Privacy Policy

Privacy Information

This privacy information provides information on how Syner9i processes your personal data if you are a customer or a potential customer of Syner9i, a representative of a customer or potential customer, a cooperation partner or its representative, or if you participate in training provided by Syner9i or Energiavalmennus. Syner9i is a trade name of Energiavalmennus Oy.

This information was last updated on 1 August 2025.

1. Who processes your data?

Syner9i / Energiavalmennus Oy
Business ID: 2866200-6
Vilhonkatu 4 B 15
00100 Helsinki

2. Who can you contact regarding data protection matters?

Heli Backman
Phone: +358 40 537 3752
heli@energiavalmennus.fi

3. What personal data do we process?

We process the following basic information about you:

  • first and last name

  • job title / position

  • employer / company

  • company location, address, and website

  • phone number

  • email address

  • social media profile link

  • mother tongue

  • information on meetings and other communications with you

If you are our customer or potential customer, or a representative of a customer or potential customer, or a participant in our training, we also process:

  • information on participation in our events and surveys

  • information on newsletter subscriptions

  • information on marketing consents

If you are our customer or a customer’s representative, we additionally process the following contract-related data:

  • information on proposed and ordered services and changes thereto

  • information related to our services and their implementation

  • billing information

If you participate in our training, in addition to the above we process the following data to fulfil the contract:

  • education, preliminary answers, and open-text responses in our surveys

  • information related to producing your personality type description and any team profile, and to carrying out individual, group, or team coaching and/or delivering the training based on them

When you visit our website, we may, with your consent, process information collected through cookies, such as activities performed on our website (e.g., document downloads, pages viewed, and forms you fill in).

4. For what purposes and on what basis do we process your personal data?

If you are our customer, a customer’s representative, a cooperation partner or its representative, or a potential customer, we primarily process your personal data for the performance or preparation of a contract (contract basis).

We may also process your personal data for marketing purposes, informing you about our services or events, and for analyzing, planning, and developing our business and services. In such cases, in addition to the contract basis, the legal basis may be our legitimate interest arising from our (potential) customer relationship.

If you determine your personality type with our assistance, we also process your data on a contract basis to produce your personality type description and any team profile. In addition, your data are stored in Syner9i’s systems, besides the taking of the test, for test development, research purposes, and customer relationship maintenance (legitimate interest).

The results of your personality and team profile questionnaire are confidential and are not shared with external parties by us. By responding to the questionnaire, you understand that, in accordance with this privacy policy, we process your responses, your contact details, and other personal data to carry out the analysis and deliver it to you (contract basis). Your personal data and results are stored in our systems, besides the taking of the test, for test development, research purposes, and customer relationship maintenance (legitimate interest).

The legal basis may also be consent if we have requested your consent for direct marketing or if you have subscribed to our newsletter.

5. Where do we obtain your personal data?

We primarily obtain data from you or from the company you represent, e.g., from messages sent via web forms, by email or phone, through social media services, from contracts, meetings, and other situations in which you or your company provide your data.

We may also collect, store, and update your data from registers maintained by address/update or similar service providers, and by collecting data from public sources or from your company’s website.

6. To whom do we disclose your personal data?

We do not disclose your personal data to third parties except where required by Finnish legislation or authorities.

We may use the following service providers to process personal data on our behalf:

  • IT system and other IT service providers

  • invoicing service providers

  • communication service providers

  • website hosting/maintenance providers

  • marketing service providers

  • service providers used for producing personality and team profiles

7. Do we transfer your personal data outside the EU/EEA?

We do not generally transfer your personal data outside the EU/EEA. If data are transferred outside the EU/EEA, the transfers will be carried out using the European Commission’s Standard Contractual Clauses or on the basis of a European Commission adequacy decision.

8. Joint controllers

We are joint controllers with Facebook Ireland for our community pages. We have concluded the Controller Addendum with Facebook Ireland (https://www.facebook.com/legal/controller_addendum) to define responsibilities under the GDPR for joint processing. We have agreed to provide you with the information set out in this section, and that between us and Facebook Ireland, Facebook Ireland is responsible for enabling your GDPR rights under Articles 15–20 with respect to personal data held by Facebook Ireland. The contact details for Facebook Ireland and its Data Protection Officer are available in Facebook Ireland’s Data Policy: https://www.facebook.com/about/privacy. When you access our Facebook community page via the link on our website or when you visit, like, or comment on our Facebook page / Instagram account, or follow our Instagram account, we jointly process your data to collect visitor statistics. This visitor data is collected for marketing purposes and to develop our Facebook/Instagram pages and services. Further information on Facebook Ireland’s processing, including the legal basis and how to exercise your rights against Facebook Ireland, is available at https://www.facebook.com/about/privacy.

