Privacy Policy

Privacy & Data Protection

Struxiva Oy · Last updated: 18 June 2026 · Finnish Data Protection Act 1050/2018 · GDPR (EU) 2016/679

01Data controller

The data controller for this website and the Struxiva service is Struxiva Oy (business ID / Y-tunnus pending registration), Helsinki, Finland. For all data-protection matters, contact info@struxiva.com.

02Data we collect

We collect only data that is necessary to operate the service or that you provide voluntarily.

Contact & enquiry data

Building & operational data (pilot customers)

Technical & analytics data

03Legal basis for processing

Processing is based on one or more of the following grounds under GDPR Article 6 and the Finnish Data Protection Act (tietosuojalaki 1050/2018):

04Finnish social security numbers (henkilotunnus)

Current status: Struxiva does not currently collect or process Finnish social security numbers (henkilotunnus / HETU) for any purpose, including credit assessment.

If Struxiva were to extend its service to include credit checks or identity verification for property transactions (for example tenant screening or buyer verification), the processing of a henkilotunnus would be governed by the framework below.

Legal framework

Under Section 29 of the Finnish Data Protection Act (1050/2018), processing of a henkilotunnus is permitted only when: (a) the data subject has consented; (b) processing is necessary for performing a task assigned by law; (c) processing is necessary to reliably identify the data subject when it is important for the performance of a contract; or (d) processing is based on another specific legal provision.

If SSN processing is introduced for credit or identity purposes, the legal basis will be contract performance (GDPR Art. 6(1)(b)) and Section 29(1)(3) of the Finnish DPA 1050/2018 — the necessity to reliably identify a party to a transaction. We will obtain explicit consent first, provide a dedicated privacy notice at the point of collection, and limit processing to the minimum necessary.

Safeguards

We will update this policy and notify existing users before any SSN processing is introduced.

05Cookies & tracking

We follow Traficom's guidelines on cookie consent, which require that "Reject all" is presented with the same ease and prominence as "Accept all". No pre-ticked boxes, no dark patterns.

Strictly necessary (no consent required)

Analytics (consent required)

06Data transfers & processors

We use a limited number of sub-processors. All processors are bound by GDPR-compliant data processing agreements.

Website contact and newsletter form submissions are delivered to info@struxiva.com through FormSubmit, a third-party form-delivery service. Only the information you enter is sent, and this provider may process it outside the EEA. We intend to move this to EU-based handling.

No personal data is transferred outside the European Economic Area (EEA) without adequate safeguards, such as Standard Contractual Clauses or an adequacy decision.

07Retention periods

08Your rights

Under the GDPR and the Finnish Data Protection Act (1050/2018) you have the rights below. We respond to all requests within 30 days.

You also have the right to lodge a complaint with the Finnish Data Protection Ombudsman (Tietosuojavaltuutetun toimisto, tietosuoja.fi). To exercise any right, email info@struxiva.com with the subject line "Data Subject Request".

09Security

10Contact & data protection officer

Struxiva Oy does not currently have a mandatory Data Protection Officer under GDPR Art. 37, as we are not a public authority and do not carry out large-scale systematic monitoring of individuals. Data-protection responsibilities are held by the co-founding team.

For all data-protection enquiries, requests or complaints:
Email: info@struxiva.com
Phone: +358 44 982 2227
Post: Struxiva Oy, Helsinki, Finland

We may update this policy to reflect changes in law or our practices. Material changes will be communicated by posting a notice on this page with an updated date.