Privacy policy

Privacy policy

We comply with the EU General Data Protection Regulation (EU Regulation 2016/679).

Your privacy is important to us. This Privacy Policy sets out what personal information we collect from you and how we use that information. Personal information is any information from which an individual (hereinafter “User”) can be identified.

  1. Register operator / Data controller

Data controller means EPSE Oy Ltd (hereinafter “EPSE” or “we”) for the purposes of applicable data protection laws. EPSE is responsible for ensuring that personal data is processed in accordance with this Privacy Policy and applicable data protection legislation. The services provided by EPSE are hereinafter referred to as the “Services”.

  1. Contact persons regarding privacy policy

Elopellontie 1 G
33470 Ylöjärvi

The contact person for matters concerning this Privacy Policy is Anni Honkonen, EHSQ Manager,

  1. Collection of personal data

We collect and process personal data about the User in various ways as described below. Most of the personal data we process is obtained directly from the User. We may also collect personal data in connection with the provision of our Service. We also use public data sources to verify the accuracy of personal data, such as the Postal Address Service and the Population Register Centre.

  1. Personal data provided by the user at the time of registration

Company name
Business ID
First name and surname
E-mail address

The User also has the possibility to provide us with other personal information to facilitate the use of the Service, such as address or phone number. When our customer is a company, we also collect basic information about contact persons and company representatives, as well as information about Users. The provision of this personal information is voluntary. However, this personal information may be required to access all features of the Service.

  1. Information related to the use and deployment of the Service

We may also collect information automatically when a User uses our Service. This information includes: Accounting transaction information for the User; Subscription information, such as billing information and the collection of the User’s monthly subscription fees; The User’s periodic license fees are billed at agreed times using the Netvisor accounting software.

  1. How we process our personal data

We process personal data for three main purposes, described below.

  1. Provision of the service

Some areas of our Service require the processing of personal data in order to provide services to the User. For example, processing may involve information that is necessary for us to provide the Service to the User and to provide customer service or to bill the User. The data processing in this case is based on a contract between the User or business customer and EPSE.

  1. Service development and research

We may use personal data to improve the quality of the Service, to solve problems identified in the Service and to improve the features of the Service for Users. This processing is based on our genuine interest in improving our Service and its features and content. We may also provide anonymous statistical information for research purposes, including business intelligence.

  1. Marketing and communications

We may use personal information to send you important information about the Service. Personal data may also be used for the purposes of advertising, marketing, direct marketing and personalized marketing to Users. We may create general profiles of Users to provide better content and advertising. This is based on our genuine interest in keeping Users informed about our Service and in marketing new and relevant products and services to our Users. The User has the right to opt-out of direct marketing at any time.

  1. Sharing of personal data

We may share personal data with third parties:

When permitted or required by law; when trusted service providers provide services to us on our behalf and in accordance with our instructions. However, we will control and be responsible for the use of User’s personal information in all circumstances; where EPSE is involved in a merger, acquisition, or sale of a business or part of a business; when we believe in good faith that disclosure is necessary to protect our rights, the safety of the User or others, to investigate fraud, or to comply with governmental requests.

EPSE does not sell Users’ personal information to third parties.

  1. Transfer of personal data outside the EU/EEA

We do not transfer Users’ personal data outside the EU/EEA.

  1. Retention of personal data

The User’s personal data will be kept only for as long as necessary to fulfil the purposes set out in this Privacy Policy. When the retention of the User’s personal data is no longer required by law, our rights or obligations, or the User’s rights or obligations, we will destroy such personal data. For example, when a User deletes a user account on the Service, the data will be promptly deleted from the Service. For technical reasons, in such situations, personal data will be kept in our backups for a maximum of one year before being destroyed.

  1. User’s data protection rights

The User has the right to access the personal data that we hold about that User. The User has the right to access, rectify, update, amend or delete the personal data at any time. However, certain information is essential to fulfill the purposes set out in this Policy and may also be required by law. Accordingly, the User may not delete such personal data.

The User may request the personal data we hold by contacting

The User has the right to object to certain data processing, such as profiling for marketing purposes. The User also has the right to restrict the processing to the extent required by applicable data protection law. The User has the right, to the extent required by law, to data portability, i.e., the right to receive their personal data in a structured, commonly used, machine-readable format and to transfer their personal data to another controller.

The User may correct, delete, or otherwise process personal data in the Service or contact EPSE’s customer service to make a change. You can contact us using the contact details provided in the section on “2. Register operator / Data controller” or by sending us an email at


If the User perceives a problem with our data processing practices, the User has the right to lodge a complaint with the User’s national data protection authority in the EU/EEA. In Finland, this authority is the Data Protection Ombudsman. The contact details of the Finnish Data Protection Ombudsman can be found via this link:

  1. Personal data concerning children

Our service is not directed to children. If you become aware that a child under the age of 16 has provided us with their personal data, please contact us using the contact details provided in the “2. Register operator / Data controller” section or by sending us an email at

We use cookies or similar technologies to improve the usability of our website. Cookies are small text files placed on a User’s device to collect normal internet log information. Certain functionalities of the Service require the use of cookies. We use cookies to enhance the functionality of the Service and to make it easier to use. You may set your browser to refuse the use of cookies. You can also restrict the use of cookies or delete cookies from your browser.

  1. Security

EPSE takes security seriously. We take various measures to protect personal data from loss, misuse, unauthorized access or disclosure. These measures are taken taking into account the sensitivity of the data we collect, process and store, as well as current technology. To learn more about our current practices and policies regarding security and confidentiality of personal information and other data, please review our Privacy Policy – we will keep this document up to date as practices evolve over time.

  1. Changes to our Privacy Policy

We may change this policy from time to time. If we do, we will post a notice on our website.

  1. Contacting us

Please contact us if you have any questions about EPSE’s privacy policy or practices. You can contact us using the contact details provided in the section on “2. Register operator / Data controller” or by sending us an email at