Privacy Policy

A beautiful Finnish sunset over a body of water.

Privacy Policy for Avrea Website and Services

Avrea Ltd (later, Avrea or we) respects your privacy and is committed to protecting your personal data. This Privacy Policyr for our website and services (“Privacy Policy”) will inform you as to how we process your personal data either on our website or within our services.

If you subscribe to our services as a consumer customer, we are the controller for all processing of personal data described in this policy unless expressly stated otherwise. If, however, we provide our service to an organisation on whose behalf you act, that organisation is the controller and we do not act as the controller in respect of the provision of the service itself, but only in relation to the analysis, development and marketing of the service, to the extent that you have given your consent to such processing.

The Privacy Policy does not address, and we are not responsible for, the privacy practices of any third parties. We disclaim all responsibility for the processing carried out by third parties, also in cases where our website or services include hyperlinks or other links to third-party content. Privacy and security are important for us, and we process all personal data with due care and in accordance with applicable laws and regulations.

  1. WHO IS DATA CONTROLLER?
  2. WHAT ARE COOKIES?
  3. WHAT COOKIES DO WE USE AND WHAT INFORMATION DO THE COOKIES WE USE COLLECT?
  4. WHICH THIRD PARTIES DO WE USE?
  5. INFORMATION WE COLLECT AND HOW WE COLLECT IT
  6. THE PURPOSES AND THE LEGAL BASIS
  7. SHARING OF INFORMATION COLLECTED
  8. WHERE DO WE STORE YOUR PERSONAL DATA?
  9. DATA RETENTION
  10. HOW TO EXERCISE YOUR DATA PROTECTION RIGHTS?
  11. CHANGES TO THIS PRIVACY POLICY

1. WHO IS DATA CONTROLLER?

The data controller for the processing described in this policy is:

  • Avrea Ltd

If you have questions regarding this privacy policy, please contact us by emailing legal@avrea.com.

2. INFORMATION WE COLLECT AND HOW WE COLLECT IT

In the following, we will tell you which types of personal data we may collect about you and how we collect it. In section 3, we have in a table explained the purposes for which we process your personal data and the lawful bases we rely on.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

A. Identity Data includes your first name and last name, and user id.

B. Contact Data includes your email or other online contact information, telephone number and address.

C. Consent data includes data on consents you have given for cookies or electronic marketing.

D. Technical Data includes your IP address, browser type and version, operating system and computer platform, preferred language and your other preferences.

E. Behavioural Data includes data on areas of our website and services you have visited, data on necessary cookies.

F. Cookie data includes data on non-necessary cookies. We need your consent for processing these cookies. Please see more specific descriptions of the cookies we use in our cookie policy.

The identity (A), contact (B), and consent (C) data are provided directly by you through the website and our services. The technical (D), behaviour (E), and cookie (F) data are collected directly from your use of our website and interaction within our services.

3. THE PURPOSES AND THE LAWFUL BASIS

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  1. Where you have given your consent cf. GDPR Article 6 (1) (a).
  2. To take steps prior to enter into a contract at your request or to perform a contract with you cf. Article 6(1)(b) GDPR.
  3. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests cf. GDPR Article 6 (1) (f).

We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To operate our website including keeping our site safe and secure and offering you information on our services as well as to offer you the possibility to:
  • contact us and give feedback
  • sign up and sign into our services
 (A) Identity
(B) Contact
(D) Technical 		We have a legitimate interest to maintain our website and use necessary cookies to provide you the experience you explicitly request.
To provide you with our services
We may process your personal data to carry out our obligations arising from any contracts entered into between you (or your organisation) and us and to provide you with the services that you request from us. 		(A) Identity
(B) Contact 		When you are our customer, processing is necessary to enter into or for the performance of a contract with you.

When your organisation is our customer, we have a legitimate interest to provide our customers with the services.
For quality improvement and trend analysis
We may process your personal data to improve our website and services to ensure that content is presented in the most effective manner for you and for your terminal device. 		(D) Technical
(E) Behaviour
(F) Cookie 		With your consent.
For statistical and analytical purposes
We may gather your personal data and anonymous and aggregate data to generate reports and statistics and to learn how users are using our website and services. 		(D) Technical
(E) Behaviour
(F) Cookie 		With your consent.
Direct marketing
We may process personal data for the purposes of direct marketing, such as sending of newsletters or similar marketing material. Users can unsubscribe from receiving such material at any time. 		(A) Identity
(B) Contact
(C) Consent 		Your consent for receiving direct marketing.
Direct marketing for customers
We may provide you with information about other goods and services we offer that are similar to those that you have already purchased. We may also provide our customer companies with other information about the goods and services we offer. 		(A) Identity
(B) Contact 		We have a legitimate interest to offer our products to you.


