SloxaronmyshelCalm productivity, Helsinki

Transparency, protection, and your choices

Privacy and data protection

As referenced on

This file describes how Sloxaronmyshel processes personal data in connection with the public website, forms, and related communication at sloxaronmyshel.world. It is written to align with the EU General Data Protection Regulation and Finnish national data protection and consumer rules that apply in addition to the GDPR.

  • Data categories and purposes
  • Lawful basis and partners
  • Your rights and retention

Data controller and how to contact us

The data controller is Sloxaronmyshel. The primary channel for data protection and general correspondence is contact@sloxaronmyshel.world. You may also write to Keskuskatu 1, 00100 Helsinki, Finland, or call +358 20 7611 390 during the hours we publish for client contact. We respond to data rights requests in the order we receive them and where the law does not set a stricter time limit, we aim to provide a first answer within a reasonable time that takes account of volume and the complexity of your request.

A concise description of our business identity, the kind of services we offer, and how we present fees and online advertising is in business information, which is written to complement this file.

If you contact a colleague by name, your message is still a message to the organisation, and the same people who manage privacy requests may support that colleague in answering you in line with the rules in this file.

Scope of this text

The policy covers visitors who browse the public site, use the contact form, download materials we offer, or call or email the addresses published here. A separate contract, purchase order, or statement of work may name additional or more specific terms for a paid project; where there is a conflict, the more specific text that you signed governs the commercial part of the relationship, while the baseline duties in the GDPR and national law still apply in areas they regulate directly.

We do not sell personal data. We do not use automated individual decision-making that produces legal effects in the high-risk sense, but we may use simple filters to route messages or to help spot spam, always with a human in the review loop.

The reference date in the hero of this page is generated in your browser from the current calendar day. It is meant to help you record when you read the file. If you need a static PDF copy with a specific date stamp, you can use your browser to print to PDF, or you can request a file from us in writing.

Categories of personal data we use

Depending on your interaction, we may process, among others, the following groups:

  • Contact and request data, such as the name, email, free-text message, and, if you include them, company name, job title, or language preference. We use this to understand your request, to reply, and, if a contract is formed, to set up a client record.
  • Communication and project records, including call notes, meeting summaries, and document revisions that you and we exchange, where those records identify you in a way that the law classifies as personal data.
  • Usage and access data for the website, for example, technical logs that may include truncated IP information, the page requested, time stamp, type of device or browser, and, if a session exists, a session or consent identifier. We use this to protect the service, to fix errors, and, if you have enabled non-essential cookies, to read aggregated statistics in line with the cookie policy and your choice.
  • Local browser storage for cookie consent, theme choices, and similar convenience settings that the site or your device stores under your control.

We use one or a combination of the following bases, as required by the situation:

  • Contract and pre-contract when you ask us to do work and we prepare or sign an agreement, or when we take steps you request before entering a contract.
  • Legitimate interests in operating a service business, in securing our systems, in maintaining reliable records, and in improving public content, where we balance your rights and the limited nature of the data against the interest.
  • Consent where a rule requires a clear opt-in, such as certain marketing or analytics that are not strictly necessary for the service you asked for, or where a rule outside the contact relationship specifically demands consent.
  • Legal obligation when a statute, court order, or official instruction requires a fixed retention, disclosure, or information duty.

Cookies and similar technologies

We describe categories of cookies, storage locations, and your controls in a separate Cookie policy that is written to be read with this file. Necessary items support security, the cookie banner state, and basic site function. When you use the cookie tool to allow analytics or marketing, we and any processor we use will match our records to the configuration you have saved, and you can withdraw a choice in the same place or in your browser.

How long we keep data

Examples of retention, subject to a longer or shorter need when the law or a case requires it:

  • General contact threads that are not part of a tax-relevant or litigation record are often deleted or anonymised on a schedule that is usually within twenty-four months of the last substantive reply, unless a later project continues the file.
  • Invoices, accounting, and some contracts may be kept for up to seven years, or a longer time if a tax or other authority with jurisdiction sets a different rule in your matter.
  • Server security logs in normal operation are deleted or over-written on a short rotation, in many cases not longer than ninety days, with extension only when we pursue a security or abuse case.

International transfers and processors

Our core operations are in Finland and the rest of the European Economic Area, but your email, hosting, or productivity tools we use for internal work can involve service providers in the United States or other countries. When a transfer of personal data to a country without an EU adequacy decision is necessary, we use mechanisms that the law recognises at the time of the transfer, such as standard contractual clauses and supplementary technical or organisational measures when they are required for the case.

Your rights and complaints

Subject to the exact situation, you may have the right to access, rectify, delete, restrict, object, and port data, and, where the processing is based on consent, to withdraw that consent. Withdrawing consent does not affect processing that was lawful before the withdrawal, but it may mean we can no longer offer a part of the service that truly depended on that consent. You can complain to a supervisory authority; the Office of the Data Protection Ombudsman in Finland is a first point of contact for many residents, and, depending on the circumstances, another authority in the EEA may also be competent. We prefer to help you directly in the first instance, using the same contact information as in the “Data controller” section.

How we try to keep information safe

We use access control on systems and accounts, two-factor or strong passwords where providers allow it, encryption in transport for the site, and a minimal retention culture so that we do not keep a copy in more places than we need. Vendors with access to your data on our behalf must meet written instructions and, where the GDPR requires it, a data processing agreement. We review incident procedures so that, if there is a personal data breach, we can assess risk and, when required, notify people and the authority without undue delay.

Children and work-focused content

The public site and our workshop materials are not aimed at children. We do not want to build profiles of minors, and if we learn that we have information about a child that was collected inappropriately, we will delete that information where the law allows us to do so without harming another person’s rights.

When we change this file

We update this text when the law, our service, or our tools change. The dynamic date in the section above is your quick visual clue for the day the page is viewed; the footer and our internal change log are additional references. We do not use dark patterns to nudge you to agree to a worse privacy position, and, where a change is material, we will give a clear on-site or email notice when we have your address and the change affects you.

If you are unsure which version applies to a past conversation, ask us; we can often provide the latest thread or the policy link we used in our reply, subject to security checks.