Security built into daily work
Key controls
Security is part of everyday use
-
Access control Per-user login, role-based permissions and customer-specific separation (tenant model). Sessions can be revoked when needed.
-
Login protection Short-lived credentials, controlled session renewal, brute-force protection and an audit trail for sign-ins.
-
Monitoring and audit trail Key usage and security events are logged for traceability and investigation.
-
Continuity Backup and recovery are documented and tested in the development environment. All data is processed and stored in the EU, mainly in Finland.
Processing personal data
We process personal data to deliver the service: user accounts, work requests and work orders, maintenance history and security logs.
We store only what is necessary. Access is role-based and limited per customer. Data subject rights (access, correction, deletion where permitted) are handled via your contact person and our support.
Log retention and use
Security logs (sign-ins, lockouts, critical changes) are retained as needed for investigation. Passwords and secrets are not logged in plain text.
Log use is limited to maintenance and authorised personnel. In production, retention periods are aligned with customer agreements and legal requirements.
Incident response
Security incidents are handled in stages: detection → assessment → containment → recovery → post-analysis. Typical cases include suspicious sign-ins, permission changes and availability issues.
We communicate concisely to customers: impact, actions taken and confirmation of recovery. More detailed documents can be reviewed during your evaluation if needed.
Questions about security?
Get in touch — we will walk through our practices at a level that fits your evaluation process.
Get in touchGet in touch
Tell us briefly about your situation. We will get back to you as soon as we can.