Mainder Web App – Privacy Policy

Last Updated: 31.1.2024

By using the Mainder Service, you agree to this privacy policy. This privacy policy can be updated from time to time without prior notice. All changes will take effect immediately, yet they are communicated to users either through the Mainder web app or/and email provided during the registration process. User has the option to decline updated privacy policy, yet that will prevent the use of service. You can find an up-to-date privacy policy statement in the Mainder Service or from the website

1. Controller of the personal data file

Ameria Ltd.
Pitkämäenkatu 11
20250 Turku
Business ID 3303404-7 

Contact person: 
Jarkko Koskinen
+ 358 40 070 9622

2. Name of the register

Mainder User Registry

3. Processing conditions

Mainder’s admins or other entities that use the service in their work grant the right to use Mainder. The service manages information about the housing companies, their shareholders, residents, board members, property managers, customer service personnel, and partners. The basis for data collection is the consent of the data subject and, to some extent, other data sources from which information can be retrieved, which according to the law must be found on the residents, owners, board members, and other parties of housing companies.

When processing users’ personal data, Ameria Ltd. complies with the EU General Data Protection Regulation (GDPR), national legislation, and good data processing practices. When processing personal data, the controller of the data follows the principle of data minimization, according to which the data is only used to the extent necessary and only for the purpose for which it was collected.

4. The purpose of processing personal data

Personal data is used for:

  • User authorization to the Service (strong authentication)
  • Holding the list of residents, owners, and board members within a housing company
  • Contact information of property managers, customer service personnel, and partners
  • Communication, maintenance, invoicing, and other matters related to the user’s residency and/or share ownership
  • Communication related to the service

Personal data in the log files of the server is used for:

  • Monitoring the load and capacity of the server and the network
  • Working out technical problems, developing the service, and investigating abuse of the service
  • Analyzing the service usage
  • Reporting

5. Information content of the register

The following information is stored during the registration process (voluntary information marked with * symbol).

  • First and last name
  • Email address
  • Telephone number
  • Social security number or date of birth, if there is no social security number
  • Gender*
  • Address
  • Children’s first and last name and date of birth, if applicable
  • Children’s contact details*
  • Billing information

For shareholders, the following is also stored:

  • The ID of the owned unit
  • Purchase date of the shares
  • Series of shares
  • Ownership percentage
  • Information on whether the shares have been transferred to the apartment system
  • Restrictions to use or sell a unit or shares. 

In addition, we store the following information:

  • Fees and other costs
  • Services booked by the user or customer service on behalf of the user
  • Service requests made by the resident, owner, board member, customer service, property manager and/or partner, and related to the unit(s) a user is attached to
  • Product orders placed by the user
  • Documents related to the management of the housing company, which are either mandatory by law or otherwise necessary for the operation of the housing company, and which may contain information about individual residents and/or users or the services they use.
  • Invoices and related financial information
  • Communication between users through comment sections of service requests.

In addition to user-related information, we store information about the housing company in the service, which is either required by law or otherwise necessary in connection with the administration of the housing company.

6. Regular sources of information

Information is retrieved from users themselves when sending move-in notifications, by contacting customer service, while registering, and/or using the service. Users can also provide personal information about other family members in connection with the move-in notification.

7. Storage to access documents and images

It is voluntary to allow access to the user’s documents and images, which are used as additional information for service requests such as problems in the apartment. Service requests can, however, be sent even without allowing access to users’ documents and files.

Users can decide, if they download photos or other documents to the service. Anyhow, some tasks, such as property managers’ work, require downloading documents to the service.

8. Notification permission

User can opt-in push notifications in Mainder. Permission is given at the device’s settings. User can opt-out push messages in any given time without affecting use of the application.

9. Use of cookies

Mainder is only using cookies that are necessary for running the service. Mainder do not collect cookies for analytics purposes or marketing. User have to accept the minimum cookies for using the app

10. Storage period of personal data and deletion of user data

Lists of residents, owners, and board members are kept as long as the resident, owner, and/or board member is registered in the housing company and/or owns shares in the housing company.

Information about other users are kept as long as they are working for a housing company (employed or act as entrepreneur).

The registered person cannot request the deletion of data during the time described in the previous chapter as the housing company is obligated to maintain the above-mentioned information according to the Finnish law.

Other registered persons cannot request the deletion of data during the time described in the previous chapter.

When the registered person moves away or sells the shares, the personal data is stored for a maximum of 6 months after the end of the most recent accounting period, unless the law or another compelling reason obliges to store the data longer.

The data of the other registered persons is stored for a maximum of 1 month after the end of the employment or other contractual agreement, unless the law or another compelling reason obliges to store the data longer.

If the housing company stops using the Service, all data will be deleted at the latest when all the necessary data has been transferred to another system, unless the law or other compelling reason obliges it to keep the data longer.

The personal data will remain in backups for one week, after which they will be permanently deleted from the service. The data is backed up so that we can ensure that technical disruptions will cause as few problems as possible for users of Mainder.

11. User rights to manage data

The user of the Service has the right to request rectification, the right to the restriction of processing of personal data, the right to object to the processing of personal data, the right to transfer data from one system to another, the right to ask for data deletion and the right to appeal to the Data Protection Officer within the above mentioned conditions.

In case a user wishes to review, correct, or delete any data that has been collected from the user to the registry of the Service, the user is advised to contact the Controller by email (contact information can be found in Chapter 1 in the Privacy Policy). When requesting anything mentioned, it must be noted that it is the responsibility of the Controller to verify the identity of the requester before disclosure of the data.

12. Regular transfer of personal data to third parties

Personal information will stay within Ameria Ltd. and partner organizations confirmed by agreements (e.g. property maintenance, property management, technical services integrated to Mainder) and will not be transferred to other third parties. 

Information can be used in analyzing and reporting in a form that does not allow individual users to be identified. In case of abuse of the Service, user data can be used to solve the case and in extreme cases, user data can be given to authorities.

In Mainder, we use carefully selected digital service providers that are necessary for the use of Mainder. We hand over personal data to the services only to the extent that is necessary for the use of the service:

These services are:

  • Amazon Web Services – Database & servers 
  • Auth0 – 2-factor authentication
  • Expo – Photo and document tools
  • Procountor – Financial management
  • Signicat – Strong authentication
  • Stripe – Online payments

13. Information transfer outside the EU and ETA

Personal information will not be transferred outside the European Union or European Economic Area.

14. Principles of protecting personal data

The service is protected by the technical protection methods normally used in business operations. Only designated persons have access to the information stored in the service, and they have 3-factor authentication (incl. Email, Authenticator, Finnish Trust Network).

We strive to protect all personal information to the best of our ability, but we cannot guarantee complete protection. In the event of a data breach, the appropriate authorities will be informed, and this will be notified to those affected.