Log in
Try free

Privacy Policy





Biocode Oy

Our website address is:

General information

This privacy policy describes how Biocode Oy (“Biocode” or “company”, or “we”) processes personal data; what kinds of personal data we collect, for which purposes the personal data is used and to which parties the personal data can be disclosed. Biocode is committed to being transparent about how we collect and use personal data and how we meet our data protection obligations.

Personal data refers to any information relating to a natural person (“data subject”) that can identify them directly or indirectly. Personal data, data subject, controller and other key terms are defined in the General Data Protection Regulation (2016/679, “GDPR”). Biocode complies with the GDPR in all processing of personal data in conjunction with other applicable national data protection legislation.


  • Controller: Biocode Oy
  • Address: Siltasaarenkatu 8-10,
  • 00530 Helsinki, Finland
  • Email:

Purposes and legal basis for processing personal data

Personal data will be processed for the following purposes:

  • Registration to use our products and services (such as Biocode Impact online service) and user account management based on contract or its preparation.
  • Delivery of our products and services based on contract or its preparation.
  • Invoicing (including debt collection), customer service, feedback and related communications based on contract or its preparation or company’s legitimate interest.
  • Management and administration of our relationship with our business partners based on company’s legitimate interest.
  • Provision of information and materials related to our products and services, for example by newsletters and direct marketing based on company’s legitimate interest or consent.
  • Identifying potential customers who are using our services for the purposes of targeting relevant marketing to such persons based on company’s legitimate interest.
  • Registrations for our events, trainings and webinars based on company’s legitimate interest.
  • Market and customer analysis and surveys based on company’s legitimate interest.
  • Business planning and product development based on company’s legitimate interest.
  • Complying and fulfilling our legal duties and obligations such as tax law and accounting related obligations based on statutory obligation.
  • Ensuring security of our products and services and preventing abuses based on statutory obligation or company’s legitimate interest.
  • Ensuring security of our IT environments and protection of data based on statutory obligation or company’s legitimate interest.
  • Direct marketing based on company’s legitimate interest to send you promotional material about products and services you might be interested in. The data subject has the right to object personal data being used for direct marketing and may at any time withdraw prior consent.

For processing activities that are based on a legitimate interest, we have carefully balanced such legitimate interest with the data subjects right to privacy and concluded that our interest outweighs the data subjects’ rights and freedoms.

What data is collected, stored and processed?

Biocode collects only such personal data from the data subject that is relevant and necessary for the purposes described in this privacy policy.

The following personal data from the data subjects will be processed:

  • Name and contact information, such as email address, phone number, employer name and address and job title / position.
  • Information related to service accounts such as user names and passwords.
  • Consents and objections related to direct marketing.
  • Other information necessary for maintaining the business partner relationship, such as billing information, feedback, other message history and marketing preferences.
  • Electronic identification and behavior data such as IP address, log data and usage information. More information can be found in our Cookie Policy below.

Data sources

The personal data is mainly collected directly from the data subjects themselves, for example, at the time of providing tender, in connection with preparing or signing of a contract or during a customer relationship or customer service.

The personal data may also be collected automatically when the data subject uses our products and services e.g when using our online services and visiting our website.

In addition, and with the consent of the data subject, data may be collected in other ways in a marketing context.

Personal data may be updated and supplemented by collecting data from private and public sources.

Retention of personal data

Personal data collected in connection with our services shall be retained as long as need for the purposes defined in this privacy policy and as required by the law, unless such data is replaced through regular updates or otherwise. The periods vary greatly from one type of processing to another.

Detailed retention times can be provided upon requests.

We evaluate the necessity and accuracy of the personal data on a regular basis and endeavor to ensure that the incorrect and unnecessary personal data are corrected or deleted.

Who has access to the personal data?

Personal data will mainly be accessed by our employees for the purposes specified in this privacy policy. For the purposes stated in this privacy policy, the personal data may be disclosed, when necessary, to authorities, other companies within the same group of companies as us, and to other third parties, such as third-party service providers and our subcontractors (such as our IT vendors and marketing agencies conducting marketing on our behalf etc.). In such case, the personal data will only be disclosed for purposes defined above. We do not sell or otherwise disclose personal data to third parties outside Biocode for such third parties’ own purposes.

List of the processors and other recipients can be provided upon a request.

In addition, the company may share the personal data in connection with any merger, sale of our assets, or a financing or acquisition of all or a portion of our business and in connection with other similar arrangements. The personal data is also disclosed to third parties if required under any applicable law or regulation or order by competent authorities, and to investigate possible infringing use of the products and services as well as to guarantee the safety of the products and services.

Is data transferred outside the European Union or the European Economic Area

The company does not, as a rule, transfer personal data outside the European Union (EU) or the European Economic Area (EEA).

