Privacy Policy


Latest update: 10th of July, 2023

Your privacy is important to us, and we are committed to protecting the personal information that you may provide to us. This privacy statement explains what information we may collect about you, if you browse our website and use the freely accessible service, or if you would like to learn more about our services, future development or other similar matters, and in connection you provide us with your contact details.

This privacy statement is prepared by Vainu. io Software Oy with business ID 2557864-2 (“Vainu“) regarding the collection of data related to websites and (and any of its sub-sites), blogs, events arranged by Vainu. io Software Oy or its subsidiaries, and to other marketing purposes. All subsidiaries of Vainu Corporation also apply the principles and policies described herein.

The purpose of this statement is to provide information to i) website visitors and ii) subscribers of newsletters, blogs and other materials iii) prospective customers about what information may be collected and how the information is used. By using our website and/or if you submit your personal data to Vainu, your personal data may be processed as explained in this data privacy statement. This privacy statement also explains your rights concerning the personal data that we process in connection with the above-mentioned activities.

By using our website, you may be asked to provide us with your e-mail address if you are interested in our service, so that we may be in contact with you. By contacting you, we may provide you with more information about our service, provide you with instructions about trying our service in a demo session, answer any questions that you may have or in general provide you with relevant updates concerning the development of our service and other interesting details about current updates.

If you would just like to receive relevant updates, you may subscribe for our newsletter and blog updates, and ask for a demo session later, if you and/or your organization think that Vainu’s service would be useful to your organization.

After you have provided us with your contact details, you may at any time change your mind and use the unsubscribe button at the bottom of each email that you receive from us. After this, you will not receive any more relevant updates from Vainu.

Vainu will only use your contact details in accordance with this Privacy Policy, which may be found in full below. We will not use your e-mail address for direct marketing purposes without your explicit consent, or sell your contact details to any third parties.

1. Name of the register

The name of the personal data register is Contact Register of Vainu (“hereinafter Register”). Data subjects of the Register are the users of Vainu’s website and the subscribers of newsletters and/or other materials through Vainu’s website, product presentation or by other identifiable means.

2. Controller

Vainu. io Software Oy
Siltasaarenkatu 8-10
FI-00530 Helsinki

3. Contact Information
Siltasaarenkatu 8-10
FI-00530 Helsinki

Data Privacy Officer:

Sami Kekäläinen
Siltasaarenkatu 8-10
00530 Helsinki

4. Purpose and legal basis of processing personal data

When using the site, some personal data that can be connected to an individual person may be collected and processed. The legal basis for processing personal data is Vainu’s legitimate interest and/or consent provided by an individual, when providing his/her personal data in connection with a subscription of blog posts, newsletters or other materials at our website, product presentation or by other identifiable means. Data subject has the right to withdraw his or her consent at any time in an easy way, for example by using the unsubscribe link at the bottom of each email that is sent to data subjects and following the simple instructions on the unsubscription page.

Processing of personal data will be limited to what is justifiable to provide our website users with an improved experience when browsing at our website, and to what is deemed necessary for Vainu in carrying out its business and improving its services, provided that these interests are not outweighed by the data subjects rights and interests.

If a data subject has provided personal data with his/her consent, they are referred to in this statement as a “Participant”. Participant means a person, who fills in forms of Vainu or otherwise registers or attends to any of the seminars, meetings or events. With Participant is also meant any other person, who submits his/hers information for contact purposes to Vainu for example through Vainu's website, online chat, by e-mail or any other way.

Personal data of the Contact register may be processed for the following purposes:

- sending monthly newsletters and daily blog notifications,
- registration to the events of Vainu and provide information regarding the events,
- direct marketing, if the Participant has given consent;
- operational management, administration, analysis, categorization and development of the participant data,
- improve and develop Vainu’s services and products,
- statistical analyses,
- development and reporting related to the business operations, and
- fulfill the obligations based on the law and orders of the authorities.

5. Regular sources of Personal Data

Vainu collects personal data primarily from the Participants, from Vainu’s customer database and through cookies.

6. Content of Personal Data in the Register

If the Participant decides to provide Vainu his/her personal information, Vainu collects the information the Participant provides by filling in forms or contacting us. This includes information needed to fulfill the necessary actions regarding newsletter subscriptions, content downloads, registration to events and webinars, informing participants and marketing objectives. To improve services Vainu may ask Participant to provide us with additional information about Participant such as professional interests, experiences with Vainu as well as more detailed contact preferences. When you provide Vainu with any personal information you consent to us collecting and using that information according to this policy.

The Register may contain the following personal data:

- Basic information (name, title, position, profession, country),
- Contact information (phone, e-mail address),
- The Company/Organisation represented and its technology stack,
- Chat or meeting discussions, and
- Participant’s activity (submission of reviews, information on received/opened e-mails from Vainu)

7. Use of cookies and related technology

With the cookies, Vainu can collect information about Participant’s usage of the internet and online service in general. With this information, we can improve our website and the services to meet the needs of the Participant such as offering services targeted more accurately to Participant’s liking, e.g. by saving your favorites and by identifying you every time you return to our site. Cookies may be disabled from Participant’s browser. Please note that disabling cookies can prevent you from using some content/services on our website.

