Privacy Policy

Last updated: June 2026

Eheä Digital ("we", "us", "our") is a Finland-registered business (Y-tunnus: [ XXXXXXX-X ]). This policy explains what personal data we collect through this website, how we use it, and your rights under the EU General Data Protection Regulation (GDPR).

---

1. What data we collect

When you submit the contact form on this website, we collect:

• Your email address — so we can send your free audit report and follow up.
• Your website URL — so we can scan your site and produce the report.

We do not collect any other personal data through this form. We do not use cookies beyond those strictly necessary for the site to function, and we do not use any analytics or tracking tools at this time.

2. How we use your data

Your data is used solely to:

• Conduct the website audit you requested and email you the report.
• Follow up once, if you have not responded, to check whether you received it.
• Respond to any subsequent enquiries you initiate.

We do not use your data for automated decision-making, profiling, or marketing without your explicit consent. We do not sell, rent, or share your personal data with third parties, except as described in Section 4 below.

3. Legal basis for processing

We process your data on the basis of legitimate interests (Art. 6(1)(f) GDPR) — specifically, to respond to a service request you have explicitly initiated by submitting the contact form. You can withdraw at any time by emailing us (see Section 6).

4. Data processors

Form submissions are handled by Formspree (Formspree Inc., USA), which acts as a data processor on our behalf. Formspree stores submitted form data on servers located in the United States under standard contractual clauses (SCCs) for GDPR-compliant international transfers. You can review Formspree's privacy policy at formspree.io/legal/privacy-policy.

No other third-party processors receive your personal data.

5. Data retention

We retain your contact data for 12 months from the date of your enquiry. If no service agreement is reached within that period, your data is deleted. If a service agreement is in place, we retain data for as long as necessary to fulfil the contract, and for a further 3 years to comply with Finnish bookkeeping requirements.

6. Your rights

Under GDPR, you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Erase your data ("right to be forgotten").
• Restrict or object to our processing.
• Data portability — receive your data in a machine-readable format.
• Withdraw consent at any time (where processing is based on consent).

To exercise any of these rights, email us at hello@eheadigital.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Finnish data protection authority: Tietosuojavaltuutetun toimisto (tietosuoja.fi).

7. Security

We take reasonable technical and organisational measures to protect your personal data against accidental loss, unauthorised access, and disclosure. All data in transit is encrypted via HTTPS/TLS.

8. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. We recommend checking back periodically.

9. Contact

Eheä Digital
Y-tunnus: [ XXXXXXX-X ]
Finland
hello@eheadigital.com