Want remote monitoring for your building? Submit your information and we’ll get in touch:

    Data protection statement

    1. Name of register

    Customer register

    2. Controller

    Name: Envera Oy
    Address: Lars Sonckin kaari 10, 02600 Espoo, Finland
    Other contact details: +358207414020

    3. Contact person in matters related to the register:

    Name: Lauri Kalliokoski
    Address: Lars Sonckin kaari 10, 02600 Espoo, Finland
    Other contact details: lauri.kalliokoski(at)envera.fi, +358447147439

    4. Purpose of processing personal data

    Personal data is collected and processed to enable Envera to serve its customers who acquire equipment and/or services from Envera.

    Data is processed in order to identify users of Envera’s digital services and to ensure that the right people are using the services and only access the services they are entitled to use and only see the data they are entitled to see.

    Data may also be used for the implementation of Envera’s digital services, for customer service, and for service-related communications to users.

    The legal grounds of processing are: customer relationship management, fulfilling legal obligations and our legitimate interests. For the processing of some personal data we may also request the data subject’s consent.

    5. Data contents of the register

    For service users:

    • first name and surname,
    • username,
    • email,
    • telephone number,
    • role,
    • information on the company, its apartments, the property manager and maintenance company,
    • information indicating acceptance of terms and conditions.

    6. Regular sources of data

    Data is collected from users of Envera’s digital services and from customer organisations, as well as automatically when services are accessed. Data on the use of digital services is collected by Intercom and Hotjar (more information on these can be found in Marketing Policy).

    7. Cookies

    We use various technologies, including cookies, to collect and store information as you use our service and website. Cookies help us monitor the total number of visitors to our site as well as the use of our service and website. This helps us improve our service. We also use cookies that improve your user experience by making our service and website easier to use, e.g. by storing user IDs, passwords and (language) selections. We also use monitoring and analytics cookies to find out what our users think about the service we offer.

    You can block the use of cookies in your browser or set your browser to warn you whenever permission for installing cookies is requested. Please note that this may affect some of the functionalities of the service. For more information on cookies and on how to block them, please visit www.allaboutcookies.org.

    Our services use Google Analytics and other analytics tools to create reports on the use of our service in order for us to improve our website and service. For more information on Google Analytics, please visit http://www.google.com/analytics. You can disallow the collection of data by Google Analytics by downloading an add-on for your browser at https://tools.google.com/dlpage/gaoptout.

    8. Regular disclosure of data and transfer of data outside the EU or EEA

    We may transfer or disclose personal data to our partners, if it is necessary for the purposes of this data protection statement. These partners may include eCraft, Intercom, Hotjar and others.

    In such situations, personal data will be processed in accordance with current applicable legislation.

    We may also use third-party service providers such as providers of payment services, collection services and analytics services to perform certain tasks involving the processing of personal data on our behalf.

    We may also transfer or disclose personal data to our group companies and to our business successor as a result of, for example, restructuring, sale of business, merger, demerger, bankruptcy or liquidation.

    Otherwise, we will not sell or disclose your data to third parties. Neither will we transfer data outside the EEA unless permitted by data protection laws.

    If required by applicable law, personal data may also be transferred or disclosed to the authorities.

    9. Data protection principles

    All material is only stored electronically.

    Envera’s databases, in which the data is stored, can only be accessed by the employees maintaining the databases. This has been ensured by means of user rights. The user interfaces display only the information that is needed to accomplish the tasks of each particular user role. The views and access rights in the user interface are specific to each role or user.

    We apply appropriate technical and organisational security measures to protect personal data against unauthorised access and accidental or unlawful destruction, alteration, disclosure, transfer or other illegal processing.

    10. Data retention

    We will keep your personal data in accordance with current legislation and only for as long as is necessary for the purposes specified in this data protection statement. Once the basis of the processing of your personal data has ceased to exist, we will erase your personal data.

    A user who has not signed in for two years with his or her username is deemed to have terminated the user account. In that case, we will remove the information provided by the user in the user database and delete the username, after which no one, not even the user himself or herself, can reactivate the user account or restore the data. Information observed and derived from the use of services is converted to a format in which an individual is no longer recognisable.

    Please note that some of our services may include public, interactive, and communicative features, such as comment sections or forums, and your nickname and content may also be visible after you remove your registered user account or the user relationship is terminated. If you do not want to be identified by your username and/or your comments, please pay attention to their content.

    11. What are your rights?

    Right of access
    Envera provides you with access to information concerning the personal data about you. You can contact us and request us to disclose what personal data about you we process and on what grounds. If your previous request for information was made less than 12 months ago, we may require payment for carrying out the requested measures.

    Right to rectification
    You also have the right to have incorrect, inaccurate, incomplete, obsolete or unnecessary information rectified or completed by contacting us.

    Right to erasure
    You can also request us to erase your personal data in our systems. We will comply with your request unless we have a legitimate reason not to erase the data, for example, to meet our legal obligations. Data may not be removed instantly from all our backup or other similar systems.

    Right to object
    You may also request restrictions on the processing of your personal data if the data is processed for purposes other than the performance of our service or the fulfillment of the obligation arising out of the law. You may also object to the processing of your personal data in the future, even if the processing were based on your prior consent. Objecting to the processing of personal data may lead to more limited access to our website and our services.

    Right to restriction of processing
    You can request us to restrict the processing of your personal data. Using your right to restriction of processing of data may lead to more limited access to our website and our services.

    Right to data portability
    You have the right to receive your personal data from us in a structured and commonly used format so that you can transmit the data to another controller.

    You can use your rights by sending an email to office(at)envera.fi or by contacting us at the addresses above. As a rule, the request should be sent from the email address registered in Envera’s digital service user database and the response to the request will be sent to that email address.

    In addition to the above-mentioned rights and other rights, you also have the legal right to lodge a complaint with a supervisory authority, especially in the Member State where you have a habitual residence or place of work or where the alleged violation of the Personal Data Regulation has occurred. In Finland, that supervisory authority is the Data Protection Ombudsman.

    12. Changes to this data protection statement

    Envera may from time to time make changes to this data protection statement at any time without prior notice. However, if this data protection statement is substantially changed, we will notify all registered users on their registered email addresses.