PRIVACY POLICY

Privacy policy

Privacy Policy

Effective date: 13.11.2025
Last updated: 13.11.2025

Elmery Oy (“Elmery”, “we”, “our”, “us”) is committed to protecting your privacy and ensuring that your personal data is handled in a safe, transparent, and lawful manner in accordance with the EU General Data Protection Regulation (GDPR) and applicable national laws.

This Privacy Policy explains what personal data we collect through our website [elmery.fi], why we collect it, how we use it, and what rights you have.

1. Data Controller

Elmery Oy
Business ID: 3284697-5
Address: Kivihaantie 7, 00310 Helsinki, Finland
Email: info@elmery.fi

If you have any questions about how we process your data, please contact us at privacy@elmery.fi.

2. What Data We Collect

We collect personal data that you voluntarily provide when interacting with our website, such as:

  • Contact forms – name, company, title, email address, phone number, and any message content.
  • Newsletter subscriptions – name, email address, and consent to receive updates.
  • Event or demo registrations – contact details and company information.
  • Recruitment applications – CVs, cover letters, and other information you choose to share.
  • Technical data – browser type, device, IP address, time zone, and website usage statistics collected through cookies or analytics tools.

We collect only the data necessary for the stated purposes.

3. Why We Collect Data

We process personal data for the following purposes:

  1. To respond to inquiries and provide requested information (e.g. technical or commercial requests).
  2. To manage partnerships and business relationships.
  3. To send newsletters or updates to users who have subscribed and given consent.
  4. To evaluate job applications and manage recruitment processes.
  5. To maintain and improve our website’s functionality, security, and user experience.
  6. To comply with legal obligations or respond to lawful requests from authorities.

We will never sell your data to third parties.

4. Legal Basis for Processing

Elmery processes personal data on one or more of the following legal bases under the GDPR:

  • Consent (Art. 6(1)(a))Consent (Art. 6.1.a):
    When you agree to the use of cookies or similar technologies for website analytics, improving content and personalization.
    In recruitment processes, if we need to obtain information about you from sources other than yourself—such as references from previous employers or verification from educational institutions—we will do so only where appropriate and in line with applicable data protection laws. We will also inform you about such requests where required.
  • Legitimate interest (Art. 6(1)(f)):
    When we send newsletters or updates to existing customers or business contacts who have an established relationship with us.
    When we manage partnerships and business relationships (including communication and coordination).
    For ensuring IT security and basic website functionality.
  • Contractual necessity (Art. 6(1)(b)):
    When responding to inquiries or providing requested information that is directly related to a potential or existing contractual relationship.
  • Legal obligation (Art. 6(1)(c)):
    When processing is necessary to comply with applicable laws or respond to lawful requests from authorities.
  • Recruitment (Art. 6(1)(b) and Art. 6(1)(f)):
    When evaluating job applications and managing recruitment processes.

You can withdraw consent at any time by contacting us at privacy@elmery.fi.

5. How We Store and Protect Data

We primarily store data on secure servers within the European Economic Area (EEA) and apply appropriate technical and organisational measures to protect it from unauthorised access, alteration, disclosure, or destruction.
Access to personal data is restricted to Elmery employees and trusted service providers who need it to perform their duties and who are bound by confidentiality obligations.

6. Sharing and International Transfers

We may share personal data only with:

  • Service providers and partners who support our operations (e.g. website hosting, analytics, marketing automation, recruitment systems).
  • Authorities if required by law.

If data is transferred outside the EEA, Elmery ensures appropriate safeguards such as EU Standard Contractual Clauses, adequacy decisions by the European Commission, or other lawful transfer mechanisms.

7. Data Retention

We keep personal data only as long as necessary for the purposes for which it was collected or to comply with legal requirements.
Retention periods vary by context:

  • Contact and inquiry data: up to 24 months after last interaction.
  • Newsletter data: until you unsubscribe.
  • Recruitment data: normally 6 months after the process ends, unless longer retention is legally required or consented to.
  • Technical logs: typically 12 months.

After that, data is securely deleted or anonymised.

8. Cookies and Analytics

Elmery uses cookies and similar technologies to ensure the website functions properly and to analyse its use.
Cookies may collect anonymous data about:

  • page visits and navigation patterns
  • time spent on the site
  • device, browser, and location (approximate)

You can manage or disable cookies through your browser settings at any time.
We may use trusted analytics tools such as Google Analytics or HubSpot with IP anonymisation enabled.

For details, see our Cookie Policy (linked in the footer).

9. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Access: request a copy of the data we hold about you.
  • Rectification: correct inaccurate or incomplete data.
  • Erasure: request deletion of your data (“right to be forgotten”).
  • Restriction: limit processing under certain circumstances.
  • Data portability: request transfer of your data to another controller.
  • Objection: object to processing based on legitimate interests or direct marketing.
  • Withdraw consent: at any time, without affecting prior lawful processing.

To exercise these rights, contact privacy@elmery.fi.
If you believe we have mishandled your data, you can lodge a complaint with the Finnish Data Protection Ombudsman (tietosuoja.fi).

10. Updates to This Policy

We may update this Privacy Policy from time to time.
The latest version will always be available on this page, with the date of the most recent update clearly shown.

Contact:
Elmery Oy
Email: privacy@elmery.fi
Website: elmery.fi

Contact us