We process your personal data according to the General Data Protection Regulation (GDPR) of the European Union, as well as according to all other relevant legislation according to Finnish and EU law. In this privacy policy we explain our basis for processing your personal information, and inform you of your rights regarding your personal data.
Semantti Oy Teknologiantie 11 90590 Oulu Finland Email: privacy@semantti.com Business ID: 3462983-5
We process your personal information for marketing, generating leads for our sales, distributing factual information and news about our company and products and measuring, providing you products and services, and improving the website user experience.
For users who access this website, the legal basis for processing personal data is our legitimate interest to understand website traffic in order to improve the experience.
If you subscribe to our marketing, or use our managed services or online products then information you give us is used to provide you the services you subscribe to, there the legal basis for processing is explicit consent of the data subject - your own consent.
Our hosting, content delivery, analytics and spam protection services collect visitor information in the form of IP-addresses and potential cookies automatically submitted by your web browser.
We may also collect email addresses, domain names, IP-addresses and optionally your name and company affiliation if you submit them manually via forms on our website or by using our managed services and online products.
If you use Semantti’s managed services or online products that analyze your organization’s log data (for example, incident readiness playbooks), you may upload or otherwise provide log files for analysis. Depending on your systems, logs can include personal data such as user identifiers, IP addresses, device identifiers, timestamps, and activity records.
In these cases, your organization is typically the data controller and Semantti acts as a data processor, processing the log data only to provide the requested analysis and results. We use Google Cloud Platform or similar cloud platforms committing to EU Standard Contractual Clauses as a sub-processor to host and process log data securely. We retain customer log data only for as long as needed to deliver the analysis (or as agreed with the customer) and then delete or anonymize it in accordance with our retention practices.
We use following services as data sources:
You have the following rights according to GDPR regarding the processing of your personal data. You can exercise your rights either directly through our services, or by contacting us by email.
Email addresses, names and company affiliations submitted are retained until the person unsubscribes. If a subscriber requests a permanent opt-out from any future marketing then the opt-out address is retained until the person in question requests to be removed from the opt-out list.
Contact information, names, company affiliations and other personal data stored for customer relationship management are retained while the customer relationship is active and thereafter only for as long as reasonably necessary for legal, accounting, or contractual purposes. Data is securely deleted or anonymized once it is no longer needed.
Your personal data can be accessed by our employees and contractors, who develop and maintain our products, services, sales, marketing and business.
We require our foreign service providers that their countries have an adequate level of data privacy as required by the GDPR, and that they are committed to follow the GDPR and other relevant EU regulations.
Your personal data is not used for automated individual decision-making or profiling.
We don’t collect or ask you for personal information unless we truly need it. We require a non-disclosure agreement (NDA) from all our employees who process personal information. We control and keep track of who has access to the services used to process the data. We use transport layer encryption (TLS) to protect your interaction with our website.