4. SHARING OF INFORMATION COLLECTED

We do not disclose personal data with third parties outside of our organisation unless one of the following circumstances applies:

  • when required by law we may disclose your personal data to public authorities such as tax authorities, and law enforcement authorities
  • we may assign your personal data, to any person or entity that acquires all or a substantial part of our business, stock or assets, or with whom we merge.
  • when it is necessary for the purposes listed in section 3
  • when we have your explicit consent for sharing the data outside our organisation for other reasons than those mentioned above.
  • when we believe in good faith that disclosure is necessary to establish or exercise our legal rights or defend against legal claims, protect your safety or the safety of others, investigate fraud, or respond to a government request.

We may share your personal data with our service providers for the specified purposes described in section 3. We may also share or provide access to information, including personal data, with our trusted third-party service providers that we use to provide services to us and that process personal data on our behalf and under our instruction. These third-party service providers may have access to or process your personal data for the purpose of providing these services for us. We do not permit our third-party service providers to use the personal data that we share with them for any other purpose than in connection with the services they provide to us.

In respect of our website, these third-party service providers may include advertising service providers; customer relationship management and marketing automation service providers; analytics service providers; website hosting service providers; and customer support service providers.

Within our other services, data may be accessed by third-party service providers such as analytics service providers and customer support service providers.

We have entered into data processor agreements with our data processors. More information about the third-party service providers processing personal data on our behalf is available here.

5. WHERE DO WE STORE YOUR PERSONAL DATA?

The data that we collect from you may be transferred to and stored at a destination outside the European Economic Area (“EEA”). In order to ensure that your personal data receive an adequate level of protection, we have ascertained that sufficient safety measures have been implemented to allow for the transfer, which give personal data essentially equivalent protection as it has in the EEA.

All information you provide to us is stored on our secure servers. However, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website or services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

More information about our data processors established outside the EEA and the safety measures in place to allow for the transfer of personal data can be found here.

6. DATA RETENTION

We do not store personal data longer than is legally permitted and necessary for the purposes of providing the services or the relevant parts thereof. The storage period depends on the nature of the information and the purposes of processing.

Retention times per data group:

Identity Data

2 years after last interaction

Contact Data

2 years after last interaction

Consent Data

Until consent is withdrawn, but max. 3 years.

Technical Data

1 year after last interaction

Behaviour Data

1 year after collection

Cookie Data

We use both session-specific cookies and persistent cookies. You can find the retention times of all cookies in our cookie policy.

  • Session-specific cookies are stored in the memory for the duration of the session and are deleted when the user has closed the browser.
  • Permanent cookies are stored on the hard drive of the user's computer and are kept for a certain period or until the user deletes the cookies.

7. HOW TO EXERCISE YOUR DATA PROTECTION RIGHTS

You have certain options available to you when it comes to your personal data. Below is a summary of those options and how to exercise them. Please note that some of these options are legal basis -specific, meaning that they can only be used when personal data processing is based on a specific legal basis.

Under certain circumstances, you have the right to:

  • Request to know whether we process your personal data
  • Request to access your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal data to another party (also known as data portability). Please note that you do not have this right when processing is based on legitimate interest.
  • Where our processing is solely based on your specific consent you have the right to withdraw your consent at any time. Such withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

If you wish to exercise any of the data protection rights that are available to you then please email us using the contact information provided under section 1 of this privacy policy and we will action your request in accordance with applicable data protection laws.

You have the right to complain to your local data protection authority if you are unhappy with our data protection practices. In Finland you can lodge a complaint with the Office of the Data Protection Ombudsman at Notification to the Data Protection Ombudsman.

8. CHANGES TO THIS PRIVACY POLICY

This Privacy Policy may be updated from time to time to reflect changing legal, regulatory, or operational requirements. We encourage you to periodically consult our Privacy Policy for the latest information on our privacy practices.

Your next build can already be a fast one.

Start shipping with Avrea.

Try it for free
Talk to an engineer
Go to home page
© 2026 Avrea Ltd
  • iso certification
avrea capybara walking in a fieldavrea capybara walking in a fieldavrea capybara walking in a field