Vainu may use other technologies or third-party analytical software to collect and use certain non-personal data that does not enable Vainu to identify the person. Vainu may use such non-personal data for purposes of analyzing usage of the websites and services, and managing, providing, and further developing the websites and services.

Non-personal data may include general, aggregated or demographic information. It will not be linked to any personal information, through cookies or other means, without the person’s consent. This type of anonymous, aggregated profiling and session data may include information that the person has provided to Vainu through the use of the websites, services or products, or taking a part in surveys, polls, etc. However, it will not be tied to any personal information, without the person’s consent.

8. Transfers and handling of Information

The data that Vainu collects from Participant may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers (e.g. if our service provider or supplier is located outside EEA). The information may also be disclosed to a third party during a negotiation of any merger or acquisition and the receiving party has undertaken to follow non-disclosure liabilities with respect to the disclosed information. Only necessary personal data is shared with these third parties.

Vainu will only disclose personal data based on a contract to third parties operating outside EU/EAA, which have taken steps to ensure that adequate data protection arrangements are in place in accordance with the data protection regulation. These may include, but are not limited to, Data Protection Agreements or standard contractual clauses provided by the European Commission.

Personal Data may be disclosed to authorities in cases required by the mandatory local legislation or court order. Data may also be disclosed if the disclosure is permitted by applicable law, regulation or agreement or consented by the Participant.

9. Retention of Personal Data

Personal data will be stored only as long as and only to the extent that is necessary in relation to the initial and compatible purposes of processing. When such requirements no longer exist, personal data will be deleted. The requirements is deemed to exist during the period that the Participant receives emails or other materials from Vainu based on consent. If the data subject has unsubscribed from receiving any communication from Vainu and there is no other legal basis for processing, personal data will be stored for a limited amount of time, should the Participant wish to re-subscribe to receive information from Vainu. Vainu will keep up-to-date internal policies regarding the erasure of such personal data from the Register.

In any event, the personal data is stored in accordance with possible applicable lawful storing period.

Vainu evaluates the need to store personal data regularly. In addition, Vainu performs all possible reasonable measures to ensure that any inaccurate, incorrect or outdated personal data will be deleted or corrected without delay.

10. Data Protection Principles

The information security of personal data and processing and confidentiality, integrity, and usability are ensured with appropriate technical and administrative measures in accordance with Vainu's information security principles.

The vast majority of Vainu’s personal data is in electronic form. In case there are physical documents containing personal data, such documentation is destroyed immediately. The servers used by Vainu are protected by appropriate firewalls and technical security.

All databases and information systems are accessible only with individual and personal login information (username and password) granted by Vainu. The rights to access the database are restricted so that the information can only be viewed and processed by persons who are legally admitted and required to do so.

The employees of Vainu have bound themselves to comply with professional secrecy and concealment regarding the information they receive during the processing of personal information. Privacy and security guidelines have been communicated to employees and Vainu shall strictly enforce privacy safeguards within the company.

11. Rights of the Data Subject

Data Subjects have the following rights concerning the information that has been recorded into the Register.

Information and access to personal data

Data subject has right to receive information; what data is being collected, the purposes of the processing for which the personal data are intended as well as the legal basis for the processing and the recipients or categories of recipients of the personal data, if any.

Right of access by the data subject

Data subject has the right to obtain from Vainu confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data. If a request is made by the data subject, Vainu will provide a copy of the personal data undergoing processing. Obtaining a copy of personal data shall not adversely affect the rights and freedoms of others.

Right to rectification

Data subject shall have the right to obtain from Vainu, without undue delay, the rectification of inaccurate personal data concerning him or her.

Taking into account the purposes of the processing, data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement. In case there are changes in personal data recorded in the Register, the data subject must notify such changes to Vainu. In addition, Vainu is responsible for ratifying data it recognizes to be erroneous itself without delay.

Data used for direct marketing

Data subject has the right to object processing, to the extent that it is related to direct marketing, whether with regard to initial or further processing, at any time and free of charge.

Vainu shall communicate any rectification or erasure of personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. Vainu will inform data subject about those recipients if data subject requests it.

Right to erasure

Data subject has the right to request the erasure of personal data in the Register, if the legal basis for the processing of personal data has ceased. Despite the request for erasure, the data may not be erased if Vainu is obliged to process personal data for the establishment, exercise or defense of legal claims.

Right to data portability

Data subjects have the right to receive personal data concerning him or her, which he or she has provided to Vainu, in a structured, commonly used and machine-readable format and it is deemed technically appropriate and not disproportionate for Vainu, the right to transmit the data to another controller.

Contact details for requests

All requests concerning the exercise of data subjects’ rights may be submitted primarily to the following address

Request for access to personal data (Article 15), request for rectification (Article 16), and request for restriction of processing (Article 18) may, in addition, be delivered to Data Privacy Officer.

You may also lodge a complaint to the supervisory authority if you consider that the processing of personal data violates the relevant data protection legislation in force. The national supervisory authority in Finland is Data Protection Ombudsman (

12. Changes to privacy statement

Vainu has the right to change or update this privacy statement at any time. We recommend that you will read the privacy statement from time to time.