Privacy policy


Data controller


StarIT Oy, Business ID: 2410042-8, hereafter ”StarIT”
Niittytaival 13
02200 Espoo
Tel. +358 9 4257 8220




This privacy policy describes principles how StarIT collects, stores and processes data subjects’ personal data when no separate agreement exists.


Purpose of data collection


StarIT collects and processes personal data for business need including:


  • Sales
  • Marketing
  • Customer service
  • Recruiting
  • Communication with persons connected to business

Personal data is not used for profiling nor for automatic decision making.


Stored and processed personal data


StarIT does not under this policy collect, store or process any sensitive personal data that falls under special categories of personal data as described in Article 9 of EU General Data Protection Regulation (hereafter “GDPR”)


Categories of personal data being processed:


  • Name
  • Contact information
  • History of relations and communications between data subject and StarIT
  • Date of birth
  • Gender
  • Nationality
  • Other information provided by data subject, such as profession, education or public sources where more personal information is available.

Regular sources of information


StarIT obtains personal information of data subjects mainly from data subjects themselves via web site forms, email, phone, social media, contracts, meetings and other similar means. Personal data may also be received from third parties if those parties are authorized to transfer data subbjects’ personal data to StarIT


Retention of personal data


StarIT may retain personal data for as long as applicable laws permit or require. However, as a guideline, StarIT removes any personal data deemed no longer needed for business purposes unless prohibited by law.


Regular transfer of personal data and transfer of personal data outside EU or EEA.


Regularly, personal data is not transferred to third parties other than processing purposes. Personal data may be transferred or published with data subjects’ permission. Personal data may be transferred outside EU or EEA provided that data is processed in ways defined in this privacy policy and mandated by GDPR.


Securing personal data


Personal data is handled with care and industry best practice measures are implemented to prevent unauthorized access of personal data. Access rights to personal data are granted only for those who need access and are trained to handle it securely.


Rights of data subjects


Data subjects have right to get personal data stored for review and they have right to have incorrect or incomplete data corrected. Data subjects may also request removal of all personal data (“right to be forgotten”) or request limiting processing of personal data. Any request regarding personal data must be done in writing and StarIT may require proof of identity. StarIT responds to personal data requests within timeframe mandated in GDPR, typically 30 days.




StarIT uses cookies on its website and services to facilitate the use of the website or service. StarIT cannot identify user of the website based only on cookies. However, third party cookies may provide to those parties information that can be combined with other personal data held by third parties. The cookies and the data collected with them is used in order to monitor usage, analyse the usability and use of the website, and to develop the website.