Privacy Policy

Last updated: February 16, 2026

1. Introduction

Vaivatta Digipalvelut ("we", "us") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you use Sentiami. We comply with the EU General Data Protection Regulation (GDPR) and Finnish data protection legislation.

2. Data We Collect

We collect: account information (name, email, phone, business name); operational data (orders, menu items, inventory, staff records) you enter into the platform; usage analytics (page views, feature usage) via Fathom Analytics, which does not use cookies or track personal data; technical data (IP address, browser type, device information) for security and service delivery; and payment information processed securely through Stripe.

3. How We Use Your Data

We use your data to: provide and maintain the Sentiami service; process payments and manage your subscription; send service-related notifications and updates; improve and develop our platform; comply with legal obligations; and provide customer support.

4. Data Storage & Security

Your data is stored on secure servers within the European Union. We use industry-standard encryption (TLS 1.2+) for data in transit and AES-256 for data at rest. Each restaurant account is fully isolated. We perform daily encrypted backups.

5. Third-Party Services

We share data only with service providers necessary for operation: Stripe for payment processing, Fathom Analytics for privacy-friendly usage analytics (no personal data shared), and cloud hosting providers within the EU. We do not sell your data to third parties.

6. Cookies & Tracking

Sentiami uses only essential cookies required for the service to function (session management, authentication). We use Fathom Analytics, which is cookie-free and does not track personal data. We do not use advertising cookies or third-party tracking scripts.

7. Your Rights

Under GDPR, you have the right to: access your personal data; rectify inaccurate data; erase your data ("right to be forgotten"); restrict processing; data portability (export your data); object to processing; and lodge a complaint with the Finnish Data Protection Ombudsman (tietosuoja.fi).

8. Data Retention

We retain your data for the duration of your account. After account closure, data is kept for 90 days (to allow reactivation), after which it is permanently deleted. Financial records are retained for the period required by Finnish accounting law (6 years).

9. Changes to This Policy

We may update this policy periodically. Material changes will be communicated via email or in-app notification at least 30 days before taking effect.

10. Contact Us

Data Controller: Vaivatta Digipalvelut, PL 10, 15101 Lahti, Finland. Email: [email protected]. Phone: +358 41 317 5455.