Skip to content
Sign in Register Request a demo
Sign in Request a demo Register
Register

Website privacy policy

Last updated: May 2026

This Privacy Policy explains how we process personal data of our customers, potential customers, business contacts and visitors of our website.

This Privacy Policy applies to personal data processed through the Readpeak corporate website and in connection with related business-to-business activities, such as contact requests, demo requests, registrations, newsletters, event registrations, customer and prospect communications, website analytics and website-related marketing activities.

For more information related to the Readpeak platform and advertising technology services, please visit Readpeak Platform Privacy Policy, https://www.readpeak.com/readpeak-privacy-policy.

Who is the Controller? 

Readpeak Oy
Tammasaarenlaituri 3, 00180 Helsinki, Finland

Business ID 2615511-5

+358 50 575 2083 or info@readpeak.com

What is the legal basis for and purpose of the processing of personal data?

The legal basis for processing personal data depends on the purpose of the processing.

We may process personal data on the basis of:

  • our legitimate interests, including managing customer and prospect relationships, operating and improving our website and services, organising events, conducting business-to-business marketing, ensuring information security, and analysing the use of our website and communications; 
  • legal obligation, where processing is necessary to comply with applicable laws, such as accounting, tax, recordkeeping or other mandatory legal requirements; and 
  • consent, where consent is required, including for the use of non-essential cookies and similar technologies, certain electronic direct marketing, and certain analytics or marketing activities. 

The purpose of the processing of personal data is:

  • delivery, operation and development of our website, products and services; 
  • fulfilment of contractual obligations and other undertakings of the company; 
  • management of customer, prospect and partner relationships; 
  • handling contact requests, demo requests, registrations and other business communications; 
  • organising events, webinars and similar activities; 
  • analysing website usage and business interactions; 
  • direct marketing and other business-to-business communications;
  • targeting or tailoring website content, communications and marketing based on business interest, website interactions or other relevant data; and 
  • ensuring the security of our website, systems and services. 

We may use website analytics, cookies, marketing automation tools and other similar technologies to understand how visitors interact with our website, to improve the website and our services, and to tailor business-to-business communications and marketing. For more information, please see our separate Cookie Policy available at: https://www.readpeak.com/cookie-policy. Readpeak does not make automated decisions that produce legal effects concerning you or similarly significantly affect you within the meaning of Article 22 GDPR.

We have a legitimate interest in processing personal data of our customers’, potential customers’ and partners’ representatives. This processing enables us to manage our business relationships, respond to requests, provide services, market our services and develop our website and operations. We have assessed that, taking into account the categories of data subjects, the nature of the data, the limited business-to-business context and the safeguards and choices available to you, our legitimate interests are not overridden by your interests or fundamental rights and freedoms.

You may, however, object to processing based on legitimate interests at any time as described below.

What data do we process?

We may process the following personal data of the customer, prospect, website visitor or other data subject:

  • basic information, such as name, email address, phone number, company name, job title, country, city and customer number; 
  • device and technical information, such as IP address, browser type and version, operating system, device type and similar technical identifiers; 
  • company and relationship information, such as business ID, billing details, language, currency, country, account information, and names and contact details of representatives; 
  • website usage and analytics information, such as page visits, traffic source information, interactions with website content, cookie-related data and similar usage data; 
  • marketing and communication information, such as newsletter subscriptions, marketing preferences, direct marketing prohibitions, consents, communications with Readpeak, and engagement with marketing communications; 
  • event-related information, such as registration details, attendance information, dietary or accessibility information you provide for an event, and other event-related communications; 
  • customer and contract information, such as information concerning past and existing contracts, services, orders, account status, meeting history and other transaction-related information; and 
  • other information, where you choose to provide it to us or where it is collected with your consent. 

Where fields are marked as mandatory in a form, they are required in order for us to process your request, provide the relevant service, enter into a contract, or otherwise manage the relevant relationship. Without the necessary information, we may not be able to provide the requested service or respond to your request.

Where do we receive the personal data?

We receive personal data primarily from the data subject.

We may receive personal data:

  • directly from you when you fill in a contact form, request a demo, register for a service, subscribe to a newsletter, register for an event, communicate with us, or otherwise interact with our website or business; 
  • automatically through cookies, analytics tools and similar technologies, subject to applicable legal requirements; 
  • from the organisation that you represent; 
  • from publicly available sources, such as company websites, public registers or professional networking sources, where permitted by law; and 
  • from service providers, event partners, marketing partners or other third parties, within the limits of applicable laws and regulations. 

Whom do we disclose data and do we transfer data outside of EU or EEA?

We do not disclose personal data to external parties except in the following circumstances:

  • Authorities: We may disclose personal data to authorities where we have a legal obligation to do so. 
  • Consent: Based on your consent, we may disclose your personal data within the limits of the specific consent you have given. 
  • Business transactions: We may disclose personal data in connection with a business transaction, financing arrangement, reorganisation, merger or sale of assets, where and to the extent necessary. 
  • Legitimate interests and protection of rights: We may disclose personal data where necessary to protect or defend our legitimate rights and interests, or those of our customers, employees, directors, shareholders or other relevant parties, or to ensure the safety, security and proper functioning of our website or services. 

