Capilyst

Privacy Policy

Last updated: 12 May 2026

This Privacy Policy explains how Capilyst Oy processes personal data when you visit our website, contact us, or interact with us in relation to our B2B SaaS services.

1. Controller

The controller of your personal data is:

Capilyst Oy

Business ID: 3557602-6

c/o Maria 01

Lapinlahdenkatu 16

00180 Helsinki

Finland

Email: sami@capilyst.com

2. What personal data we process

We may process the following personal data:

  • technical website data, such as IP address, browser type, device information, pages visited, timestamps, and server logs;
  • security and error logs;
  • language preference information, if you explicitly choose Finnish or English and we store that choice in your browser for later visits;
  • cookie and analytics data, if analytics or non-essential cookies are used;
  • browser language information used on first visit to decide whether to show the Finnish or English version of the website;
  • contact details and communication content if you contact us by email, book a demo, or otherwise communicate with us;
  • business-related information you provide during sales or customer discussions, such as company name, role, and business email address.

3. Why we process personal data

We process personal data for the following purposes:

  • to operate, maintain, and secure our website;
  • to respond to messages, enquiries, and demo requests;
  • to communicate with potential customers and business contacts;
  • to improve our website and understand website usage, if analytics are used;
  • to comply with legal obligations and protect our legal rights.

4. Legal basis

We process personal data on the following legal bases:

  • legitimate interest, for operating and securing our website, responding to business enquiries, and conducting B2B sales communication;
  • consent, where required for non-essential cookies or analytics;
  • legal obligation, where processing is necessary to comply with applicable law;
  • contract or steps before entering into a contract, where communication relates to a possible or existing customer relationship.

5. Cookies and analytics

Our website may use necessary cookies or similar technologies required for the website to function.

On first visit, we may use browser language information to route you to the Finnish or English version of the website without storing a language preference.

If you manually choose a language, we may store that choice in your browser using local storage or a similar necessary technology so we can remember the preference on later visits. This preference storage is used only for language selection and not for tracking or advertising.

If we use analytics or other non-essential cookies, we will request consent where required. You can manage or withdraw cookie consent through the cookie settings on the website, if such cookies are used.

6. Service providers

We may use trusted service providers to operate our website and business systems, such as:

  • website hosting providers;
  • email and calendar providers;
  • demo booking or CRM tools;
  • analytics providers, if analytics are used;
  • security, infrastructure, and technical service providers.

These providers process personal data only as necessary to provide their services to us.

7. International transfers

We aim to process personal data within the EU/EEA where reasonably possible.

If personal data is transferred outside the EU/EEA, we use appropriate safeguards required by applicable data protection law, such as adequacy decisions or standard contractual clauses.

8. Retention

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy.

Typical retention periods are:

  • website and security logs: for a limited period needed for security, diagnostics, and service operation;
  • contact and demo request data: for as long as relevant to the enquiry, sales process, or customer relationship;
  • analytics data: according to the retention settings of the analytics tool, if used;
  • data required for legal purposes: for the period required by applicable law.

9. Your rights

Under applicable data protection law, you may have the right to:

  • access your personal data;
  • request correction of inaccurate personal data;
  • request deletion of your personal data;
  • request restriction of processing;
  • object to processing based on legitimate interest;
  • withdraw consent where processing is based on consent;
  • request data portability where applicable.

To exercise your rights, contact us at sami@capilyst.com.

10. Complaint to the supervisory authority

You have the right to lodge a complaint with a data protection authority.

In Finland, the supervisory authority is:

Office of the Data Protection Ombudsman

Website: tietosuoja.fi

11. Customer data and DPA

This Privacy Policy mainly covers website visitors, business contacts, and prospective customers.

If Capilyst Oy processes personal data on behalf of a customer as part of its SaaS service, that processing is governed by the relevant customer agreement and data processing agreement.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will be available on our website.