We are joint controllers with LinkedIn Ireland for our LinkedIn page. We have concluded the Page Insights Joint Controller Addendum with LinkedIn Ireland (https://legal.linkedin.com/pages-joint-controller-addendum) to define responsibilities under the GDPR for our joint processing. Between us and LinkedIn Ireland, LinkedIn Ireland is responsible for enabling your GDPR rights regarding data held by LinkedIn. Contact details for LinkedIn Ireland and its Data Protection Officer, and information on LinkedIn Ireland’s processing and how to exercise your rights against LinkedIn Ireland, are available in LinkedIn’s Privacy Policy: https://www.linkedin.com/legal/privacy-policy. When you visit, like, or comment on our LinkedIn page, we jointly process your data to collect visitor statistics. This data is collected for marketing purposes and to develop our LinkedIn page and services.

9. How long do we retain your personal data?

We retain your personal data for as long and to the extent necessary in relation to the original or compatible purposes for which we collected the data, or as required to comply with legal obligations. We regularly assess the need for retention and delete or anonymize data when they are no longer necessary for the purpose for which they were collected. We take into account statutory limitation periods and therefore retain customer or partner data in accordance with their purpose of use.

Marketing data are retained until:

  • you object to the use of your data for marketing purposes,

  • you unsubscribe from our newsletter or withdraw your consent, or

  • when updating your data we discover that your data are incorrect or your role has changed so that our services are no longer relevant to your duties.

10. How do we ensure the security of your personal data?

We have implemented appropriate technical and organizational measures to protect your personal data against accidental or unlawful loss, disclosure, misuse, alteration, destruction, or unauthorized access. We store personal data in both paper and digital form.

Paper documents are kept in locked facilities, accessible only to designated persons authorized by their duties. Digital data are stored on secure servers, and access to the data is limited to pre-designated persons who need the data for their tasks and who log in with personal usernames and passwords.

11. What rights do you have?

To exercise your rights, you can contact valmentajat@energiavalmennus.fi.

Right of access
You have the right to obtain confirmation as to whether we process personal data concerning you. You also have the right to access your personal data and to receive GDPR-compliant information about the processing.

When you exercise your right of access, we will provide you with a copy of the personal data we process. If you request multiple copies, we may charge a reasonable fee based on administrative costs.

Right to rectification
You have the right to have inaccurate or incorrect data rectified without undue delay. You also have the right to have incomplete personal data completed by providing us with a supplementary statement.

Right to erasure
You have the right to have your personal data erased without undue delay if:

  • your personal data are no longer necessary for the purposes for which they were collected or otherwise processed;

  • you withdraw the consent on which the processing is based and there is no other legal basis for the processing;

  • you object to the processing of your personal data on grounds relating to your particular situation and there are no compelling legitimate grounds for the processing, or you object to processing for direct marketing;

  • we have processed the personal data unlawfully; or

  • the personal data must be erased for compliance with a legal obligation applicable to us.

Right to restriction of processing
You have the right to have the processing of your personal data restricted so that, in addition to storage, your personal data may be processed only with your consent, for the establishment, exercise, or defence of legal claims, or for the protection of the rights of another person, if:

  • you contest the accuracy of your personal data, in which case we will restrict processing for the period necessary to verify accuracy;

  • we process your personal data unlawfully and you oppose erasure and request restriction instead;

  • we no longer need your personal data for the purposes of processing, but you need them for the establishment, exercise, or defence of legal claims; or

  • you have objected to processing on grounds relating to your particular situation and are awaiting verification of whether our legitimate grounds override your objection.

Right to data portability
You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and the right to transmit those data to another controller if:

  • the processing is carried out by automated means; and

  • the processing is based on your consent or is necessary for the performance of a contract between you and us or for taking steps at your request prior to entering into a contract.

The right to data portability is limited to procedures that do not adversely affect the rights or freedoms of others.

Right to object to processing
You have the right to object to our processing of personal data based on our legitimate interest on grounds relating to your particular situation.

You also always have the right to prohibit the processing of your personal data for direct marketing and to unsubscribe from our blog, if any. You can stop electronic direct marketing, customer letters, and the blog by clicking the link in messages: “Remove me from all mailing lists”.

Right to withdraw consent
You have the right to withdraw your consent to the processing of your personal data at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with the Data Protection Ombudsman if you consider that your rights under the GDPR have been infringed in the processing of personal data. In Finland, the supervisory authority is the Data Protection Ombudsman (www.tietosuoja.fi).