonymized where applicable)
Cookie and browser data (e.g., session ID, device type)
Referrer URL and pages visited
Information provided via web forms (e.g., name, email, message)
Subscription and interaction data related to newsletters
4. Regular Data Sources
Data is collected automatically via cookies and analytics tools, or directly from users through web forms or newsletter subscriptions.
5. Regular Transfers of Personal Data
We may share data with service providers such as:
Web analytics platforms (e.g., Google Analytics)
CRM and email marketing platforms (e.g., HubSpot)
These providers act as data processors under appropriate agreements. Data is not disclosed for third-party marketing purposes.
6. Transfer of Data Outside the EU or EEA
Some service providers may process data outside the EU/EEA. In such cases, we ensure the use of appropriate safeguards, such as Standard Contractual Clauses.
7. Retention Period for Documents
Cookie data is retained for the duration defined in our cookie banner or until the user deletes them. Contact form submissions are stored as long as necessary to respond to the inquiry. Newsletter data is stored until the user unsubscribes or requests deletion.
8. Principles for the Protection of Personal Data
Personal data is stored in secure systems with technical safeguards, including encryption, access control, and regular updates. Access is restricted to personnel who need it for their work tasks, and all data processors are subject to confidentiality obligations.
9. Rights of the Data Subject
Website users and visitors have the right to:
Be informed about data processing
Access their personal data
Request correction or deletion of data
Withdraw consent (e.g., unsubscribe from emails)
Restrict or object to certain types of processing
File a complaint with a supervisory authority
10. Right to Lodge a Complaint with the Supervisory Authority
If you believe that your personal data has not been processed in accordance with the GDPR, you have the right to lodge a complaint with the supervisory authority in the member state where you reside, work, or where the alleged breach occurred.
In Finland, the supervisory authority is the Data Protection Ombudsman:
Office of the Data Protection Ombudsman
P.O. Box 800
00531 Helsinki
tietosuoja@om.fi
https://tietosuoja.fi