Privacy policy

What personal information do we get from our website and for what purposes are we processing it?

For example, you may provide us with personal information when you fill out a contact request, register for an event or in chats (name, contact information, information relevant to the issue being addressed) or when filling out a job application. In connection with the job application, there will be a separate privacy statement.

When you visit our website, we automatically gather information such as your IP address, timestamps and technical information from the device you are using. We use cookies, passive text files stored in your device, such as your computer, mobile phone or tablet, when you use the service.

We use cookies to generate a better understanding of the content that interests our users and to develop our content to serve our users better. By downloading material from our website or otherwise providing your contact information, for example, through a contact form, we may contact you regarding our company and its services and products.

You may change your device settings at any time to prevent cookies from being used. Blocking cookies can affect your experience of our service, for example, by blocking access to certain features of the service.

On what legal grounds do we process personal information we receive in connection with visits to our websites?

The legal basis for the processing of personal data is the consent of the registered user or the performance of actions under agreements or measures (which require an agreement) at the request of the registered user. It can also be based on our legitimate interest in developing our service and marketing. In such cases, we ensure that the processing of the limited information we receive from website visits does not violate the rights of the registered user or does not pose a significant risk to the registered user.

Do we share your information with a third party?

To the extent that the information systems are maintained by an external supplier, a limited proportion of their staff may also have a technical access to the information stored. All parties involved in data management are required to act in accordance with the provisions of the Data Protection Regulation, such as data security and privacy.

In some cases (as in connection with events), we also share information with our partners. For example, if the event is arranged with one or more companies. In this case, our partner can contact you regarding his or her business and its services and products. The information is not used for other purposes and our partners are also required to act in accordance with the Data Protection Regulation, such as data security and privacy.

User tracking

We deliver user information for the following parties:
Pipedrive –
Leadoo –

We use Leadoo’s tracking service to follow what users are doing on the site and combine this behavioral data with other data we can gather from e.g. chat interactions. Leadoo uses etag tracking in order to hook together the same users behavior over several sessions – in practice this works similarly to cookie based tracking. Please check out Leadoo Marketing Technologies Ltd’s Privacy Policy ( for more information on what is tracked and what your rights are. Leadoo works as the Processor and we work as the Controller for the data in terms of GDPR. You can stop the tracking by emptying your browser’s cache after the visit. For more on how Leadoo works as a GDPR compliant processor, see

Where is the data stored and for how long?

The data will be stored in properly protected information systems in the EEA or in other countries, that the European Commission considers, providing adequate data protection.

We retain personal information for as long as it is necessary for the purpose for which the information is collected. We may retain personal information for an extended period if required by law or longer storage is necessary for our business and the rights of the registered user are not considered to replace this right. Longer storage may be due to e.g. precautions to settle legal claims, or to prevent individual data from being removed from the systems at a reasonable cost compared to the cost of erasing larger sets of data. Generally, data should be deleted no later than ten years.

Your rights as a registered user

As a registered user, you have the right to request access to personal data about you. To request rectification of such data and, within the limits set in the Data Protection Regulation, to request the deletion of the data or to limit or object to the processing. You have the right to request data transfer from one system to another. You also have the right to complain to the supervisory authority (Data Protection Officer at if you believe that your personal data is processed in violation of the data protection regulations.

Data Register Contact

Greenstep Oy, Y-tunnus 2306461-3
Address: Keilaranta 5, 02150 Espoo Finland

Please contact us by email or by phone +358 45 7877 7734.