In case personal data is transferred outside EU/EEA, such transfers are either made to a country that is deemed to provide a sufficient level of privacy protection by the European Commission or transfers are carried out by using appropriate safeguards such as standard data protection clauses adopted or otherwise approved by the EU Commission or competent data protection authority in accordance with the GDPR.

How is the data protected?

Securing the integrity and confidentiality of personal data is important to Biocode. We have taken adequate technical and organizational measures in accordance with industry standards in order to keep personal data safe and to secure it against unauthorized access, loss, misuse or alteration by third parties, such as by firewalls, physical security measures, access controls, restricting access rights, encryption and active monitoring of the aforementioned measures. Nevertheless, considering the cyber threats in modern day online environment, we cannot give full guarantee that our security measures will prevent illegally and maliciously operating third parties from obtaining access to personal data or absolute security of the personal data during its transmission or storage on our systems.

Rights of data subjects

The data subject has a number of rights under applicable data protection laws.

Right of access and right of inspection

The data subject has the right to obtain confirmation as to whether or not personal data concerning them is being processed.

The data subject has the right to inspect and view data concerning them and, upon a request, the right to obtain the data in a written or electric form.

Right to rectification and right to erasure

The data subject has the right to demand the rectification of inaccurate personal data concerning them and to have incomplete personal data completed.

The data subject has the right to require Biocode to delete or stop processing the data subject’s personal data, for example where the data is no longer necessary for the purposes of processing.

However, please note that certain personal data is strictly necessary in order to achieve the purposes defined in this privacy policy and may also be required to be retained by applicable laws.

Right to data portability

The data subject has the right to receive the personal data that they have provided to Biocode in a structured, commonly used and machine-readable format and, if desired, transmit that data to another controller. The right to data portability applies on the processing of the personal data based on consent or a contract.

Right to restriction of processing

The data subject has the right, under conditions defined by data protection legislation, to request the restriction of processing of their personal data. In situations where personal data suspected to be incorrect cannot be corrected or removed, or if the removal request is unclear, the company will limit the access to such data.

Right to object to processing

The data subject has the right to object to the processing of data where Biocode is relying on its legitimate interests as the legal ground for processing. For example, the data subject may object to their personal data being used for marketing purposes.

Right to withdraw consent

In cases where the processing is based on the data subjects’ consent, the data subject has the right to withdraw their consent to such processing at any time.

Exercising rights

Requests regarding the rights of data subjects shall be made in written or in electronic form, and the request shall be addressed to Biocode using the contact details mentioned on this privacy policy.

Identity may be checked before the information is given out, which is why we may have to ask for additional details. The request will be responded to within a reasonable time and, , at latest within one month of the request and the verification of identity.

If the data subject’s request cannot be met, the refusal shall be communicated to the data subject in writing. The company may refuse a request (for example erasure of data) due to a statutory obligation or a statutory right of the company, such as an obligation or a claim relating to our services.

The data subject may exercise the aforementioned rights by sending a written request to

If you have any questions relating to our data protection policies or wish to exercise your rights, please do not hesitate to contact us.

Right to lodge a complaint with a supervisory authority

The data subject has the right to lodge a complaint with a competent data protection authority if the data subject considers that the processing of personal data relating to the data subject infringes current legislation.

However, we request that the matter be deal with Biocode in the first instance.

The relevant authority in Finland is the Data Protection Ombudsman (

Changes to the privacy policy

Biocode may make changes to this privacy policy at any time by giving a notice on the website and/or by other applicable means. The data subjects are highly recommended to review the privacy policy on our website every now and then. If the data subject objects to any of the changes to this privacy policy, the data subject should cease using the services, where applicable, and they can request that we remove the personal data, unless applicable laws require us to retain such personal data. Unless stated otherwise, the then-current privacy policy applies to all personal data we process at the time.

This privacy policy has been published on 25.1.2021. Last updated: 19.12.2023.

Biocode Oy

Biocode Oy (“Biocode” or “we”) uses cookies on our website. Protecting your privacy is important for us and we are committed to being transparent about how we use cookies and how we process your personal data. Please take a moment to familiarize yourself with this Cookie Policy.

This Cookie Policy specifically explains how Biocode uses cookies. We describe what information we gather, how we use it and why we sometimes need to store cookies. We also inform how you can prevent and block these cookies from being stored. Our Privacy Policy explains our principles when it comes to the processing of your personal data. Please see our Privacy Policy above.

1. What are cookies?

Cookie is a piece of data in the form of a text file that is placed onto your device (persistent cookie) or stored in memory (session cookie). It is generated by a web page server, which is basically a computer that operates a website. Information the cookie contains is set by the server and it can be used by that server whenever the user visits the site. They allow websites to store things like remembering you and your user preferences.

