Information on Data Processing in Accordance with the General Data Protection Regulation (GDPR)

At Celma Technologies, we are committed to protecting your privacy. This policy explains how we collect and process your personal data when you visit our website, in accordance with the General Data Protection Regulation (GDPR) and relevant cookie legislation.

1. Controller of Data Processing

Celma Technologies Oy
Company Incorporation number: 3529795-9
Email: info@celma.tech

2. Purpose and Legal Basis for Processing

We process your personal data for the following purposes, based on the corresponding legal grounds as set out under the GDPR:

1. To ensure website access and functionality
   We collect technical data such as your IP address, browser type, date and time of access, and the pages you visit.
   Legal basis: Article 6(1)(f) GDPR – processing is necessary for our legitimate interest in operating and securing the website.

2. To respond to contact inquiries
   When you contact us via forms or email, we collect your name, email address, and the content of your message.
   Legal basis: Article 6(1)(b) GDPR – processing is necessary for taking steps prior to entering into a contract.

3. To use cookies and tracking technologies
   We collect data such as IP address, user ID, device and browser information, and session behavior. This includes analytics, personalization, and marketing trackers.
   Legal basis: Article 6(1)(a) GDPR – processing is based on your explicit consent, which you can give or withdraw via our cookie banner.

3. Use of Cookies and Trackers

We use cookies and similar technologies (such as pixels, tags, and scripts) to:

• Ensure the proper functioning of our website

• Analyze website traffic and usage behavior

• Personalize user experience

• Provide marketing and remarketing functionalities (if applicable)

Cookie Categories:

• Essential Cookies: Necessary for site functionality and cannot be disabled.

• Analytics Cookies: Help us understand how users interact with our site (e.g., via Google Analytics).

• Marketing Cookies: Used for advertising and retargeting across platforms (e.g., Facebook Pixel, Google Ads).

• Preference Cookies: Remember user settings and language preferences.

Consent Management:

When you first visit our site, a cookie banner allows you to accept or reject non-essential cookies. You can change or withdraw your consent at any time using the "Cookie Settings" link.

4. Retention of Personal Data

Personal data collected via cookies is retained only as long as necessary for the specified purpose or as legally required. Cookie durations vary – see settings panel for specifics.

5. Recipients and Third-Party Services

We may share data with third-party processors under strict agreements. This includes:

• Web hosting providers

• Analytics providers (e.g., Google Analytics)

• Advertising partners (e.g., Meta, Google)

Customer hereby understands that Celma does not control any personal data processing conducted by online advertising platforms or third-party services possibly linked to Celma’s Products or Services, or by our customers. Customer must contact those third parties directly for accurate information on their processing:

Facebook & Instagram Data Policy

LinkedIn Privacy Policy

6. International Data Transfers

Where services involve transferring data outside the EEA (e.g., to the U.S.), we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) are in place.

7. Your Rights Under the GDPR

You have the right to:

• Access your personal data (Art. 15)

• Rectify incorrect or outdated data (Art. 16)

• Erase data (“right to be forgotten”) (Art. 17)

• Restrict processing (Art. 18)

• Data portability (Art. 20)

• Object to processing (Art. 21)

• Withdraw consent at any time

• Lodge a complaint with a supervisory authority

To exercise these rights, contact us at: info@celma.tech

8. Your California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with specific rights regarding your personal information. This section describes your rights and explains how to exercise them.

A. Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information:

• Identifiers (e.g., name, IP address, email address)

• Internet or network activity (e.g., browsing history, usage data)

• Geolocation data (general region from IP)

• Commercial information (e.g., inquiries or service interest)

• Inferences (preferences based on behavior)

We do not collect sensitive personal information such as financial, health, or biometric data.

B. Your Rights Under CCPA/CPRA

As a California resident, you have the right to:

• Know what personal information we collect, use, disclose, or share about you.

• Access a copy of your personal information.

• Delete personal information we have collected from you (subject to exceptions).

• Correct inaccurate personal information.

• Opt-out of the “sale” or “sharing” of your personal information.

• Limit the use and disclosure of sensitive personal information (if collected).

• Non-discrimination for exercising your privacy rights.

C. Right to Opt-Out of Sale or Sharing

We do not sell personal information for monetary compensation. However, we may share certain identifiers (like cookies and IP addresses) with third-party partners for targeted advertising, which may be considered a “sale” or “share” under California law.

You can opt-out by emailing us at info@celma.tech

You may also set your browser to send a Global Privacy Control (GPC) signal, which we honor where required.

D. How to Exercise Your Rights

To submit a request under the CCPA/CPRA, you can:

Email us at: info@celma.tech

We may need to verify your identity before processing your request. You may also authorize an agent to make a request on your behalf, provided you give the agent written permission.

E. Data Retention

We retain personal information only as long as necessary for the purposes for which it was collected, unless a longer retention period is required or permitted by law.

9. Data Security

We implement technical and organizational safeguards to protect your personal data, including encryption, access restrictions, and secure data storage.

10. Changes to This Privacy Policy

This Privacy Policy may be updated to reflect changes in legal requirements or site functionalities. The latest version will always be available on this page.