Immodan
PRIVACY

Privacy Policy

We process your personal data in accordance with the EU General Data Protection Regulation (GDPR). This policy explains what data we collect, why, and how to exercise your rights.

Last updated June 4, 2026

1. Data controller

Immodan Oy (Business ID 3378728-4)
Email: hello@immodan.fi
Phone: +358 10 517 6010

For data protection questions, please contact hello@immodan.fi.

2. Personal data we process

  • Contact data: company name, contact person name, email, phone
  • Housing request details: number of people, start date, estimated duration, preferred cities, furnishing level, free-text message
  • Customer relationship data: contracts, billing, communication history
  • Technical data: form submission timing (for bot protection)

3. Purpose and legal basis

  • Preparing a quote and contract — legal basis: pre-contractual steps (GDPR Art. 6(1)(b))
  • Customer relationship management and communication — legal basis: contract (GDPR Art. 6(1)(b))
  • Compliance with legal obligations (accounting, invoicing) — legal basis: legal obligation (GDPR Art. 6(1)(c))
  • Service development and marketing to existing customers — legal basis: legitimate interest (GDPR Art. 6(1)(f))

4. Retention period

  • Quote requests not leading to a customer relationship: up to 24 months
  • Customer relationship data: for the duration of the relationship and the period required by the Finnish Accounting Act (typically 10 years from the end of the accounting period)
  • Contracts: for the term of the contract and 10 years thereafter

5. Recipients and processors

We rely on trusted service providers that act as data processors on our behalf:

  • Supabase (database and application platform, EU data residency)
  • Resend (transactional email for quote request notifications)
  • Accounting partner (invoicing and bookkeeping)

We do not sell or share personal data with third parties for marketing purposes.

6. International transfers

We do not routinely transfer personal data outside the EU/EEA. If any transfers occur via the cloud services we use, they are based on the Standard Contractual Clauses approved by the European Commission.

7. Security

We protect personal data with technical and organizational measures: encrypted connections (TLS), access controls, role-based access, and regular backups.

8. Your rights

You have the right to:

  • access the personal data we hold about you
  • request correction of inaccurate data
  • request deletion (right to be forgotten)
  • restrict or object to processing
  • data portability
  • lodge a complaint with the supervisory authority (Office of the Data Protection Ombudsman, tietosuoja.fi/en)

To exercise your rights, contact hello@immodan.fi. We will respond within one month.

9. Cookies

Our website uses essential cookies to enable functionality and may use analytics cookies to measure visitor numbers anonymously. You can manage cookies through your browser settings.

10. Updates

We may update this privacy policy, for example when legislation changes or as our services evolve. We will communicate material changes on our website.