PRIVACY POLICY

Last Updated: 31.5.2026

1. Introduction

Wilenius Media ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://www.distantdesign.com (the "Site") and purchase our digital products or services.

We process personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Finnish Data Protection Act (1050/2018), and other applicable data protection laws.

Data Controller:

  • Name: Wilenius Media

  • Business ID (Y-tunnus): 3003350-8

  • Address: Eteläranta 21, 70820 Kuopio, Finland

  • Contact Email: contact@distantdesign.com

  • Data Protection Officer (DPO): Jami Wilenius

2. Information We Collect

We collect the following categories of personal data:

2.1 Information You Provide Directly

  • Identity Data: Name, title, username.

  • Contact Data: Billing address, email address, phone number.

  • Financial Data: Payment card details (processed securely by our payment providers; we do not store full card numbers), transaction history.

  • Account Data: Password, security questions (if applicable).

  • Communication Data: Contents of emails, support tickets, or chat logs sent to us.

2.2 Information Collected Automatically

  • Technical Data: IP address, browser type and version, time zone setting, operating system, platform.

  • Usage Data: Pages visited, time spent on pages, clickstream data, download errors.

  • Device Data: Device identifiers, location data (if enabled).

2.3 Third-Party Sources

We may receive data from:

  • Payment Processors: (e.g., Squarespace Payments) regarding transaction status.

  • Analytics Providers: (e.g., Google Analytics, Squarespace Analytics).

  • Social Media Platforms: If you interact with us via social media.

3. How We Use Your Information

We process your personal data based on the following legal grounds under GDPR Article 6:

Purpose of Processing

Legal Basis

Data Categories Used

Order Fulfillment

Contract Performance (Art. 6(1)(b))

Identity, Contact, Financial, Order Details

Customer Support

Legitimate Interest (Art. 6(1)(f))

Identity, Contact, Communication Data

Legal Compliance

Legal Obligation (Art. 6(1)(c))

Identity, Financial, Transaction History

Website Improvement

Legitimate Interest (Art. 6(1)(f))

Usage, Technical, Device Data

Marketing (Optional)

Consent (Art. 6(1)(a))

Identity, Contact, Preferences

Fraud Prevention

Legitimate Interest (Art. 6(1)(f))

Identity, Financial, IP Address

Specific Note on Marketing: We will not send you marketing communications unless you have explicitly opted in. You may withdraw consent at any time.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share data with:

4.1 Service Providers (Processors)

We engage trusted third parties to perform services on our behalf:

  • E-commerce Platform: Squarespace (hosting, site functionality).

  • Payment Processors: [Squarespace Payments/etc.] (payment processing).

  • Email Services: [Mailchimp/SendGrid/etc.] (newsletters, transactional emails).

  • Analytics: Google Analytics (anonymized usage data).

  • Cloud Storage: [AWS/Google Cloud/etc.] (file hosting for digital downloads).

All processors are bound by contractual obligations to protect your data and comply with GDPR.

4.2 Legal Authorities

We may disclose data if required by law, court order, or government request, or to protect our legal rights (e.g., in case of fraud or breach of Terms).

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction, subject to confidentiality obligations.

5. International Data Transfers

Our primary servers and operations are located in Finland/EU.

  • If we use service providers located outside the European Economic Area (EEA) (e.g., US-based cloud providers), we ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or rely on adequacy decisions where applicable.

6. Data Retention

We retain personal data only for as long as necessary:

  • Transaction Data: Retained for 6 years to comply with the Finnish Accounting Act (Kirjanpitolaki).

  • Marketing Data: Retained until consent is withdrawn.

  • Legal Claims: Retained as long as necessary for statute of limitations periods.

7. Your Rights Under GDPR

As a resident of the EEA, you have the following rights:

  1. Right to Access: Request a copy of the personal data we hold about you.

  2. Right to Rectification: Correct inaccurate or incomplete data.

  3. Right to Erasure ("Right to be Forgotten"): Request deletion of your data (subject to legal retention obligations).

  4. Right to Restrict Processing: Limit how we use your data.

  5. Right to Data Portability: Receive your data in a structured, machine-readable format.

  6. Right to Object: Object to processing based on legitimate interests or direct marketing.

  7. Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, contact us at contact@distantdesign.com. We will respond within 30 days.

8. Cookies and Tracking Technologies

We use cookies to enhance your experience.

  • Essential Cookies: Necessary for the Site to function (e.g., shopping cart).

  • Analytical Cookies: Help us understand how visitors interact with the Site.

  • Marketing Cookies: Used to track visitors across websites to show relevant ads.

You can control cookie settings via your browser or our Cookie Consent Banner. Note that disabling essential cookies may prevent the Site from functioning correctly.

See our separate Cookie Policy for a detailed list of cookies used.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption (SSL/TLS) for data in transit.

  • Secure server environments.

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

10. Children's Privacy

Our services are not intended for individuals under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware of such collection, we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy periodically. The updated version will indicate a "Last Updated" date. We encourage you to review this policy regularly. Continued use of the Site after changes constitutes acceptance.

12. Contact Us and Complaints

If you have questions about this Privacy Policy or our data practices, please contact:

  • Email: contact@distantdesign.com

  • Address: Eteläranta 21, 70820 Kuopio, Finland

If you are unsatisfied with our response, you have the right to lodge a complaint with the supervisory authority:

  • Finnish Data Protection Ombudsman (Tietosuojavaltuutettu)

  • Website: https://tietosuoja.fi/en

  • Address: Tietosuojavaltuutetun toimisto, PL 800, 00531 Helsinki, Finland