Privacy policy of Gate Apps services
Our software runs as B2B SaaS environment and each tenant / instance of the software is owned and managed by our customers. That is, the data processor is always the customer and alterations on this privacy policy may vary based on the customer instance configuration.
Effective Date: 1.9.2024
Last Updated: 11.10.2024
Gate Apps Oy (“we,” “us,” or “our”) is committed to protecting the privacy and security of personal data provided by users of our services. This Privacy Policy explains how we collect, use, and protect your personal data when you use our software and services. By using our services, you agree to the collection and use of information in accordance with this policy.
1 Information We Collect
We may collect various types of information from or about users of our services, including:
1.1 Personal Data
This refers to any information that can be used to identify an individual. Our customers act as the data controller and Gate Apps only acts as the data processor. By default, the application collects the following information for our clients (data controllers). The specification may vary depending on the client configuration and more detail can be obtained from the data controller.
| Information collected | Users | Permit receivers | Usage |
| First name, last name | x | x | User/receiver identification |
| Phone number | x | x | communication |
| e-mail address | x | x | User id, communication |
| Company name | x | x | User/receiver identification |
| Previous login date | x | Service quality and management | |
| Certifications/trainings identification + expiry date | x | The qualification/permission to write/receive the permit | |
| User role within the system | x | Access control and authorization | |
| Roles of person within the permits | x | Service purpose | |
| Communication logs | Service quality and management |
1.2 Usage Data
When you use our services, we may automatically collect information on how the services are accessed and used. This includes:
- Log Data (e.g., device type, browser type, operating system, and IP address)
- Cookies and Tracking Technologies (e.g., session data, login information, time spent on services)
- Interactions with Our Software (e.g., features accessed, error reports, and crash data)
1.3 Data from Third-Party Services
If you integrate third-party services with our platform (such as Google, Microsoft, or other tools), we may collect and process information shared by these services, according to their privacy policies.
2 How We Use the Information
We use the data collected for the following purposes:
2.1 Providing Services
- To authenticate users and grant access to our platform.
- To deliver and maintain our services, including feature updates and bug fixes.
- To process payments and manage billing.
2.2 Service Improvement
- To analyze usage data to improve and optimize our software.
- To enhance user experience by personalizing features based on usage patterns.
- To develop new features and services.
2.3 Communication
- To respond to user inquiries, provide technical support, and send important service-related notifications.
- To send marketing emails or newsletters with your consent, which you can opt out of at any time.
2.4 Security
- To detect, prevent, and mitigate security breaches or fraud.
- To protect the integrity of our software, data, and infrastructure.
3 Legal Basis for Processing Personal Data
We collect and process personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR). The legal bases for processing your data include:
- Performance of a Contract: Data is necessary to provide the services you’ve requested.
- Legitimate Interest: Data is processed to maintain and improve our services, ensure security, and prevent fraud.
- Legal Obligation: Data may be processed to comply with legal or regulatory obligations.
- Consent: In cases where consent is required (e.g., for marketing communications), we will seek explicit permission.
4 Data Retention
We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Retention periods are determined based on:
- The duration of your use of our services.
- The configuration in the service on scheduled or rule-based data retention
- Our need to comply with legal and regulatory requirements.
- Our need to resolve disputes and enforce agreements.
After the retention period, we securely delete or anonymize your personal data.
5 Sharing and Disclosure of Data
Gate Apps Oy does not sell or rent personal data. However, we may share data with third parties in the following cases:
5.1 Service Providers
We may engage trusted third-party vendors to perform tasks on our behalf, such as payment processing, data storage, and analytics. These vendors are contractually obligated to use your data solely for the services we’ve requested.
5.2 Legal Requirements
We may disclose personal data if required to do so by law or in response to valid legal requests (e.g., subpoenas, court orders).
5.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity as part of the transaction.
5.4 Consent
We may share your information with third parties when you provide explicit consent for such sharing.
6 Data Security
We implement industry-standard security measures to protect your personal data, including:
- Encryption: Personal data is encrypted both in transit and at rest.
- Access Control: We limit access to your personal data to authorized personnel only.
- Regular Audits: We conduct regular security audits and vulnerability assessments to ensure the ongoing security of our systems.
While we strive to protect your data, no method of electronic transmission or storage is 100% secure, and we cannot guarantee its absolute security.
7 Your Rights
Under applicable data protection laws, you have the following rights regarding your personal data:
7.1 Right to Access
You have the right to request a copy of the personal data we hold about you.
7.2 Right to Rectification
You can request that we correct any inaccurate or incomplete personal data.
7.3 Right to Erasure
You can request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected.
7.4 Right to Object
You can object to the processing of your personal data under certain circumstances, such as for direct marketing purposes.
7.5 Right to Data Portability
You can request that we transfer your personal data to another organization, where technically feasible.
7.6 Right to Withdraw Consent
Where processing is based on consent, you can withdraw your consent at any time.
To exercise any of these rights, please contact us at [insert contact email].
8 Cookies and Tracking Technologies
Gate Apps Oy uses cookies and other tracking technologies to enhance user experience, analyze service usage, and personalize content. You can manage your cookie preferences through your browser settings. Note that disabling cookies may affect your ability to access certain features of our services.
9 International Data Transfers
Gate Apps Oy operates globally, and your personal data may be transferred to and processed in countries other than your country of residence. We take appropriate steps to ensure that data transfers comply with applicable privacy laws, including the use of standard contractual clauses.
10 Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal or regulatory reasons. We will notify users of significant changes by posting the new policy on our website and updating the “Effective Date.” Your continued use of our services following the posting of changes constitutes your acceptance of those changes.
11 Contact Us
If you have any questions about this Privacy Policy or your data, please contact us at:
Gate Apps Oy
Address: Länsituuli 1 A 236, 02100 Espoo, Finland
Email: privacy@gate-apps.com