What personal information do we get from our website and for what purposes are we processing it?
For example, you may provide us with personal information when you fill out a contact request, register for an event or in chats (name, contact information, information relevant to the issue being addressed) or when filling out a job application. In connection with the job application, there will be a separate privacy statement.
When you visit our website, we automatically gather information such as your IP address, timestamps and technical information from the device you are using. We use cookies, passive text files stored in your devices, such as your computer, mobile phone or tablet, when you use the service.
We use cookies to generate a better understanding of the content that interests our users and to develop our content to serve our users better. By downloading material from our website or otherwise providing your contact information, for example, through a contact form, we may contact you regarding our company and its services and products.
You may change your device settings at any time to prevent cookies from being used. Blocking cookies can affect your experience of our service, for example, by blocking access to certain features of the service.
You will find the complete list of the cookies used on our website in the cookie banner. You can manage the cookie banner and familiarize yourself with our site's cookies when you arrive at our website for the first time and later from the cookie settings. You can access the cookie settings from the cookie settings icon at the bottom left of the screen.
On what legal grounds do we process personal information we receive in connection with visits to our websites?
The legal basis for the processing of personal data is the consent of the data subject or the performance of actions under agreements or measures (which require an agreement) at the request of the data subject. It can also be based on our legitimate interest in developing our service and marketing. In such cases, we ensure that the processing of the limited information we receive from website visits does not violate the rights of the data subject or does not pose a significant risk to the data subject.
Do we share your information with a third party?
To the extent that the information systems are maintained by an external supplier, a limited proportion of their staff may also have a technical access to the information stored. All parties involved in data management are required to act in accordance with the provisions of the General Data Protection Regulation, such as data security and privacy.
In some cases (as in connection with events), we also share information with our partners. For example, if the event is arranged with one or more companies. In this case, our partner can contact you regarding his or her business and its services and products. The information is not used for other purposes and our partners are also required to act in accordance with the General Data Protection Regulation, such as data security and privacy.
User tracking
We deliver user information for the following parties:
Pipedrive (Pipedrive Inc.) – Pipedrive Privacy Policy
Dealfront (Liidio Oy) – Dealfront Privacy Policy
Sopro (Prospect Global Ldt) – Sopro Privacy Policy
Plausible (Plausible Ltd.) – Plausible Privacy Policy
Hotjar (Hotjar Ltd.) – Hotjar Privacy Policy
Microsoft Advertising (Microsoft Corporate) – Microsoft Ads Privacy Policy
Spotify (Spotify AB) – Spotify Privacy Policy
LinkedIn (LinkedIn Corporation) – LinkedIn Privacy Policy
Meta (Meta Platforms Inc.) – Meta Privacy Policy
Vimeo – Vimeo Privacy Policy
*ActiveCampaign (ActiveCampaign Inc.) – ActiveCampaign Privacy Policy
**Google Analytics & Ads (Google Ireland Ltd.) – Google Privacy Policy
**Google Cloud Platrofm (Google Ireland Ltd.) – Cloud Privacy Notice
***Youtube (Google Ireland Ltd.) – Youtube Privacy Policy
****Leadoo (Leadoo Marketing Technologies Ltd.) – Leadoo Privacy Policy
*Only customers who have given their permission for email marketing
**Due to GDPR, Greenstep does not send IP addresses outside of the EU, but anonymizes user data before sending it to Google Analytics tools. IP addresses are processed and stored at EU servers only. Read more: https://developers.google.com/tag-platform/tag-manager/server-side
***We have embedded Youtube videos on our websites. Youtube collects user data only, if the user has accepted third-party cookies for embedded content.
****We use Leadoo’s tracking service to follow what users are doing on the site and combine this behavioral data with other data we can gather from e.g. chat interactions. Leadoo uses etag tracking in order to hook together the same users behavior over several sessions – in practice this works similarly to cookie based tracking. Please check out Leadoo Marketing Technologies Ltd’s Privacy Policy (https://leadoo.com/privacy-policy/) for more information on what is tracked and what your rights are. Leadoo works as the Processor and we work as the Controller for the data in terms of GDPR. You can stop the tracking by emptying your browser’s cache after the visit. For more on how Leadoo works as a GDPR compliant processor, see https://leadoo.com/privacy-policy-processor/
Where is the data stored and for how long?
The data will be stored in properly protected information systems in the EU/EEA or in other countries, that the European Commission considers, providing adequate data protection.
We retain personal information for as long as it is necessary for the purpose for which the information is collected. We may retain personal information for an extended period if required by law or longer storage is necessary for our business and the rights of the data subject are not considered to replace this right. Longer storage may be due to e.g. precautions to settle legal claims, or to prevent individual data from being removed from the systems at a reasonable cost compared to the cost of erasing larger sets of data. Generally, data should be deleted no later than ten years.
Your rights as a data subject
As a data subject, you have the right to request access to personal data about you. To request rectification of such data and, within the limits set in the General Data Protection Regulation, to request the deletion of the data or to limit or object to the processing. You have the right to request data transfer from one system to another. You also have the right to complain to the supervisory authority (Data Protection Ombudsman at www.tietosuoja.fi) if you believe that your personal data is processed in violation of the General Data Protection Regulation.
DPO Contact
Greenstep Oy, Y-tunnus 2306461-3
Address: Keilaranta 5, 02150 Espoo Finland
Cookies used by greenstep.com
Functional, necessary cookies | |
Craft CMS | Critical cookies related to the functionalities of the website. |
Preferences | |
Leadoo | Cookies improving user experience, providing forms and other technical elements, such as contact forms. Embedded videos rely on these cookies. |
Analytics | |
Google Analytics Google Cloud Platform Hotjar Leadoo ActiveCampaign Microsoft Advertising Plausible Youtube Sopro | Cookies that Greenstep uses to improve website content and functionalities. Furthermore, we analyze which content our customers are interested in and use the information to improve and develop the content we produce. |
Marketing | |
Meta | Marketing-related cookies allow us to provide interesting content for users who visited our website. We use this information in other platforms, such as Meta, LinkedIn, Google, Microsoft, and newsletters. |
Managing and deleting cookies
You can change settings related to cookies from the site's cookie settings. By changing these settings, cookies from greenstep.com or any other site can be blocked or deleted, and the cookie settings can be modified at any time.