Effective date: 17.11.2025
This Privacy Policy explains how Sisumo Oy (“we”, “us”, “our”) collects, uses, stores, and protects personal information when you:
purchase digital products on Etsy or Payhip
purchase physical prints on Saatchi Art
browse our website (sisumo.fi)
contact us via email or website forms
We process personal data in compliance with the General Data Protection Regulation (EU 2016/679) (GDPR) and applicable Finnish laws.
Sisumo Oy
Business ID: 3540501-6
Address: Norkkokuja 1 C 11, 01360 Vantaa, Finland
Email: contact@sisumo.fi
We may collect the following types of personal information:
3.1 Information provided through purchase platforms
When placing an order via Etsy, Payhip, or Saatchi Art, we receive only the information these platforms provide to sellers:
Name
Email address
Postal address (for physical products)
Order details and purchase history
Any optional notes or custom instructions
We do not receive or store full payment card details.
3.2 Information you provide directly
Email correspondence
Customer support messages
Optional file uploads or custom requests
3.3 Automatically collected data (website analytics)
When you browse our website, we use Google Analytics 4 (GA4) to collect:
IP address (anonymized)
Device and browser information
General location (city-level, approximate, anonymized)
Pages visited and time spent
Referring website
IP addresses are anonymized according to Google Analytics 4’s privacy standards.
We process personal data under the following GDPR bases:
Contractual necessity: to process and deliver your order, provide customer support
Legal obligations: tax, accounting, and invoicing requirements
Legitimate interests: running a secure and effective business, preventing fraud, improving our website and services
Consent:
optional marketing communications (only if you opt in)
non-essential analytics cookies (GA4) depending on your jurisdiction
We use personal data for the following purposes:
To process and deliver orders
To handle customer service inquiries
To send digital products and order updates
To manage returns and service issues
To comply with legal and accounting obligations
To improve our website and customer experience
To monitor website traffic and functionality (GA4)
We do not use personal data for automated decision-making or profiling that produces legal or significant effects.
We share personal data only when necessary and only with trusted service providers:
6.1 Purchase platforms (independent data controllers)
Etsy
Payhip
Saatchi Art
These platforms act as independent data controllers for:
account creation
payment processing
fraud detection
order management on their platform
Your data is processed under their own privacy policies.
6.2 Payment processors
(Depending on the platform)
Stripe
PayPal
Etsy Payments
Payhip Payments
We do not receive your full payment details.
6.3 Service providers (data processors)
Some services may process data on our behalf:
Website hosting provider
Email service provider
Cloud storage providers
Google Analytics (with IP anonymization)
All processors operate under GDPR-compliant agreements.
6.4 Legal requirements
We may disclose information if required by:
court order
law enforcement
tax authorities
Some service providers (e.g., Google) may process data outside the EU/EEA.
When this happens, we ensure legal safeguards:
Standard Contractual Clauses (SCCs) approved by the European Commission
Additional security measures, such as encryption and anonymization
We do not rely on the invalidated EU–U.S. Privacy Shield framework.
We retain personal data only as long as necessary:
Order and accounting records: 6 years (Finnish Accounting Act)
Customer support messages: up to 24 months
Analytics data (GA4): 14 months (default retention)
Marketing consent data: until consent is withdrawn
After retention periods expire, data is deleted or anonymized.
You have the following rights:
Right of access – request a copy of your data
Right to rectification – correct inaccurate information
Right to erasure – request deletion when allowed by law
Right to restrict processing
Right to object to certain processing
Right to data portability
Right to withdraw consent (e.g., marketing emails)
Right to lodge a complaint with your local data protection authority
In Finland: Tietosuojavaltuutetun toimisto
To exercise your rights, contact: contact@sisumo.fi
Our website uses:
Google Analytics 4 (GA4)
Used to understand website usage and improve the service.
GA4 anonymizes IP addresses and does not store identifiable user data.
Cookie options
Visitors may:
decline non-essential cookies
block cookies through browser settings
withdraw consent at any time
A cookie banner is shown where legally required.
Our products and services are not intended for individuals under 16 years of age.
We do not knowingly collect personal data from minors.
If you believe a minor has provided information, please contact us for deletion.
We implement appropriate technical and organizational measures to protect personal data, including:
encryption
secure connections (HTTPS)
access controls
minimal data collection
restricted access to customer information
This Privacy Policy may be updated when needed to reflect:
legal requirements
operational changes
updates to services or platforms
Updated versions will be published on our website with a revised date.