Privacy Policy – REMUC

Valid since May 25th, 2018.


In order to give you the best possible service, we may need to collect and process certain personal data about you. However, we respect and value your privacy and we are committed to protect it. This privacy policy contains information about what personal data we collect, what are the key principles of processing the data and what rights you have relating to your personal data.

Embelin Ltd. processes your personal data in compliance with this privacy policy and applicable laws, so we ask you to read this policy carefully. We may do updates to this privacy policy from time to time associated with development of our business operations or changes in applicable laws. Any changes will be notified by email (providing you have given it).

By using our services and website or contacting us, you accept that we process your personal data according to this privacy policy. If you do not accept these terms, it is likely that we cannot provide any services to you.

For what purposes is personal data collected and used?

We collect, store, and process your personal data only for predefined purposes. Purposes for processing your personal data are:

A) Fulfilling our contractual obligations:

  • Introduction and provisioning of REMUC services;
  • Managing orders;
  • Billing;
  • Customer communications and responding to contact requests;

B) Controller’s legitimate interests:

  • Development of our business and services
  • Preventing and investigating service abuse

C) We can also process your personal data if it’s necessary because of a legal obligation or a legal authority decision.

What data you collect about me and from which sources?

We collect personal data about you mainly from yourself when you contact us or use our services. Typically, we get the following personal data from you:

  • Name;
  • Email address;
  • REMUC device ID

Depending on the selected service level, we gather the following information to produce REMUC services:

  • REMUC device status and event information;
  • REMUC device location information
  • Web and mobile client login information;
  • User phone number(s);
  • User email address;
  • Service payment history

We also collect personal data about our website visitors with Google Analytics, so that we could analyse our website use, develop it further and for targeting relevant marketing content for our customers and website visitors.


What is the basis for processing your personal data?

We make sure that we always have a legal basis to process your personal data. We process your data on a on the following basis:

  1. Fulfilling our contractual obligations (REMUC services);
  2. Based on our legitimate interests as a data controller, which are developing our services and exercising and developing our business. We may in some cases ask for you explicit consent for certain personal data processing, for example problem solving based on investigation of device usage history;
  3. To fulfil our legal obligations (payment history)

Who processes my personal data and is it transferred to anyone else?

Primarily your personal data is processed by people within our own organization. We also outsource some parts of the processing to third parties, such as the data systems used to store and process personal data. In these situations, we make sure with contracts and otherwise that the confidentiality of your personal data is secured, and data is otherwise processed lawfully. We may also disclose information to fulfil our other contractual or legal obligations or when a legal authority requires a disclosure. We may also disclose your personal data if we are a party of a business sale, such as a merger or an acquisition.

Is my data transferred outside the EU?

Any personal data regarding REMUC services is not not transferred outside the EU. Customer service data is processed on our service provider’s servers which may reside either in European Economic Area or US. We make sure that your data is transferred and processed in a legal manner with adequate safeguards.

How long is my data stored?

We will not store your personal data for longer period than is necessary for its purpose or required by contract or law. The storage times for personal data may vary based on its purpose and the situation:

Type of data What does it consist of? Storage duration
Customer service data *) Customer service data consists of information you have yourself given when communicating with REMUC support 3 years
REMUC devices’ usage data Device status and event information, geographical location data Basic service:

7 days

Driver’s log/Premium:

At least 5 years

REMUC account data *) Information given on REMUC account creation Until account is deleted
Web and mobile client login data Server logs all mobile and web application logins 7 days
Payment history REMUC service subscription, SIM card payments, purchases made in web shop. 10 years

*) Not explicitly required when using basic REMUC service. REMUC account is required, though, when using Driver’s log/Premium service.

For some data, legislation sets obligations for longer storage durations, for example in the following cases:

  • Accounting law defines longer storage times independent on whether the data contains personal information or not.
  • Fulfilling consumer sales liabilities.
  • Server log data is collected and archived in a lawful manner so that we can provide a lawful and secure web store for our customers.
  • Adequate backups of web store databases and systems to ensure data integrity, restorability, security and continuity.

How is my data stored and kept secure?

Your data is stored on the servers provided by our service providers, which are secured according to general industry standards and practices. We consider and keep your personal data confidential and do not disclose them to anyone else than those who need it for their work or confidentially to our customers based on contracts we have made with them. Access to your personal data has been protected with user-specific logins, passwords and user rights.

Is it mandatory to provide personal data? What happens if I don’t give it to you?

If you don’t provide us some of your personal data or allow processing of it, it is very likely that we cannot serve you and fulfil the purpose of our business. Some data is marked with an asterisk in “How long is my data stored?” section. This means that the particular information is not prerequisite for basic service to function.

Does your website use cookies and what are those?

We use cookies on our website to provide the best possible user experience for our website visitors. Cookies are small text files that are placed on a web user’s computer and are designed to hold a modest amount of data particular to a user and a website. Cookies give us information how users use our website. We may use cookies to develop our website and services, analyze website use as well as target and optimize marketing efforts. If you do not wish to receive cookies, you may set your web browser to disable them. Please note that most browsers accept cookies automatically. If you disable cookies, you should understand that certain services at our website may not function correctly.

What rights do I have relating my personal data?

Withdraw your consent

If we process personal data based on your consent, you can at any time withdraw your consent by notifying us, for instance by sending email to info@embelin.fi. In practise this means service termination.

Access to data

You have the right to have confirmed if we are processing your personal data and to know what data we have about you. In addition, you have right to some supplemental information described in the law about the processing activities.

Right to have errors corrected

You have the right to request that we correct any inaccurate or outdated personal data we have about you.

Right to object processing

If we process your personal data based on public interest or our legitimate interest, you have the right to object processing of your data, to the extent that there is no such significant other reason that would override your rights, or the processing is not necessary for handling legal claims. Please notice that in this situation we may not be able to serve you anymore.

Right to restrict processing

In certain situations, you have the right to require that we restrict processing of your personal data.

Right to data portability

If we process your personal data based on your consent or fulfilling of a contract, you have the right to require transfer of the data you have provided to us to another services provider in a commonly used electronic format if it is regarded secure and technically possible.

How can I use my rights?

You can execute and use your rights by contacting us, for instance by sending email to info@embelin.fi. In such case, we ask you to provide us your name, contact details, phone number as well as a copy of valid personal ID, such as a driver’s license or passport, so we can verify your identity. If you consider that the processing of your personal data is not lawful, you can always also make a notification to a supervisory authority.

Can this privacy policy be updated?

We may make updates to this privacy policy when our operations change or develop. Also changes in law may make it necessary to update this privacy policy. The changes become valid once we have published them in the form of an updated privacy policy. Therefore, please visit this page and read this privacy policy from time to time. If you have given your email address to us, we shall use it to notify you of such changes.

Who can I contact in privacy matters?

Contact details:

Embelin Oy
Tullivahdinkatu 1 C 1
90120 OULU

+35810 3284 100

Data protection officer:
Teemu Laukkarinen