Privacy policy

This privacy policy (“Privacy Policy”) concerning stakeholder data collected on the website of Sessio.dev, legal name Be Tyyni Oy, (hereinafter “Sessio” or “we”) was created on 7 April 2025.

In this Privacy Policy, we explain in more detail how Sessio collects and processes personal data of individuals belonging to our various stakeholder groups. You will also find information about your rights regarding the processing of your personal data.

Sessio respects your privacy and is committed to handling your personal data appropriately, in accordance with this Privacy Policy and the requirements of the European Union’s General Data Protection Regulation (2016/679) and other applicable legislation (collectively, the “Data Protection Legislation”).

Controller

Name: Be Tyyni Oy
Data Protection Officer (DPO): Lauri Säilä
DPO Email: lauri@tyyni.co

Purpose of the Register

This privacy policy applies solely to the waitlist for the sessio.dev service. We collect and process personal data only for the purpose of managing the waitlist, maintaining contact with interested users, and communicating updates related to the upcoming launch of the service. Categories of Personal Data Collected

We collect and store the following personal data:

• Email address
• Consent or objection to direct marketing
• Time and method of initial and final contact
• Notes related to the stakeholder relationship and meeting-related notes

No other data is collected.

Legal Basis for Processing

Processing is based on your consent (Article 6(1)(a) GDPR), which you provide when joining the waitlist. You may withdraw your consent at any time by contacting us via the details provided above.

Data Transfers and Location

All personal data is processed and stored within the European Union. No data is transferred outside the EU or the European Economic Area (EEA).

Data Processors and Subprocessors

We do not share your data with third parties except for essential service providers who operate within the EU and are contractually bound to GDPR-compliant data processing agreements. We do not use HubSpot or similar services.

Data Retention

Personal data is retained only for as long as necessary to maintain the waitlist and facilitate early communication before the product launch. You may request removal of your data at any time.

Data Subject Rights

Under the GDPR, you have the following rights:

• Right to access your personal data
• Right to rectify incorrect or incomplete data
• Right to withdraw consent at any time
• Right to erasure (“right to be forgotten”)
• Right to restrict or object to processing
• Right to data portability
• Right to lodge a complaint with a supervisory authority

To exercise your rights, please contact the DPO at the email address listed above.

Security Measures

We implement appropriate technical and organisational measures to ensure the confidentiality, integrity, and availability of personal data

Changes to this Policy

We may update this privacy policy if our data processing activities change. The most recent version will always be available on our website.