We use service providers and subcontractors that process personal data on our behalf and for us, such as providers of IT, hosting, cloud storage, analytics, CRM, customer communications, event management, security and marketing services. We require our service providers to process personal data only in accordance with our instructions and applicable data protection laws.

Personal data may be transferred outside the European Union, the European Economic Area or the United Kingdom, including to the United States. Where such transfers take place, we use appropriate safeguards as required by applicable law, such as an adequacy decision, the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, the European Commission’s Standard Contractual Clauses, and/or other lawful transfer mechanisms as applicable.

How do we protect the data?

Only those of our employees and authorised service providers who need personal data for their work tasks are entitled to process such data.

Personal data is protected by appropriate technical and organisational security measures, including, where appropriate, access controls, user-specific credentials, password protection, firewalls, logging, secured databases, restricted access to systems and premises, and other measures designed to protect personal data against unauthorised access, disclosure, alteration and destruction.

We also require our service providers to maintain appropriate security measures for the personal data they process on our behalf.

How long do we store the data?

We store personal data only for as long as necessary for the purposes described in this Privacy Policy and in accordance with applicable law.

Retention periods may vary depending on the type of data and the purpose of processing. For example:

  • customer account, contract and billing data is retained for the duration of the customer relationship and thereafter for the period required by law; 
  • prospect, demo request and contact request data is retained for a limited period after the last meaningful interaction, unless a longer retention period is justified; 
  • newsletter and direct marketing data is retained until you unsubscribe or otherwise object, after which we may retain limited suppression information in order to respect your choice; 
  • event-related data is retained for the period needed to organise the event and carry out reasonable follow-up; and 
  • cookie and analytics data is retained in accordance with our Cookie Policy and technical settings. 

After the customer relationship ends, Readpeak may retain limited business contact and relationship data for direct marketing of its products and services where permitted by applicable law and based on Readpeak’s legitimate interests or, where required, the data subject’s consent. This retention is limited to data reasonably necessary for that purpose, such as name, business contact details, company, role, marketing preferences, and high-level information about the previous customer relationship. 

We regularly assess the need for data retention in light of the applicable legislation and the purposes of the processing. We also take reasonable measures to ensure that the personal data we process is accurate, up to date and limited to what is necessary. We rectify or delete personal data without undue delay where required.

What are your rights as a data subject?

You have the following rights, subject to applicable law:

  • Right of access, rectification and erasure: You have the right to access the personal data concerning you and to request rectification or erasure of such data. 
  • Right to withdraw consent: Where processing is based on consent, you have the right to withdraw or change your consent at any time. Cookie consent may be withdrawn through the cookie consent mechanism. 
  • Right to object and restrict processing: You have the right to object to direct marketing and related profiling at any time. For reasons relating to your particular situation, you also have the right to object to processing based on our legitimate interests. You also have the right to request restriction of processing in certain situations, for example if you contest the accuracy of your data or object to processing. 
  • Right to data portability: You have the right to receive the personal data concerning you that you have provided to us, in a structured, commonly used and machine-readable format, and to transmit those data to another controller where the legal conditions for portability are met. 
  • Right to lodge a complaint: You have the right to lodge a complaint with the competent supervisory authority. In Finland, the competent authority is the Office of the Data Protection Ombudsman. 

Additional information for U.S. residents

If you are a resident of a U.S. state that grants privacy rights under applicable law, Readpeak will handle your personal data in accordance with such laws to the extent they apply to the processing described in this Privacy Policy.

Depending on the applicable law and the nature of the processing, you may have the right to:

  • know whether Readpeak processes your personal data and to access such data; 
  • request deletion of your personal data; 
  • request correction of inaccurate personal data; 
  • obtain a copy of certain personal data in a portable format, where applicable; 
  • opt out of the processing of personal data for targeted advertising, the sale or sharing of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects, where applicable; and 
  • not be discriminated against for exercising any privacy rights granted by law. 

Readpeak’s website and related sales and marketing activities may involve the processing of personal data relating to individuals located in the United States. Where personal data is transferred from the European Union, the European Economic Area or the United Kingdom to the United States, Readpeak will ensure that an appropriate transfer mechanism is in place as required by applicable law.

If you wish to exercise rights available to you under applicable U.S. law, you may contact us using the contact details set out below. Where permitted by law, we may take reasonable steps to verify your identity and the scope of your request before responding. If we deny your request, you may have the right to appeal that decision in accordance with applicable law and the instructions provided in our response.

Contact

Should you have any privacy concerns, please contact Readpeak by post at Tammasaarenlaituri 3, 00180 Helsinki, Finland or via email at info@readpeak.com.

Changes

We are continuously developing our business and services, which is why we may occasionally need to make changes to this Privacy Policy. We will inform you about any changes we make, either personally or through our services. We suggest that you check this page periodically.