Privacy Policy

Privacy Policy

for Firemind Group Oy

1. Introduction

This Privacy & Cookie Policy explains how Firemind  (“Firemind”, “we”, “us”, “our”) collects, uses, stores, shares, and protects your personal data when:

  • You visit www.firemind.com
  • You interact with us (e.g., by contacting us or signing up for marketing)
  • You use our software or services as an Authorised User under a customer contract

We comply with:

  • EU General Data Protection Regulation (GDPR)
  • UK GDPR & Data Protection Act 2018
  • ePrivacy Directive & local cookie laws
  • Local data-protection requirements in the United Kingdom, Finland, the Netherlands, and Germany

You should read this policy carefully. If you have questions, please contact us using the details below.

2. Who We Are (Data Controller Information)

Firemind is a leading GenAI Amazon Web Services (AWS) Consultancy Partner, specialising in cutting-edge solutions for enterprises. Our services include:

  • GenAI
  • Machine learning
  • Data and analytics
  • DevOps
  • SaaS consulting
  • Retail and supply chain consulting
  • Cloud migration

For more information, please visit the “About” section of our website.

 For activities where we determine the purpose and means of processing, the Data Controller is:

Firemind Ltd

1 Chapel Street, Warwick, United Kingdom, CV34 4HL

Email: dpo@firemind.com

For other activities, Firemind may act as a processor on behalf of clients.

3. Contact Details

If you have any questions or concerns about our use of your personal information, this policy or other privacy related matters, please contact us at dpo@firemind.com

4. What Personal Data We Collect

We might collect following data i) Data provided directly by you, ii) Data from authorised users, iii) Automatically collected data (IP, device, logs, cookies) iiii) Data from third-party sources.

Below you can find further details about the personal information we collect:

4.1 Personal Information We Collect Directly

We may collect the following personal information:

  • Name and job title
  • Contact information, including email address
  • Demographic information such as postcode, preferences, and interests
  • IP address, device type, unique device identification numbers, browser type
  • Other information relevant to customer surveys and/or offers


We may ask you to provide your contact details to assist with any questions or requests you submit regarding our software or services. If you contact us via forms on our website, or email our employees, we may collect a copy of that correspondence.

4.2 Information Collected from Authorised Users

If you are an Authorised User, we collect the details needed to create an account to access our software, which is linked to your employer’s service subscription.

4.3 Information Collected Automatically

When you visit our website or use our software, we may collect certain information automatically from you. This can include:

  • IP address
  • Browser type
  • Broad geographic location (e.g., country or city-level)
  • Other technical information


We also collect data on how your device interacts with our website or software, such as links clicked and pages accessed. This helps us improve the quality and relevance of our content.

4.4 Use of Cookies

Some of this information is collected through cookies and similar tracking technology (collectively, “Cookies”).

5. Purposes and Legal Bases for Processing

We are committed to ensuring your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard the information we collect online.

5. Understanding Cookies

Processing activities include service delivery, analytics, marketing, security, compliance, and user support.
5.1 Internal Use

We use your personal information for:

  • Internal analytics to improve our website and services.
  • Understanding our visitors’ interests and improving user experience.
  • Responding to customer queries and requests.
  • Sending surveys to improve our services.
5.2 External Use

We will not sell, distribute, or lease your personal information to third parties unless we have your permission or are required by law.
If you have opted in, we may use your personal information to send promotional material about third parties that may be of interest to you.

5.3 Legal basis

Legal basis include consent, contract, legitimate interests, and legal obligations.

Our legal basis for processing your personal information depends on the specific context in which we collect it.

5.3.1 Legitimate Interests and Consent

We collect personal information when:

  • The processing is in our legitimate business interests (e.g., responding to queries or marketing campaigns).
  • We have your consent (e.g., for receiving marketing materials).

