Privacy policy
Updated: 2 July 2026
1. Data controller
Fisas Oy
Business ID: 3628711-1
Email: info@fisas.fi
2. Contact person for data protection
Johannes Koponen
Email: info@fisas.fi
3. Scope of this policy
This policy covers both visitors to the fisas.fi website and registered users of the fisas.app application. Application users may refer to this policy instead of a separate privacy page in the app.
4. Data we collect
Website visitors:
- Cookies and analytics data (Google Analytics 4)
- From the contact form: name, email, phone (optional), company (optional), message
- IP address (anonymised)
Application users:
- User details: name, email, phone number
- Company details: name, business ID, address
- Business data: projects, invoices, quotes, work hours
- Subcontractor and customer data
- Site photos and documents
5. Legal basis and purpose of processing
- Performance of a contract: providing the application services
- Legitimate interest: analytics, service development, information security
- Consent: marketing communication (only with consent)
- Legal obligation: accounting, taxation
6. Data retention period
Application user data is retained for the duration of the contract and for at most 3 years after the contract ends, unless legislation (for example the Accounting Act, 6 years) requires longer retention. Analytics data is retained for 26 months.
7. Disclosure of data
We do not sell or disclose personal data to third parties for marketing purposes. We use the following subprocessors to provide the service:
- Database provider (EU region)
- Email provider (EU region)
- Analytics provider — anonymised (no personal data)
- Web hosting provider (EU/USA, Standard Contractual Clauses)
8. Cookies
We use necessary cookies to ensure the service works, and analytics cookies to develop the service. Analytics cookies are set only with your consent. You can manage your cookie settings from the site's cookie banner or in your browser settings.
9. Rights of the data subject
- The right to access your own data
- The right to rectify inaccurate data
- The right to erase data ("the right to be forgotten")
- The right to restrict processing
- The right to transfer data to another service
- The right to object to processing
To make a request: info@fisas.fi. We respond within one month.
10. Information security
Data is always transferred over an encrypted HTTPS connection. The database is protected with access control. We carry out regular security audits. The mobile app supports biometric authentication.
11. Right to lodge a complaint
You have the right to lodge a complaint with the data protection authority (Office of the Data Protection Ombudsman, tietosuoja.fi) if you consider that the processing of your personal data is unlawful.
12. Changes to this privacy policy
We update this policy when necessary. We notify application users of significant changes by email.
13. Contact
Fisas Oy
info@fisas.fi