Privacy Policy

The data controller for personal data processed via strgy.com is STRGY AI Oy (Y-tunnus 3559076-8), Malagankatu 8 A 34, 00220 Helsinki, Finland.

For data protection questions, contact privacy@strgy.com.

We collect the following categories of personal data:

• Email captures. When you submit your email to receive an analysis, request a demo, or contact us — we store the email address, the timestamp, and the company you asked about.
• Analysis requests. Company name, the requester's email, and any free-text context you provide.
• Technical data. IP address, user agent, and basic usage logs collected by our hosting and security infrastructure for the legitimate purpose of preventing abuse.

• Service delivery (contract / pre-contractual steps, Art. 6(1)(b)). To respond to your demo request and deliver the analysis you asked for.
• Legitimate interests (Art. 6(1)(f)). To monitor service health, prevent abuse, and improve the product in aggregate.

We retain personal data only as long as needed for the purpose it was collected for:

• Email captures and analysis requests: for as long as needed to deliver the requested analysis, respond to follow-up questions, and operate our marketing relationship — or until you ask us to delete it.
• Technical logs: only as long as needed for service health, abuse prevention, and security monitoring.

We use the following sub-processors. Each operates under a Data Processing Agreement (DPA) and only processes data on our instructions:

• Microsoft Azure — infrastructure.
• Plausible Analytics — analytics.

Prompts sent to Azure OpenAI are not used to train models.

Where personal data is transferred outside the European Economic Area, we rely on adequacy decisions or the European Commission's Standard Contractual Clauses, supplemented by additional safeguards where required.

Under GDPR you have the right to:

• Access the personal data we hold about you (Art. 15).
• Have inaccurate data corrected (Art. 16).
• Request deletion (Art. 17), subject to legal retention obligations.
• Restrict or object to processing (Art. 18, 21).
• Receive your data in a portable format (Art. 20).
• Withdraw consent at any time, without affecting prior processing.

To exercise any of these, email privacy@strgy.com. You also have the right to lodge a complaint with the Finnish Data Protection Ombudsman (tietosuoja.fi).

We protect personal data with industry-standard technical and organizational measures: encryption in transit and at rest, role-based access control, audit logs, and regular security review. No system is perfectly secure, but we treat your data with care.

We will update this policy as our practices evolve. Material changes will be communicated via the site or email. The "last updated" date at the top reflects the most recent revision.