Privacy Policy

Who we are

The website is operated by Inciarte Oy, located at:
Kirjatyöntekijänkatu 4 LH2, 00170 Helsinki, Finland
Phone: +358 40 7600835
Email: info@inciarte.fi

This Privacy Policy describes how we collect, use, and protect personal data when you visit our website www.inciarte.fi. The information provided follows Finnish and EU regulations, including the GDPR.

What personal data we collect and why we collect it

Our website is a simple informational site presenting our services and portfolio. We do not provide user accounts, online purchases, comments, or analytics tracking. Therefore, we only collect minimal personal data necessary for website operation and communication.

  • Technical data: IP address, browser type, time and date of access, and server log information.
    Why: Processed automatically by our hosting provider for security, fraud prevention, and website functionality. Legal basis: legitimate interest.
  • Information provided by users: If you contact us by email or phone, we may collect your name, email address, phone number, and any information in your message.
    Why: Used solely to respond to your inquiry. Legal basis: consent given when you choose to contact us.

We do not collect sensitive personal data. No personal data is created by features like comments, registrations, or transactions, as these features are not used on this site.

Comments

This website does not allow comments, and no comment-related data is collected.

Media

Visitors cannot upload media files. No media-related data is collected or disclosed.

Contact forms

We use Gravity Forms to handle contact form submissions. When you submit a form, the information you provide is stored in our website’s database.

  • Data collected: Name, email, phone number (optional), message content, and submission metadata such as IP address and timestamp.
  • Retention: Contact form entries are stored for as long as necessary to process your inquiry. We periodically review and delete old entries that are no longer needed.
  • Usage: The data is used only for communication and customer service purposes, not for marketing unless explicitly agreed to.

Gravity Forms does not send your data to third parties. Entries remain stored on our server under our control.

Cookies

We only use strictly necessary cookies required for basic website operation. We do not use analytics, tracking, marketing, or social media cookies.

Analytics

We do not use any analytics tools such as Google Analytics or Meta Pixel. No analytics data is collected, processed, or shared.

Who we share your data with

We do not share personal data with third parties except for our hosting provider, and only for the purpose of operating the website. These providers act as data processors under GDPR-compliant agreements. We do not sell or distribute data for marketing purposes.

How long we retain your data

  • Server logs: Retained by our hosting provider for a limited period necessary for security and troubleshooting.
  • Email inquiries: Retained only as long as needed to handle your request, unless legal obligations require longer retention.

What rights you have over your data

Under GDPR, you have the right to access, correct, delete, or restrict processing of your data, as well as the right to object, request data portability, and withdraw consent. To exercise these rights, contact us at info@inciarte.fi.

Where your data is sent

We do not intentionally transfer personal data outside the EU. If our hosting provider stores or processes data outside the EU, transfers are safeguarded with GDPR-compliant measures such as Standard Contractual Clauses (SCCs).

Contact information

For privacy-related questions, contact:
Inciarte Oy
info@inciarte.fi
+358 40 7600835

Additional information

How we protect your data

We use industry-standard security measures such as secure hosting, HTTPS encryption, and restricted access to email systems. We only process the minimal amount of personal data necessary.

What data breach procedures we have in place

If a data breach is detected, we follow GDPR requirements, including internal investigation and notifying affected users when required.

What third parties we receive data from

We do not receive personal data from external third parties.

What automated decision making and/or profiling we do with user data

We perform no automated decision-making or profiling.

Industry regulatory disclosure requirements

We are not part of any regulated industry requiring additional disclosures.