Privacy Policy.
HardpointAI Oy respects your privacy and processes personal data in accordance with the EU General Data Protection Regulation (GDPR, 2016/679) and the Finnish Data Protection Act (Tietosuojalaki 1050/2018). This policy explains what we collect through this website, why, and the rights you hold over your data.
Who is responsible for your data
The data controller for personal data processed via this website is:
Business ID (Y-tunnus): [3611215-1]
Helsinki, Finland
Email: contact@hardpointos.com
For any question about this policy or your personal data, contact us at the address above.
What this policy covers
This policy applies to personal data we process about visitors to hardpointos.com and to individuals who contact us by email. It does not cover data processed under separate contractual or pre-contractual arrangements (for example, evaluation agreements, non-disclosure agreements, or supplier relationships), which are governed by the relevant agreement and any privacy terms provided alongside it.
Personal data we collect
This is an informational website. We do not operate contact forms, user accounts, newsletters, or our own tracking or analytics, and we do not actively collect personal data about visitors. The only personal data processed is:
- Email correspondence — if you choose to email us, we receive your email address, any name or organisation you provide, and the content of your message.
- Platform technical data — our hosting platform (Squarespace) automatically processes limited technical data, such as IP address and browser type, to deliver and secure the site. See §05.
We do not intentionally collect special categories of personal data through this website, and we ask that you do not send sensitive or classified information via the website or email.
Why we process it, and on what basis
- To respond to enquiries and conduct pre-contractual discussions — legal basis: legitimate interest (Art. 6(1)(f)) and, where applicable, steps taken at your request prior to entering a contract (Art. 6(1)(b)).
- To operate, secure, and maintain the website — legal basis: legitimate interest in running a safe and functional service (Art. 6(1)(f)).
- To comply with legal obligations where these apply — legal basis: legal obligation (Art. 6(1)(c)).
Cookies
This site is hosted on the Squarespace platform. Cookies on the site are set and managed by Squarespace — primarily strictly necessary cookies that allow the site to function and stay secure. HardpointAI does not set its own advertising, tracking, or analytics cookies.
Details of the specific cookies used, and your choices over any non-essential ones, are provided in the cookie notice shown on the site and managed through the Squarespace cookie banner. Most browsers also let you block or delete cookies; disabling strictly necessary cookies may affect how the site works.
Who we share data with
We do not sell personal data. We share it only with service providers who process it on our behalf and under contract, and only as needed to deliver the service:
- Website hosting — Squarespace, our website and hosting platform, which processes technical and contact data on our instructions.
- Email — our email provider, used to receive and respond to your correspondence.
We may also disclose data where required by law, regulation, or a valid request from a competent authority.
International transfers
Our providers may process data outside the European Economic Area. Where they do, the transfer is protected by an appropriate safeguard under GDPR Chapter V — typically the European Commission's Standard Contractual Clauses, an adequacy decision, or the EU–US Data Privacy Framework. You may request more information about the safeguards in place using the contact details in §01.
How long we keep it
We retain personal data only as long as necessary for the purpose it was collected. Enquiry correspondence is kept for the duration of the discussion and a reasonable period afterwards, or longer where a business relationship develops or a legal obligation requires it. Technical and statistical data is retained for a limited period for security and analysis, then deleted or anonymised.
Your rights under the GDPR
Subject to the conditions in the GDPR, you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase your data ("right to be forgotten").
- Restrict or object to processing, including processing based on legitimate interest.
- Data portability — receive your data in a structured, machine-readable format.
- Withdraw consent at any time, where processing is based on consent.
To exercise any of these rights, contact us at contact@hardpointos.com. We respond within one month, as required by the GDPR.
How we protect data
We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure, including encrypted transport (HTTPS), access controls, and reliance on reputable providers. No method of transmission over the internet is fully secure, so we cannot guarantee absolute security.
Changes to this policy
We may update this policy from time to time. The current version, with its "last updated" date, is always available on this page. Material changes will be reflected here before they take effect.
Contact and supervisory authority
Questions or requests regarding your personal data should be sent to contact@hardpointos.com.
If you believe your data has not been handled in accordance with the law, you have the right to lodge a complaint with the Finnish supervisory authority:
Lintulahdenkuja 4, 00530 Helsinki / PO Box 800, 00531 Helsinki, Finland
tietosuoja.fi/en