5.3.2 Legal Obligations

In some cases, we are legally required to collect personal information (e.g., for tax or legal compliance). We will inform you if the provision of personal information is mandatory and the consequences of not providing it.

6. Cookies & Tracking Technologies

6.1 What is a Cookie?

Cookies are text files that contain small amounts of information. These are downloaded to your device when you visit a website and are sent back to the website during subsequent visits. Cookies help websites recognise your device, remember preferences, and enhance navigation.

You can find more information about cookies at:

www.allaboutcookies.org

www.youronlinechoices.eu

6.2 Cookie Categories We Use
  • Strictly Necessary Cookies
    Essential for navigating the website and accessing secure areas, such as login or shopping baskets.
  • Performance Cookies
    These collect anonymous information on how visitors use our website, including which pages are visited most often.
  • Functionality Cookies
    These cookies remember choices you’ve made (e.g., language or region) and improve personalisation.
  • Targeting or Advertising Cookies
    These are used to deliver more relevant advertisements to you and limit how often you see the same ad. They also measure the effectiveness of ad campaigns.
6.3 Cookie consent requirements

Non-essential cookies require consent in the EU/EEA and UK.

6.4 Cookie preferences

Users may withdraw or modify consent at any time via Cookie Settings.

7. How We Use Personal Data

Uses include service provision, analytics, personalisation, communications, security, and legal compliance.

We never sell personal data.

8. Sharing Your Data

We may share data with service providers, partners, professional advisers, or authorities when legally required.

9. International Data Transfers

Transfers outside the UK/EU may occur using:

  • SCCs
  • UK Addendum or IDTA
  • Supplementary measures

10. Data Retention


We retain personal information where we have a legitimate business need to do so, for example:

  • To provide access to our software or services.
  • To comply with legal, tax, or accounting requirements.

When we no longer have a legitimate need to process your information, we will delete it.

Retention depends on purpose:

  • Marketing: until consent withdrawn or 24 months of inactivity
  • Account data: duration of contract
  • Logs: 12–24 months
  • Cookies: per cookie duration table

11. Your Data Protection Rights

11.1 Your Data Protection Rights

You have the following rights concerning your personal information (subject to certain conditions and exemptions):

  • Access: Request a copy of the information we hold about you.
  • Correction: Correct or update your personal information.
  • Deletion: Request the deletion of your personal data.
  • Objection: Object to our processing of your data.
  • Restriction or withdrawal of consent: Ask us to limit how we use your personal data or ask us to remove your personal data.

Portability: Request your personal information in a portable format.

11.2 Opting Out of Marketing

You can opt out of marketing communications at any time by clicking the “opt-out” link in the emails we send you.

11.3 Withdrawing Consent

If we process your personal data based on consent, you may withdraw this at any time. Withdrawal will not affect the lawfulness of any processing conducted prior to withdrawal.

11.4 Complaints

You have the right to complain to a data protection authority if you believe your privacy rights have been violated. You may lodge complaints with the Information Commissioner’s Office (ICO) in the UK, Autoriteit Persoonsgegevens in Netherlands, Bundesbeauftragte für den Datenschutz und die Informationsfreiheit  (BfDI) in Germany, or Finnish Data Protection Ombudsman in Finland.

Note for Germany Data subjects may lodge complaints with the supervisory authority of the federal state where they live or work, or where an alleged infringement occurred. A list of all German supervisory authorities is available at:
https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

12. Security

We are committed to ensuring your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard the information we collect online.

We use encryption, access controls, monitoring, secure development, and technical and organisational measures.

13. Links to Other Websites

Our website may contain links to other websites. Once you leave our website, we are not responsible for the protection of any information you provide on external sites. We are not responsible for external site privacy practices.

14. Children

Our services are not intended for individuals under 16.

15. Changes to This Policy

Updates will be posted on our website.

16. Contact Us

Firemind Ltd

1 Chapel Street, Warwick, United Kingdom, CV34 4HL

Email: dpo@firemind.com