This Privacy Notice explains how Bytes&Rights TMI (“Bytes&Rights”, “we”, “our”, or “us”) collects, uses, and protects your personal data. It also outlines your rights under the General Data Protection Regulation (GDPR) and the Finnish Data Protection Act (1050/2018).
By accessing or using our websites (www.bytes-and-rights.pro, www.bytes-and-rights.com) you agree to the terms of this Privacy Notice. If you do not agree with any part of this Notice, please do not use our websites.
WHO WE ARE
Bytes&Rights TMI is a Finnish business entity with the registered business ID 3402918-6. For the purposes of data protection laws, we are the data controller responsible for processing your personal data.
We may collect and process the following categories of personal data:
If you only access our website as a visitor, it is most likely that we don’t collect any of your personal data. However, our website uses cookies, so you might wish to read our Cookies Policy to know what exactly we do and how you can manage your cookies settings.
If you submit a consultation request via our website, we may receive from you:
your name,
phone number,
email address, and
details of your inquiry that you find necessary to share with us;
If you submit your CV or job application, we may receive from you:
your name,
phone number,
email address,
a link to your CV, and
any additional details you choose to provide to us.
To subscribe to our newsletters and marketing materials you will need to provide us with
your email address.
CHILDREN’S DATA
We do not knowingly collect personal data from individuals under the age of 16. If you are under 16 years old, you may not submit any personal data to us.
If you are a parent or guardian and believe your child has provided us with personal data, please contact us.
We may use your personal data for the following purposes:
to respond to your inquiries and consultation requests;
to provide our legal services;
to send you newsletters and legal updates (based on your consent);
to process job applications;
to analyze and improve the functionality and security of our website;
to comply with legal obligations.
We will only process your data where we have a legal basis to do so, including:
your consent
our legitimate interests (e.g., communication, service improvement)
compliance with legal obligations
performance of a contract with you
When you subscribe to our newsletter, your email address and interaction data (e.g., opens and clicks) may be processed by our email service provider (Mailchimp) to help us improve our communications. We rely on your consent to send you these newsletters, and you can withdraw it at any time by unsubscribing or by contacting us.
SHARING YOUR DATA
We do not sell your personal data. We may share your information with trusted third-party service providers who help us operate our business, for example:
IT support,
web hosting,
CRM tools,
email automations,
marketing analytic services.
These providers are bound by confidentiality and data protection agreements and may only process your data in accordance with our instructions. Analytics service providers may use their own cookies to collect information about the usage of our website.
We may also disclose data if required by law or to protect our legal rights.
TRANSFER OUTSIDE THE EEA
If your data is transferred outside the European Economic Area (EEA), we ensure adequate protection through standard contractual clauses or other safeguards approved by the European Commission.
SPECIAL CATEGORIES OF PERSONAL DATA
We don’t collect and don’t process special categories of personal data, namely data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.
We implement appropriate technical and organizational measures to protect your data. However, no method of transmission over the Internet is completely secure. We cannot guarantee the security of any information transmitted via the internet, and you do so at your own risk.
Under the GDPR you have certain rights in relation to your personal data:
The right to be informed: our obligation is to inform you that we process your personal data (and that's what we're doing in this Notice);
The right of access: your right to request a copy of the personal data we hold about you;
The right of rectification: your right to request that we correct personal data about you if it is incomplete or inaccurate;
The right to erasure (also known as the 'right to be forgotten'): under certain circumstances, you may ask us to delete the personal data we have about you (unless it remains necessary for us to continue processing your personal data for a legitimate business need or to comply with a legal obligation as permitted under the GDPR, in which case we will inform you);
The right to restrict processing: your right, under certain circumstances, to ask us to suspend our processing of your personal data;
The right to data portability: your right to ask us for a copy of your personal data in a common format (for example, a .csv file);
The right to object: your right to object to us processing your personal data (for example, if you object to us processing your data for direct marketing);
Rights in relation to automated decision-making and profiling: our obligation to be transparent about any profiling we do, or any automated decision-making.
These rights are subject to certain rules around when you can exercise them.
To exercise your rights, contact us at law@bytes-and-rights.com. We may ask for verification of your identity before responding.
MARKETING
If you have opted in to receive marketing communications, we may send you newsletters or updates. You may opt out at any time by clicking the "unsubscribe" link in our emails or by contacting us directly at law@bytes-and-rights.com.
DATA RETENTION
We retain your personal data only for as long as necessary for the purposes outlined in this Notice. The retention period depends on the nature of the data and our legal or contractual obligations. Data collected on the basis of your consent will be retained until consent is withdrawn.
From time to time, our website, newsletters, or emails may include links to external websites. The personal information you share on those sites is not governed by this Privacy Notice, and we are not accountable for how your personal data is handled by those websites.
We may update this Privacy Notice from time to time. Any material changes will be posted on this page with an updated “last revised” date.
For any questions or concerns regarding this Privacy Notice or our data practices, please contact us: law@bytes-and-rights.com.
Last update: April 2025.