Data Protection Statement
1. NAME OF REGISTER
Name: AQVA.IO Oy
Address: Yrjönkatu 10, 28100 Pori, Finland
Other contact details: +358 40 564 1756
3. Contact person in matters related to the register
Name: Kalle Sandelin, CEO
Address: Yrjönkatu 10, 28100 Pori, Finland
Other contact details: kalle(at)aqva.io, +358 40 564 1756
4. Purpose of processing personal data
Personal data is collected and processed to enable AQVA to serve its
customers who acquire equipment and/or services from AQVA.
Data is processed in order to identify users of AQVA’s digital services and
to ensure that the right people are using the services and only access the
services they are entitled to use and only see the data they are entitled to
Data may also be used for the implementation of AQVA’s digital services,
for customer service, and for service-related communications to users.
The legal grounds of processing are: customer relationship management,
fulfilling legal obligations and our legitimate interests. For the processing
of some personal data we may also request the data subject’s consent.
5. Data contents of the register
For service users:
– first name and surname,
– telephone number,
– usage role (admin or monitor user),
-information on the company, its apartments, the property manager
and maintenance company,
– invoicing details like name, address, meter number, number of the
place of use, consumption,
– information indicating acceptance of terms and conditions (EULA),
– IP address collected automatically for debugging purposes,
– water consumption usage and history
For API users:
– API interface usage and requests including IP address and API commands,
Information concerning customer communications, marketing and other
– mailing lists (such as the customer magazine, newsletter and
– interests of the contact person and other information provided by
the contact person themselves
Information on the customer relationship, contracts, orders and deliveries,
– quotes, orders, contracts, billing, complaints, feedback and other
contact history with the customer
-purchased products and services and the reasons for their purchase
– details of the seller/buyer
6. Regular sources of data
– Data is collected from users of AQVA’s digital services and from
customer organisations, as well as automatically when services are
– Information collected by AQVA from sales, deliveries and other
management of customer relationships.
– From customer and supplier companies and contact persons
themselves when opening a customer account, subscribing to
customer and product magazines or newsletters or otherwise in
relation to the customer relationship.
– From the company’s website and other public sources, such as the
Finnish Trade Register, other business information registers and
– Data on the use of digital services is collected by LeakLook service
and Google Analytics.
We use various technologies, including cookies, to collect and store
information as you use our service and website. Cookies help us monitor
the total number of visitors to our site as well as the use of our service
improve your user experience by making our service and website easier to
use, e.g. by storing user IDs, passwords and (language) selections. We
also use monitoring and analytics cookies to find out what our users think
about the service we offer.
warn you whenever permission for installing cookies is requested. Please
note that this may affect some of the functionalities of the service. For
more information on cookies and on how to block them, please visit
Our services use Google Analytics and other analytics tools to create
reports on the use of our service in order for us to improve our website
and service. For more information on Google Analytics, please visit
https://www.google.com/analytics. You can disallow the collection of data
by Google Analytics by downloading an add-on for your browser at
8. Regular disclosure of data and transfer of data outside the EU or EEA
necessary for the purposes of this data protection statement. These
partners may include Amazon Web Services (Frankfurt) and 3rd party
management software’s (via API) requested by Customer, companies
performing invoicing and other partners.
In such situations, personal data will be processed in accordance with
current applicable legislation.
We may also use third-party service providers such as providers of
payment services, collection services and analytics services to perform
certain tasks involving the processing of personal data on our behalf.
We may also transfer or disclose personal data to our group companies
and to our business successor as a result of, for example, restructuring,
sale of business, merger, demerger, bankruptcy or liquidation.
Otherwise, we will not sell or disclose your data to third parties. Neither
will we transfer data outside the EEA unless permitted by data protection
If required by applicable law, personal data may also be transferred or
disclosed to the authorities.
9. Data protection principles
AQVA’s databases, in which the data is stored, can only be accessed by
the employees maintaining the databases. This has been ensured by
means of user rights. The user interfaces display only the information that
is needed to accomplish the tasks of each particular user role. The views
and access rights in the user interface are specific to each role or user.
We apply appropriate technical and organisational security measures to
protect personal data against unauthorised access and accidental or
unlawful destruction, alteration, disclosure, transfer or other illegal
10. Data retention
only for as long as is necessary for the purposes specified in this data
protection statement. Once the basis of the processing of your personal
data has ceased to exist, we will erase your personal data.
A user who has not signed in for two years with his or her username is
deemed to have terminated the user account. In that case, we will remove
the information provided by the user in the user database and delete the
username, after which no one, not even the user himself or herself, can
reactivate the user account or restore the data. Information observed and
derived from the use of services is converted to a format in which an
individual is no longer recognisable.
Please note that some of our services may include public, interactive, and
communicative features, such as comment sections or forums, and your
nickname and content may also be visible after you remove your
registered user account or the user relationship is terminated. If you do
not want to be identified by your username and/or your comments, please
pay attention to their content.
11. What are your rights?
Right of access
AQVA provides you with access to information concerning the personal
data about you. You can contact us and request us to disclose what
personal data about you we process and on what grounds. If your previous
request for information was made less than 12 months ago, we may
require payment for carrying out the requested measures.
Right to rectification
You also have the right to have incorrect, inaccurate, incomplete, obsolete
or unnecessary information rectified or completed by contacting us.
Right to erasure
You can also request us to erase your personal data in our systems. We
will comply with your request unless we have a legitimate reason not to
erase the data, for example, to meet our legal obligations. Data may not
be removed instantly from all our backup or other similar systems.
Right to object
You may also request restrictions on the processing of your personal data
if the data is processed for purposes other than the performance of our
service or the fulfillment of the obligation arising out of the law. You may
also object to the processing of your personal data in the future, even if
the processing were based on your prior consent. Objecting to the
processing of personal data may lead to more limited access to our
website and our services.
Right to restriction of processing
You can request us to restrict the processing of your personal data. Using
your right to restriction of processing of data may lead to more limited
access to our website and our services.
Right to data portability
You have the right to receive your personal data from us in a structured
and commonly used format so that you can transmit the data to another
You can use your rights by sending an email to help(at)aqva.io or by
contacting us at the addresses above. As a rule, the request should be
sent from the email address registered in AQVA’s digital service user
database and the response to the request will be sent to that email
In addition to the above-mentioned rights and other rights, you also have
the legal right to lodge a complaint with a supervisory authority,
especially in the Member State where you have a habitual residence or
place of work or where the alleged violation of the Personal Data
Regulation has occurred. In Finland, that supervisory authority is the Data
12. Changes to this data protection statement
statement at any time without prior notice. However, if this data
protection statement is substantially changed, we will notify all registered
users on their registered email addresses.