βœ… PRIVACY POLICY

Last Updated: 7 November 2025

This Privacy Policy explains how Susanna Ina Adelia Tanni Tmi (β€œCompany,” β€œwe,” β€œour,” or β€œus”) collects, uses, stores, and protects personal data when you access our websites, digital courses, coaching programs, or related online platforms.
This Policy complies with:

βœ… EU General Data Protection Regulation (GDPR)
βœ… Finnish data protection law
βœ… Applicable international privacy standards
βœ… Best practices recognized in the United States, UK, Canada, Australia, and other regions

By using our Services, you agree to the practices described in this Privacy Policy.

1. Data Controller & Contact Information

Susanna Ina Adelia Tanni Tmi
Business ID: 2567468-5
Patokuja 2 B 10
33960 Pirkkala, Finland
Email: [email protected]

2. Purposes and Legal Bases for Processing

We process personal data under the following legal bases:

βœ… Contractual Necessity

To deliver digital products, online courses, memberships, customer accounts, scheduling, and customer support.

βœ… Legal Obligation

To comply with bookkeeping, tax, and financial record-keeping requirements.

βœ… Consent

For newsletters, marketing emails, optional tracking/analytics cookies, and any processing that requires explicit permission.
Consent may be withdrawn at any time.

βœ… Legitimate Interest

To maintain platform security, prevent misuse, analyze performance, send abandoned-cart reminders, personalize content, and improve Services.
You may object to processing based on legitimate interests.

βœ… Testimonials (Explicit Consent)

We only use identifiable testimonials with separate written or digital consent.

3. Categories of Personal Data We Collect

We may collect the following data:

βœ… Basic/contact data

– name
– email address
– phone number
– billing or mailing address (when required)

βœ… Account & usage data

– login information
– course progress
– downloads and access logs
– webinar attendance
– scheduling details via Cal.com

βœ… Payment data

– transaction ID
– payment status
– last 4 digits of card and expiry date (via Stripe)
β†’ We never store full credit card numbers.

βœ… Technical & device data

– IP address
– browser type
– device type
– operating system
– session identifiers
– cookie and tracking data

βœ… Marketing & communication data

– email preferences
– unsubscribes
– consent status

βœ… Optional data

– questionnaire responses
– survey responses
– social media profile data (when connecting through an integration)

βœ… Sensitive data

We do not intentionally collect sensitive information.
If any program requires sharing such information, we request explicit, separate consent and limit processing to the minimum necessary.

4. How We Collect Data

We collect data from the following sources:

– directly from you (forms, purchases, account creation, surveys, emails)
– website and platform activity (Kajabi, ActiveCampaign, etc.)
– payment processors (Stripe Payments Europe Ltd / Stripe, Inc.)
– appointment tools (Cal.com)
– webinar tools (Demio)
– analytics platforms (with consent)
– technical logs and cookies
– third-party verification (e.g., address validation)

We may combine information you provide with technical or analytics data to ensure reliable operation and relevant communication.

5. Data Processors & Recipients

We use trusted third-party service providers who process data on our behalf with GDPR-compliant agreements:

  • Kajabi, LLC β€” website hosting, course delivery, email communications

  • ActiveCampaign, LLC β€” email marketing and automation

  • Google Workspace β€” email services and file storage

  • Stripe Payments Europe Ltd / Stripe, Inc. β€” payment processing

  • Cal.com, Inc. β€” scheduling and appointments

  • Demio, Inc. β€” webinars

  • Analytics providers (with consent): Google Analytics 4, Meta Pixel

We may also disclose data to:

βœ… authorities where required by law
βœ… legal advisors for establishing or defending legal claims
βœ… collection agencies in case of unpaid invoices
βœ… providers supporting fraud prevention or security monitoring

We do not sell personal data.

6. International Data Transfers (EU/EEA β†’ outside EU)

Some service providers operate outside the EU/EEA (e.g., USA).
We ensure lawful transfers by using:

βœ… EU Standard Contractual Clauses (SCCs)
βœ… supplementary technical and organizational safeguards
βœ… GDPR-compliant data processing agreements

These measures ensure an adequate level of data protection.

7. Data Retention

We retain personal data only as long as necessary or legally required.

βœ… Accounting records

6–10 years under Finnish bookkeeping law.

βœ… Customer accounts & platform usage

For the duration of the customer relationship and up to 24 months after last activity.
Data may be kept longer if needed for:
– legal claims
– billing issues
– fraud prevention
– technical troubleshooting

βœ… Marketing data

Until consent is withdrawn or the user unsubscribes.

Backups may retain data temporarily based on system retention cycles.

8. Your Rights (GDPR & International)

You have the right to:

  • access your data

  • request correction

  • request deletion (β€œright to be forgotten”)

  • restrict processing

  • object to processing based on legitimate interests

  • withdraw consent at any time

  • request data portability

  • lodge a complaint with a supervisory authority

EU Supervisory Authority (Finland)

Office of the Data Protection Ombudsman β€” tietosuoja.fi

All requests can be sent to:
πŸ“§ [email protected]

⭐ International Users (Non-EU)

Depending on your jurisdiction, you may have additional rights under local laws.
We honor valid data requests to the extent required by applicable regulations.

9. Marketing Communications

We may send marketing messages based on:

βœ… your explicit consent, or
βœ… an existing customer relationship (if you purchased a product)

Each message includes an unsubscribe link.

You may also unsubscribe anytime by emailing [email protected].

We do not sell or rent email lists.

10. Cookies & Tracking Technologies

We use cookies and similar technologies to:

– enable essential functionality
– analyze website performance
– measure marketing effectiveness
– personalize content and experiences

Cookie categories include:

  • Necessary

  • Functionality

  • Analytics

  • Performance

  • Advertising (with consent)

You can manage cookie preferences via the cookie banner or browser settings.

Full details are provided in our Cookie Policy.

11. Data Security

We implement reasonable administrative, technical, and organizational measures to protect personal data, including:

– encrypted connections (HTTPS/SSL)
– secure third-party processors
– access controls and authentication
– system monitoring
– data minimization practices

However, no method of transmission or storage is 100% secure.
We cannot guarantee absolute security but commit to taking appropriate measures to reduce risks.

12. Minors

Our Services are intended for adults.
We do not knowingly collect data from children under the age of 16 without verified parental consent.

If we become aware that such data was collected unintentionally, we will delete it promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time due to legal, technical, or business changes.
Updates will be posted on this page with the revised β€œLast Updated” date.

Continued use of the Services following changes constitutes acceptance of the updated Policy.

14. Contact

For questions, comments, or data requests, contact:
πŸ“§ [email protected]

Β