top of page
  • Instagram
  • Facebook
  • LinkedIn
  • Twitter
  • Pinterest

Privacy Notice
 

​This privacy notice explains how [Business name / "Insight with Marianne"] processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Finnish Data Protection Act (1050/2018).

 

Last updated: 10th June 2026

1. Data controller

Toiminimi Marianne Prasad, Insight with Marianne, Business ID 2587721-2, Address: Kulttuurikeskus Sähinä, Heikkiläntie 10, 00210 Helsinki.

Contact for data protection matters: Marianne Prasad, Email: marianne.prasad@gmail.com.

2. What personal data we process

  • Basic details: name, contact information (email, phone), and any company or organisation.

  • Client relationship data: services purchased, appointment dates, billing and payment details, and client communications.

  • Website usage data: IP address, cookie data, and analytics data.

  • Marketing consents and opt-outs.

  • Special categories of personal data: in the course of coaching and guidance work, a client may share information relating to health, mental wellbeing, genetic data, or life circumstances. Such data is processed only to the extent necessary to deliver the service and only with the client's explicit consent.

3. Purpose and legal basis for processing

  • Managing the client relationship and providing services — legal basis: contract or pre-contractual steps (GDPR Art. 6(1)(b)).

  • Invoicing and accounting — legal basis: legal obligation (Art. 6(1)(c); Finnish Accounting Act).

  • Marketing communications — legal basis: consent or legitimate interest (Art. 6(1)(a)/(f)).

  • Processing of special category data (health / wellbeing / genetic data) — legal basis: the client's explicit consent (Art. 9(2)(a)).

  • Website analytics — legal basis: consent (non-essential cookies).

We do not carry out automated decision-making that would have legal or similarly significant effects on you.

4. Sources of data

Data is obtained primarily from the client: via web forms, email, phone, meetings, and social media channels, and through use of the services. Website usage data is collected automatically through cookies and analytics.

5. Data retention

We retain personal data only for as long as is necessary for the purpose, or as required by law:

  • Invoicing and accounting records: under the Finnish Accounting Act, at least 6 years from the end of the year in which the financial period ends.

  • Client relationship data: for the duration of the client relationship and up to 10 years thereafter.

  • Special category data (health / wellbeing / genetic data): only for as long as the coaching or guidance relationship requires. It is deleted when the purpose has been fulfilled or when consent is withdrawn. This activity is not health care within the meaning of health care legislation, and no patient records are created.

  • Marketing register: until consent is withdrawn.

6. Recipients, processors, and transfers outside the EU/EEA

We do not sell or rent personal data. We use trusted service providers (data processors) to deliver our services, for example:

  • Wix.com Ltd — website platform and forms

  • Google (Workspace / Drive / Analytics) — file management and visitor analytics

  • Thinkific — online course platform

  • email / newsletter service 

Some service providers may process data outside the EU/EEA (for example, in the United States). Where this happens, the transfer is based on appropriate safeguards, such as the EU–US Data Privacy Framework or the European Commission's Standard Contractual Clauses.

We may disclose data to authorities where required by law.

7. Cookies

The website uses cookies to improve the site's functionality and user experience and, where applicable, analytics and marketing. Some cookies are essential for the site to function. Non-essential cookies, such as analytics and marketing cookies, are enabled only with your consent. You can manage cookie settings via the site's cookie banner and your browser settings.

8. Principles of data security

We process personal data carefully and confidentially. Electronic data is protected by appropriate technical measures (including access controls, passwords, and up-to-date systems), and any paper records are kept locked. Access is limited to persons whose duties require it.

9. Your rights as a data subject

You have the right to:

  • access the data we hold about you

  • request correction of inaccurate data or completion of incomplete data

  • request erasure of your data (the "right to be forgotten")

  • restrict or object to processing in certain situations

  • receive your data in a portable format (data portability)

  • withdraw your consent at any time

  • lodge a complaint with the supervisory authority

Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.

10. Exercising your rights and contacting us

You can exercise your rights by contacting the data controller in writing: marianne.prasad@gmail.com. We may ask you to verify your identity. We respond to requests within one month as a rule.

If you believe your personal data is not being processed lawfully, you have the right to lodge a complaint with the supervisory authority: Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto), P.O. Box 800, FI-00531 Helsinki — tietosuoja.fi.

11. Changes to this notice

We may update this privacy notice as our operations or the law change. The current version is always available on our website.

© 2035 by Amelia Banks. Powered and secured by Wix

bottom of page