November 20, 2018

Privacy Policy


At APPaja, we’re committed to protecting and respecting your privacy. This policy explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others, how we keep it safe and secure and your rights and choices in relation to your information.

Services to which this privacy policy applies to:

  • website
  • Bike APP application

We encourage you to read the policy notice carefully and contact us with any questions or concerns about our privacy practices via email to or by writing to:

Data Protection Officer
Saukkolantie 73
41940 Vesanka

Who we are

We are APPaja, Finnish-based agile mobile app development company dedicated to create high quality apps.

In this policy ‘APPaja’, ‘we’, ‘us’ or ‘our’ means:

  • APPaja Oy

Contact details for privacy protection issues via email to or directly to our Data Protection Officer:

  • Juha Haapsaari (

How do we collect information from you?

We obtain information about you in the following ways.

Information you give use directly

For example, filling form on website, purchase services or when you register to our newsletters. Creating user account to Bike APP application.

When you visit our websites

Our websites are on following domains:


We automatically collect following information:

  • Technical information, including the type of device you are using, the IP address, browser and operating system being used
  • Information about your visit to websites, including pages you visit, how you navigate on the website, length of visits to pages, products and services you viewed or searched for and referral sources (how you arrived at our website)

We collect and use your personal information by using cookies on our website. See chapter ‘Cookies’ for more details.

Social Media

When you interact with us on social media such as Facebook, LinkedIn and Twitter we may obtain information about you. The information we receive is controlled by you on the privacy preferences you have set on those types of platforms.

Public information

Information about you available publicly such as organization websites, public social media accounts in order to create a fuller understanding of someone’s interests and support.

What information do we collect?

The personal information we collect, store and use include:

  • Your name and contact details (including email address, postal address)
  • Information about your activities on our website and device used to access it (including your IP address and geographical location)
  • Any other personal information shared with us
  • Comments written to out websites or social media
  • Your location on Bike APP (you can opt-out from this)

We do not collect any sensitive personal information in special categories (like race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, sex life or sexual orientation).

How and why your information is used?

We may use and process your information for different purposes, which may include:

  • Account set up and administration
  • Providing you with the services, products or information you have requested
  • Personalization of content, business information or user experience
  • Processing orders that you have submitted
  • Fulfilling our obligations under any contracts entered into between you and us
  • Keeping a record of your relationship with us
  • Performing analysis and market research so we can understand how we can improve our services, products or information
  • Internal research and development purposes
  • Finding your feedback on the services we provide
  • Carrying out polls and surveys
  • Notifying you of the changes to our services
  • Sending you communications which you have requested and that may be of interest to you. These may include information about campaigns, activities and promotions of our products and services

How long is your information kept for?

We keep your information for no longer than is necessary for the purpose it was collected for. The length of time we retain your personal information for is determined by operational considerations.

We review or retention periods on regular basis. You can request information about your collected personal information or request removal of your personal information from

Who can access your information?

We do not sell or rent your information to third parties. We also do not share your personal information with third parties for marketing purposes.

Third parties working on our behalf

Our selected 3rd party service providers, suppliers, agents, subcontractors and other associated organizations can have access to your information for the purpose of administering the platform for us. However, when we us these third parties, we have a contract in place that requires them to keep your information secure and prevents them from using it for their own purposes.

Third parties related to this privacy policy are:

  • Microsoft (Hosting service provider acting as data processor –

Visitor comments may be checked through an automated spam detection service.

We may transfer your personal information to a 3rd party as part of a sale of some or all of our business and assets to any 3rd party or as part of any business restructuring or reorganization, or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our staff, supporters, customers, users of the website or others. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.

What legal basis do we have for processing your personal data?

Data protection law requires us to rely on one or more lawful grounds (legal basis) to process your personal information. There are different lawful grounds for collecting personal information. We consider the following grounds to be relevant to this privacy policy:

  • Consent
    Where you have provided specific consent to us using your personal information in a certain way, such as sending email to you, using cookies to collect information about your visit to our websites.
  • Contract
    Where we are entering into a contract with you or performing our obligations under it like when you order products or services from us. Consent given by you can be withdrawn and managed any time by contacting

Contract legal basis ends when contract is not signed, or it is terminated. In these cases, consent given by you is not automatically withdrawn.

Where do we store and process personal data?

As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). For example, this may happen when your personal data is transferred to marketing registry that is located in service hosted outside of the EEA. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy.

If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.

How do we secure personal data?

When you give us personal information, we task steps to ensure that appropriate technical and organizational controls are in place to protect it.

We use SSL encryption on our websites to make sure that information given is always protected. SSL encryption is forced whenever processing more sensitive information (such as credit card details).

Information given us using other methods (such as email, social media, written letters etc.) are transmitted or delivered in ways that we cannot guarantee to be 100% secure. Therefore, even we have steps in place to keep your information secure, you send the information at your own risk. Once the information is received by us, we make our best effort to ensure its security on our systems.

We, or our 3rd party service providers, have implemented protection against accidental loss of data with regular backup of data.

Access to your personal information requires authentication and authorization, unless you have given consent to make information publicly available on our websites or marketing materials.

Use of automated decision-making and profiling

We may analyse your personal information to create a profile of your interests and preferences so that we can tailor and target our communications in a way that is timely and relevant to you. We may make use of additional information about you when it is available from external sources (such as social media etc.) to help is do this effectively.

You can always opt out of your information used for decision-making, profiling or marketing communications by contacting

Your rights

You always have rights to personal information that we hold for you. Here are the rights that apply to this privacy policy:

Right of access

You have right to request access to the personal data we hold for you. You also have right to request copy of the information we hold about you, and we will provide this information to you unless legal exceptions apply.

Right to rectification

You have right to have inaccurate or incomplete information we hold about you corrected.

Right to restrict processing

You have right to request us to restrict processing of some or all your personal information if there is a disagreement about its accuracy or we are not lawfully allowed to process it.

Right to erasure

You have right to request us to delete some or all your personal information, and we will anonymize or delete this information unless legal or contract exceptions apply. When possible, we anonymize requested information rather than delete it.

Right to data portability

You have right to request your personal information to be provided in machine-readable form when we are processing (using automated means) your personal information based on your consent or in order to enter or carry out a contract with you.

Right to object

You have right to object processing of your information when we are using it for direct marketing or for statistical/research purposes. If you want to exercise any of the above rights, please email us at or in writing to APPaja, Data Protection Officer, Saukkolantie 73, 41940 Vesanka, FINLAND. We may be required to ask more information and/or provide evidence of identity. We are dedicated to respond fully to all request within 30 days of receiving of your request, however if we are not able to do so we will contact you with reasons for delay.

You also have right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that processing of your personal data infringes GDPR regulation.

Use of cookies

We use cookies to allow websites to recognize you when you visit our websites. Cookies are small pieces of information stored to your device. For example, cookie can contain information about your device geographical location or consent you have given to us. This helps us to deliver a better and more personalized service when you browse our websites.

You can switch of cookies by setting preferences on your browsers. Switching cookies of may result loss of functionality when using our web site.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Links to other websites / 3rd party content

Our websites may contain links to other websites run by other organizations. This policy applies only to our website. Please read the privacy policies on the other websites you visit. We cannot be responsible for the privacy policies or practices of other websites even if you access them using links from our website.

Changes to this policy

Any changes we may make to this policy in future will be available on this website so please check this page occasionally to ensure that you agree with any changes. If we make any significant changes, we’ll make this clear on this website.