← Back

Privacy policy / Tietosuojaseloste

Last updated: 22 May 2026

Data controller / Rekisterinpitäjä

Easy Host Oy (Y-tunnus 3288005-7)
c/o Sörnäistenkatu 19 B 21, 00580 Helsinki, Finland
Contact: Joona Taskinen · joona@easy-host.fi · +358 50 4633 591

Who this applies to

Anyone with an account in this portal: Easy Host Oy employees, Easy Host's payroll manager, and contracted partners (cleaning companies, contractors).

What we collect, and why

• Identity: name, work email, Finnish personal identity code where it appears on the employment contract, Y-tunnus for partners. Required to identify you and to fulfil legal obligations (Vuosilomalaki, payroll, tax reporting).
• Employment data (employees): hire date, daily hour target, salary, fringe benefits, bonus eligibility, leave balances, sick leave with thresholds per Sairausvakuutuslaki. Required to compute work-time balance and statutory entitlements.
• Contract data (partners): hourly rate, bank account, extra-work logs, expense claims with receipts, unavailability. Required to process payments and plan scheduling.
• Authentication data: Google account identity (email and basic profile) via Sign in with Google. We use this only to verify it's you and to maintain your session. We do not access your Google Drive, Gmail, or other Google data.
• Operational data: hours logged, leave requests, expense claims, admin actions audit log. Required for internal record-keeping and statutory documentation.
• Documents: work contracts and amendments stored on your record, accessible only to you and authorised admins.

Legal basis

• Performance of a contract (your employment or service agreement)
• Compliance with a legal obligation (employment law, tax law, GDPR)
• Legitimate interest (operational reporting, fraud prevention)

Where data is stored

On Railway's managed PostgreSQL service (data centre in the EU). The application runs on Railway's infrastructure with TLS-encrypted connections and daily backups. We do not transfer your data outside the EU/EEA without an adequate legal basis.

Who can see your data

• You — your own page (hours, leave, balances, documents, or partner-side records).
• Easy Host admins — full visibility for legitimate HR / contractor management purposes.
• The payroll manager — read-only access to information needed for payroll, including hours and balances of all employees.
• External processors: Railway (infrastructure), Google (Sign-in authentication only). Each has its own privacy terms. We share data with our payroll bureau only as needed to process payments.

How long we keep it

• While you are an active user. Hour and leave records are retained for the period required by Finnish employment and accounting law (typically 10 years for payroll records).
• After your engagement ends: your account is deactivated; records required for legal compliance are retained for the statutory period and then deleted.

Your rights under GDPR

You have the right to access, correct, and request deletion of your personal data (subject to statutory retention obligations); to restrict or object to processing; and to data portability. For any request, email joona@easy-host.fi. You also have the right to lodge a complaint with the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto) at tietosuoja.fi.

Changes

If we change this policy materially, we will notify active users by email. The current version is always available at this URL.

This is a draft policy generated from Easy Host's standard employment and partner contracts. Review with a Finnish-law privacy specialist before relying on it for SaaS customers outside Easy Host.