This Privacy Policy explains how GästFors handles personal data when you visit this website, request access, request a demo, or communicate with us.
Last updated: 5 July 2026
The controller responsible for the personal data described in this Privacy Policy is:
GästFors OY
Finland
Email: pp@gastfors.com
Please contact us at pp@gastfors.com if you have questions about this Privacy Policy or how we process personal data.
This Privacy Policy applies to personal data processed through the GästFors website, request access forms, demo requests, and related professional communications.
GästFors is an AI-assisted guest experience automation platform for hospitality, tourism, and venue operations. At this stage, the website is mainly used to provide information, receive selected access and demo requests, and communicate with potential customers, partners, investors, and professional contacts.
We may collect and process the following categories of personal data.
When you submit a form, request access, request a demo, or contact us, we may process information such as:
When you visit the website, certain technical information may be processed automatically to operate, protect, troubleshoot, and improve the website. This may include:
Our website may use essential cookies or browser local storage for basic functionality, such as remembering whether you have accepted the cookie notice.
We do not currently use advertising cookies on the website. If we introduce analytics, marketing, advertising, or third-party tracking tools in the future, we will update this Privacy Policy and request consent where required.
We process personal data for the following purposes:
We process personal data only when we have a legal basis under applicable data protection law. Depending on the situation, the legal basis may be:
We do not sell personal data.
We may share or make personal data available to trusted service providers and professional advisors where necessary for the purposes described in this Privacy Policy, including:
Service providers are expected to process personal data only for appropriate business, technical, legal, or service-related purposes.
The website may load certain third-party resources, such as fonts, icons, JavaScript libraries, or content delivery network files. When your browser loads these resources, the relevant third-party provider may receive technical information such as your IP address, browser details, and the page from which the resource was requested.
We aim to keep third-party resources limited and appropriate for website functionality and presentation.
We aim to use service providers located in the European Economic Area where practical. Some service providers or technical resources may process personal data outside the European Economic Area.
Where personal data is transferred outside the European Economic Area, we will use appropriate safeguards where required, such as European Commission standard contractual clauses or other legally recognised transfer mechanisms.
We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
Typical retention periods are:
If a business relationship is created, certain records may be kept longer where required for accounting, contract, tax, legal, compliance, or dispute-related reasons.
We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.
These measures may include access control, secure hosting practices, encrypted transmission where applicable, limited internal access, monitoring, logging, backup procedures, and regular review of technical safeguards.
No online service can be guaranteed to be completely secure, but we aim to process personal data responsibly and proportionately.
Depending on the situation and applicable law, you may have the right to:
In Finland, the supervisory authority is the Data Protection Ombudsman’s Office.
To exercise your rights, contact us at pp@gastfors.com. We may need to verify your identity before responding to certain requests.
We do not currently use the public website to make legally or similarly significant automated decisions about individuals.
GästFors may develop AI-assisted tools for guest experience automation, operational risk intelligence, incident documentation, and review-ready summaries. Such tools are intended to support human review and professional decision-making, not to replace qualified legal, insurance, compliance, or operational judgement.
GästFors is intended for professional and business use. Our website and services are not directed to children, and we do not knowingly collect personal data from children through the website.
The website may contain links to third-party websites or services. We are not responsible for the privacy practices, content, or security of third-party websites. Please review their privacy policies separately.
We may update this Privacy Policy from time to time as GästFors develops, our website changes, or legal requirements evolve. The latest version will be published on this page with the updated date.
For privacy questions, requests, or concerns, contact:
GästFors OY
Finland
Email: pp@gastfors.com