Privacy Statement

This Privacy Statement contains information required by the EU General Data Protection Regulation  (GDPR, The General Data Protection Regulation, 2016/679) and the national data protection law for a data subject, such as for the controller’s customer, employees and for the supervisory authority.


Registry controller

Name: Asema Electronics Oy
Address: Isokaari 11 C 4, 00200 Helsinki
Company ID: FI2180298-5


Contact information

privacy@asema.com


Data protection officer

Asema Electronics Oy
Jani Hursti
Isokaari 11 C 4
00200 Helsinki


Name of the registry and reasons for data processing

User registry of Asema Adapt service.
We store and process in the registry the personal information of users registered to the service (hereinafter “User”) as well as the organizations represented by the said users.


Purpose of data processing

The information stored in the registry is used to produce the Adapt service and improve its user experience. The aim of the processing is that the Users will receive content and communication that fits the profile and choices made by the User.
The legal basis of processing is legitimate interests of the service provider (GDPR 2016/679, article 6, section F)  and consent given by the User (GDPR 2016/679, article 6, section A). The process of withdrawing the consent is instructed in the app of the service and it can also be withdrawn by contacting Asema Electronics customer service.


Information contained in the registry

The registry may store then name, phone number, email, address and other information entered into the service by the User.
The information concerning the User may contain the following items:
- Name, email address and title
- Name and contact details of the business / organization the User belongs to
- Information regarding the membership of the Adapt service as well as data concerning communication related to using the service
- Information regarding the use of the services, such as subscribed to sub-services and bought products
- Information concerning usage patterns within the service
- Username and similar information of identification
- Other information the User has given consent to collecting.


Personal data sources and updates

The collection of data is based on registration to the service or other direct contact with Asema Electronics Oy. Personal data is collected primarily from the User. Personal data may also be collected from the contacts and organization of the User or some other user that registers in the service or as a contact of the User. We may also collect additional information from public sources.


Transfer of data

The data in the registry is not transferred to third parties for marketing purposes.
The data stored by the service is held of servers that are located in Finland. When data is processed, it may be transferred outside of the EU or EEA using standard contractual clauses based on data protection legislation or using another transfer mechanism permitted by legislation that guarantee appropriate protection of personal data. A transfer mechanism used by the controller is the standard contractual clauses adopted by the European Commission, including Privacy Shield.


Data retention period 

The registry is stored in databases that are protected by firewalls, passwords and other technical means. Access to the registry is for authorized personnel of Asema Electronics only.
Outdated or unused information is destroyed in an appropriate and save manner. Personal information is retained only for the period that is required to fulfill the purposes outlined in this Privacy Statement. However, due to legislative requirements, including but not limited to accounting laws, the information may be retained for a longer period of time.


User’s rights

Users have the right to receive a confirmation of whether their personal data will be processed or not, or whether they have already been processed.
If Asema Electronics processes User’s personal data, the User has the right to receive the information in this document and a copy of the personal data being processed or already processed.
The User also has the right to request Asema Electronics to rectify or erase their personal data and prohibit the processing of their personal data for direct marketing purposes.
If Asema Electronics processes the User's personal data on the basis of consent, the User has the right to cancel such consent. The cancellation of consent does not affect the lawfulness of processing performed based on the consent prior to its cancellation. Such cancellation may, however, have an effect on the usability and functionalities of the service.
The User also has the right to request Asema Electronics to restrict the processing of their personal data or to otherwise oppose the processing. In addition, under the General Data Protection Regulation, the User may request that the data they have provided themselves be transferred in machine-readable format.
All of the above requests must be submitted to the abovementioned contact person of the controller of the registry. A valid copy of identification document must be included in the request.
If a data subject considers that his/her personal data is not processed legally, he/she has the right to file a complaint with the supervisory authority.


Protection methods regarding the registry

The controller processes personal data securely and in a manner fulfilling the requirements of applicable laws. The controller has protected the data appropriately in technical and organizational terms. The data file is protected using, for example, with SSL encryption, firewalls, encrypted disk partitions, passwords and other technical means. Personnel who has access to the data due to their work obligations are identified with usernames and passwords. Physical equipment that stores data is stored in locked locations with surveillance. Databases are backed up daily.


Updates to the Privacy Statement

Asema Electronics continuously develops its service and its data protection related processes and tools continuously and reserves the right to amend this Privacy Statement. In addition, the legislation concerning privacy may change and regular review of the Privacy Statement is recommended.