Cookies can be stored for varying lengths of time on your browser or device. Session cookies are deleted from your computer or device when you close your web-browser. Persistent cookies will remain stored on your computer or device until deleted or until they reach their expiry date which varies typically from a few days up to a couple of years.

Cookies may be set by the site that you are visiting (known as “first party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on our website (“third party cookies”).

Both websites and our emails may also contain other tracking technologies such as “web beacons” or “pixels.” These are typically transparent graphic images placed on a web page or in an email, which indicate that a page or email has been viewed. The cookies we are using are gathered through various service providers. Our websites may also include cookies, or similar technologies from third party service providers. These third-party cookie providers will also be able to gather and use data gathered by their cookies. We have no direct control over the information that is collected by these third-party cookies. For further information about cookie usage by third party provider, please check the provider’s applicable cookie and privacy policies.

2. What purpose do we use cookies for?

We use cookies and other tracking technologies to make visiting our website easier and to improve general user experience. In addition, we use cookies and collect information that helps us to enhance your experience and our services. The cookies that we use allow our website to work, to analyze our website traffic, and to help us to understand how our website is used so we can optimize it.

We use cookies and web beacons to collect:

  • the user’s IP address
  • time
  • pages visited
  • browser type
  • the web address from which the user landed to the website
  • the server from which the user landed to the website
  • the domain name from which the user landed to the website.
  • social media sharing information
  • openings and clicks of emails

3. What cookies do we use?

The following section details what kind of first- and third-party cookies you might encounter on our site.

Strictly necessary cookies

These cookies are essential for our site to perform its basic functions. Without these cookies, some parts of our site just won’t work as they should.

  • Name: _cfduid 
  • Purposes: This cookie is a part of the services provided by Cloudflare. Used to maximize network resources, manage traffic and protect our website from malicious traffic. 
  • Retention time: 30 days
  • Provider: Biocode

Functional cookies 

In order to provide you with a better experience on this site, we provide the functionality to set your preferences for how this site runs when you use it. In order to remember your preferences, we need to set cookies so that this information can be called whenever you interact with a page that is affected by your preferences. 

Performance and analytics cookies 

Performance cookies collect information on how you interact with our websites and how our website performs. These cookies may track things such as how long you spend on the site or pages you visit which helps us to understand how we can improve the site for you.  

We use Google Analytics, which is one of the most common analytics tool, for helping us to understand how you use our site and ways that we can improve your experience. For more information on Google Analytics cookies, please see the Google Analytics cookie usage documentation.  

  • Name: _gid 
  • Purposes: This cookie is a part of the services provided by Google Analytics. Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 
  • Retention time: 1 day
  • Provider: Biocode
  • Name:_ga 
  • Purposes: This cookie is a part of the services provided by Google Analytics. Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 
  • Retention time: 2 years
  • Provider: Biocode
  • Name: _gat 
  • Purposes:This cookie is a part of the services provided by Google Analytics. Used to throttle request rate. 
  • Retention time: Until the end of the browser session 
  • Provider: Biocode

Targeting cookies and social media

We may use cookies to deliver advertised content which is relevant to you. In addition, some cookies may be used to track the effectiveness of our ad campaigns on third party websites.

In addition, we use social media buttons and/or plugins on our site that allow you to connect with your social network in various ways. Some of these cookies may be set when a page is loaded, or when you take a particular action like clicking a social media sharing button.

We may also obtain information from our email newsletters or other communications we send to you, including whether you opened or forwarded a newsletter or clicked on any of its content. This information tells us about our newsletters’ effectiveness and helps us ensure that we’re delivering information that you find interesting.

4. How can I allow, control and disable cookies?

You can give or withdraw a consent to cookies on your terminal equipment, for example, by using the appropriate settings of a browser or device or on our website’s cookie banner.

You can, for example, disable use of cookies, allow use of all cookies or only use of first party cookies. Furthermore, you can set the browser to delete cookies after each browser session or delete them manually. Please note that disabling use of cookies may downgrade or break certain elements of our site’s functionality and certain functions may not work in the usual way.

Please check your browser’s help manual for further instructions. Below we have provided instructions for deleting cookies from the most common browsers:

If you want to prevent Google Analytics gathering data from you, Google Analytics provides an Opt-out browser add-on for that purpose. 

5. Contact information

  • Name:  Biocode Oy 
  • Address: Siltasaarenkatu 8-10, 00530 Helsinki, Finland 
  • Email:

If, at any time, you have questions or concerns about this Cookie Policy, please do not hesitate to contact us.  More information about the cookies, please see the website of the national supervisory authority Traficom

6. Updates to this cookie policy

We may update this Cookie Policy from time to time. Please check regularly this Cookie Policy to ensure you are aware of the most updated version. The most updated version is available on our site.  

This Cookie Policy has been published on 25.1.2021. 

Last updated: 20.12.2023.