This Privacy Policy (hereinafter “Policy”) informs you why Exove Oy collects, uses or shares your personal data in connection with website and for the Services provided, including consulting, design, development, care and maintenance of digital tools (“Services”). Please read this Privacy Policy carefully before you start using the Service.


The data controller in accordance with the applicable data protection law is Exove Oy (hereinafter together “Exove”, “we”, “us” or “our”). Exove is responsible for ensuring that your personal data is processed in compliance with this Policy and applicable data protection laws.

Contact details of the data controller:

Exove Oy
Business ID: 2040509-9
Address: Itämerenkatu 1, 00180 Helsinki
Phone: +358 9 3158 9020

Contact details of the privacy manager:

Kalle Varisvirta, CTO
Address: Itämerenkatu 1, 00180 Helsinki
Phone: +358 9 3158 9020


We may collect your personal data through different means, which are explained below. As a rule, the personal data processed by us is provided by you upon registration and/or when using the Services. The personal data we collect includes e.g. the following categories of data:

Name, title and role in the company presented;

Contact details, such as email address and phone number;

Information relating to client relationship, such as billing information;

Social media contact details to services such as Twitter, LinkedIn and Skype; and

Client interaction, client contacts and replies, including requests/queries through ticketing system.

We may also collect technical data on the use of the Services, which may be associated with you. The technical data we collect includes e.g. the following categories of data:

IP addresses, time stamps and log data relating to the use of the Services; and

Device ID, device type, operating system used and application settings.


We process personal data for the following purposes:

1. Service provision and managing your client relationship

The primary purpose of collecting personal data is to provide the Services and to manage and maintain the client relationship between us and you/the company you represent. In this case, our processing of personal data is based on the contract between you/the company you represent and us.

2. Marketing

We may send you emails to inform you about new features of the Services, ask you for feedback, or provide you other relevant information about our services. In this respect, processing of personal data is based on our legitimate interest to provide you relevant information as part of the Services and to promote the Services to you. You may object to marketing communications at any time (please see section 8 of this Policy).

3. Service development and information security

We also process personal data to ensure the security of the Services, to improve the quality of the Services and to develop new features to the Services. In these cases, the processing of personal data is our legitimate interest to ensure that our Services has an adequate level of data security, and that we have sufficient and relevant information at hand to develop our Services.


We may disclose your personal data within the Punamusta Media Oyj group. Your personal data may also be processed by another Punamusta Media Oyj group entity on behalf of us. We base this processing on our legitimate interest to transmit personal data within the Punamusta Media Oyj group for internal reporting, group sales and group marketing. Punamusta Media Oyj acts as the controller for the information we disclose. You can find Punamusta Media Oyj’s privacy policy here.

We may disclose personal data to third parties:

when permitted or required by law, e.g. to comply with requests by competent authorities or related to legal proceedings;

when our trusted services providers provide services to us on behalf of us and under our instructions. We will control and be responsible for the use of your personal data at all times;

if we are involved in a merger, acquisition, or sale of all or a portion of our assets; and

when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.


Some of our services and subcontractors transfer personal data from EU/EEA to non-EU/EEA countries. In such transfers we make use of either standard contractual data protection clauses (SCCs) or the EU-U.S. Data Privacy Framework, which have been approved by the European Commission to provide adequate data protection for processing personal data of European Union nationals.


We also use cookies and other similar techniques on our website at and other web based tools. Cookies are small text files placed on your device to collect and remember useful information, to increase the functionality of our website and to make it easier to use. We may also use cookies and other similar techniques for statistical purposes to compile anonymous, aggregated statistics thereof, concerning e.g. the use of the website, allowing us to understand how users use the website and improve user experience.

You can set your web browser not to accept cookies, limit the use of cookies or remove cookies from the browser. However, as cookies are an important part of how our website works, limiting the use of cookies may affect the functionality of the website.

To learn more about how we use cookies, please see our cookie policy:

We use Matomo Analytics tracking to measure, collect and analyse visitor data in order to better understand the performance of our website. If you wish us to not process any personal data with Matomo, you can opt-out from it at any time. To opt-out, please uncheck the box below:



Your personal data will be retained only for as long as necessary to fulfill the purposes defined in this Policy.

Most of your personal data will be retained during the course of your client relationship with Exove Oy. Some personal data might be retained after your client relationship with us has ended, if required or allowed by applicable laws. When your personal data is no longer required by law or rights or obligations by either party, we will delete your personal data.


You have a right to access personal data we process about you. You may access, correct, update, change or remove your personal data at any time. However, please note that certain information is strictly necessary in order to fulfil the purposes defined in this Policy and may also be required by law. Thus, you may not remove such personal data.
You have a right to object for certain processing. To the extent required by applicable data protection law, you have a right to restrict data processing.
You have a right to data portability, i.e. right to receive your personal data in a structured, commonly used machine-readable format and transmit your personal data to another data controller, to the extent required by applicable law.

Please send above-mentioned requests to us at

If you think there is a problem with the way we are handling your personal data, you have a right to file in a complaint to your national data protection authority in the EU/EEA. In Finland, that is Tietosuojavaltuutetun toimisto. You can find contact details of Tietosuojavaltuutetun toimisto here:


We maintain reasonable security measures (including physical, electronic, and administrative) to protect personal data from loss, destruction, misuse, and unauthorized access or disclosure. For example, we limit access to personal data to authorized employees and contractors who need to know the information in the course of their work tasks.
Please be aware that, although we endeavour to provide reasonable security measures for personal data, no security system can prevent all potential security breaches.


We may change this Policy from time to time. If we make any changes to this Policy, we will let you know it on our website at, where you will also find the latest version of this Policy.


If you have any questions regarding this Policy or the personal data we process about you, please contact us at