Privacy Policy

Esteri Group ("we," "us," or "our") operates the Laykka website (laykka.fi). This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our website and services. We are committed to compliance with the EU General Data Protection Regulation (GDPR) and the Finnish Data Protection Act.

The data controller responsible for your personal data is:

Esteri Group
Finland
Contact: esteri@esterigroup.fi

• Contact form submissions: Name, email address, company, phone number, and the content of your message when you submit an inquiry.
• Newsletter subscriptions: Your email address (and name, if provided) when you subscribe to our updates.
• AI chat conversations: The messages you send to our AI assistant, used to generate replies and improve our service.
• Usage data: Pages visited, links clicked, browser type, and approximate location, collected via Google Analytics 4 (only with your consent).
• Cookies: Small text files used for site functionality and analytics. See our Cookie Policy for details.

We process your personal data under the following legal bases (GDPR Article 6):

• Consent — for analytics cookies and newsletter signups.
• Legitimate interest — for responding to inquiries and improving our services.
• Legal obligation — when required to comply with applicable law.

We share data with the following processors, each of whom acts only on our instructions and provides appropriate safeguards:

• Render (USA) — website and backend hosting.
• Grist Labs (USA) — secure storage of inquiry and subscriber records.
• OpenAI, Inc. (USA) and Anthropic, PBC (USA) — process AI chat messages to generate responses.
• Google LLC (USA) — Google Analytics 4 for anonymous usage statistics (only with your consent).
• Domainhotelli / cPanel SMTP (Finland) — outbound transactional email delivery.

Transfers of data outside the EU/EEA are protected by Standard Contractual Clauses (SCCs) approved by the European Commission. We do not sell your personal data to any third party.

• Inquiry records: kept for up to 24 months after last contact, then deleted.
• Newsletter subscriptions: kept until you unsubscribe.
• AI chat logs: retained for service-quality monitoring; not used for AI model training.
• Analytics data: retained according to Google Analytics defaults (up to 14 months).

You have the following rights regarding your personal data:

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — correct inaccurate data.
• Right to erasure ("right to be forgotten") — request deletion of your data.
• Right to restrict processing — limit how we use your data.
• Right to data portability — receive your data in a machine-readable format.
• Right to object — object to processing based on legitimate interest.
• Right to withdraw consent — at any time, without affecting prior lawful processing.
• Right to lodge a complaint — with the Finnish Data Protection Ombudsman (tietosuoja.fi).

To exercise any of these rights, contact us at esteri@esterigroup.fi. We will respond within 30 days.

Every newsletter email we send contains a one-click unsubscribe link. Clicking it removes you from our list immediately and permanently.

We use industry-standard security practices including HTTPS encryption, secure database hosting, and limited internal access to personal data. No system is 100% secure, but we work to protect your information at every stage.

We may update this policy from time to time. The "Last updated" date at the top of this page reflects the latest revision. Material changes will be communicated via the website.

For any questions about this privacy policy or to exercise your rights, please contact: esteri@esterigroup.fi / +358 45 111 2300