Data Privacy

Augment.Eco and data privacy

Why do we collect your personal data?

The confidentiality of communication and safe processing of personal data are of primary importance to us.

Confidentiality of communication

We provide a vast number of different kinds of micromobility services for your use. In order to protect your vehicle, we process information about your vehicle and location and maintain the confidentiality and privacy of commuting in such a manner that outsiders will not know the your commuting history.

Data protection

We take a high data protection level into account in all our operations: we process data in a confidential manner. We ensure this by using appropriate technology and data security solutions and ensuring the confidentiality of the data with administrative measures.

What data do we collect?

In order to agree on the delivery of services and tasks requested by you prior of agreeing, we require sufficient information about you.

We may also require your social security number or copy of your identity documents and proof of your address in order to identify you for e.g. invoicing purposes. The requirements might vary country by country depending on your main address.

We need your contact information in order to communicate with you and e.g. to inform you of changes in services. In addition, some of our services require providing different kinds of data based on which we can identify you individually and improve the service to be suitable for you.

In some countries legislation obligates us to collect sufficient data about you to deliver the service. We also provide services that require providing your data in order to use them. Due to the nature of our services, the processing of personal data is an essential and inseparable part of providing certain services, even though in the service itself we will not process your name, social security number or other information that directly identifies you as a person.

Personal data to be processed

We process appropriate and necessary personal data. Such data include identification data, contact information, information related to your customer relationship and the use of services.

Examples of personal data processed in our various services:

  • Contact information, such as first name and last name, address, telephone number, email address, social media contact information
  • Identification and personalisation information, such as social security number, date of birth, the name and address of the user of the possible service, language of communication or other preference information
  • Bonus and loyalty benefit information and information about the services for which these are collected
  • Direct marketing prohibitions and consents
  • Payment transaction information
  • Other further information provided by you
  • Additional information regarding products, services and subscriptions, such as identification data for vehicle and mobile phones
  • Subscription, delivery and contract information for products, services and subscriptions and start and end date for customer relationship for services
  • Customer information and classifications, such as information about the customers of CSH Group / Augment subsidiaries and information about the customer classification of CSH Group / Augment or its subsidiaries
  • Possible contact persons and user information of corporate and community customers and information about their tasks in the company
  • Customer history, for example communication, service changes or social media communication
  • Phone call and other recordings regarding customer service situations • Information regarding invoicing and collection
  • Data generated from the use of the services, such as the technical data generated when making and receiving phone calls or sending e-mails, the start and end time of transactions, routing data and location data
  • Answers to customer research questionnaires
  • Information about cookies and third-party cookies as well as other web analytics data
  • Information required for credit checks to approve the contract, such as payment history data obtained from third parties.

Customer data generated from transactions and recording of transactions

When you call our customer service, use our other interactive service channels, such as email or chat, or being in contact with us otherwise, we may record or otherwise save our conversation in order to verify the transactions. We retain these recordings only for the necessary time period and take into consideration data security factors when storing the recordings. The recordings may also be used for training our personnel and to ensure and develop the quality of our services, like training automatic customer service robots. We use recording camera surveillance in our shops and other premises to monitor the safety of our premises, employees, and people visiting our stores, as well as untangling the deviations.

Data generated from using the services

When you use our services on a browser, app or your micromobility vehicle like e-scooter, different kinds of data regarding your visits and use are saved. Such data include e.g. the IP address you use, browsing data or cookie data. In addition, we collect your information via the online services and mobile applications you use or devices using these services. When you use our services, the use related to their use is recorded. For example, the information about your speed, location or journey might saved in your user history of the service.

We save and process the traffic and location data in accordance with local legislation in each usage country for the delivery, invoicing and technical development of our services. The data may also be processed for marketing purposes with the customer’s consent. We also process such information in situations of misuse and troubleshooting, in order to ensure data security, invoicing of other service providers, and to fulfil our legal obligations.

Providing mobility services requires processing your location data. This accuracy of location data varies from metres to several kilometres. With the help of the location data, we can improve the properties of our services. Location data also enables us to send targeted offers and deals.

In connection to authorities’ provisions, location data may be disclosed without your consent.

We retain traffic and location data for as long as it is necessary. The data shall be processed primarily automatically and only a limited number of persons are involved in processing the data.

Cookies and other network tracking technologies

Modern websites and services are based on a technology known as cookies that we use on our website. Cookies are small, user-specific text files that are saved on your browser. The server may later read the cookie installed on your browser and in this manner your browser may be identified as having visited our site previously. In this manner, you will get the best possible user experience on our website.

With the help of cookies, we may collect data e.g. regarding the devices, browser and objects of interest of the users visiting our websites. The collected information can be used also for analytics, improving user experience and targeting marketing both in our own and our partners’ advertisements. We aim to provide you with targeted content so that your user experience would be as smooth as possible.

We use both our own and third-party cookies and other similar network tracking technologies. The third-party cookies we use include e.g. DoubleClick, Facebook, Google Analytics and Stripe cookies and technologies. You can obtain more information on third party cookies and other network tracking technologies from the web pages of the third party in question.

We monitor the functionality of the e-mails we send and we wish to ensure that you only receive communication from us that interests you. We may use cookies or other tracking technologies also in emails. This means that we can follow which e-mails we have sent you and connect this data to your customer data. Therefore, when you call the customer service and ask e.g. about the offer you have received, the customer service person knows which message you have received and which offers have been sent to you.

You may disable the use of cookies in your browser settings, in which case you may lose a part of your user experience. If you disable the use of cookies, our website may become slower and the use of some features may be prevented. In this event also our possibilities to develop our services in accordance with your user preferences is hampered, and we cannot provide you with adverts targeted for you on the website.

Corporate customer´s personal data

We also offer our services to corporate customers. If you are using a subscription or service ordered by your employer or any other organisation, we will receive the personal data necessary for providing it directly from your employer or a party that has acquired our services for your use. In this context, your data may be linked with the company’s business ID or information related to your work tasks. We will protect your data as though it was provided by you, but we may not necessarily be able to verify that your data is up to date.

As we prepare contracts between companies in order to provide services or other cooperation, we process the contact information of our customer companies’ personnel in order to provide services and implement communication connected with our services. Such contact information include e.g. information of the agreeing party, invoicing information, administrators’ information and other contact persons’ information.

We process the companies’ contact person information for example to manage the customer relationship, enable communication and market our services. These personal data have been collected primarily from the trade register and other public sources based on this privacy notice. We obtain information regarding the contact persons also from the company itself.

If necessary, we can connect your information with other information we have about you.

Collecting data on potential customers, for example in competitions, webinars and events When you participate in competitions and sign up to e.g. our events or webinars, we may ask for your contact information or other personal data. We will use this data in order to organise the competition or event in question and possibly in order to contact you to tell you more about our products and services. We can also combine this data in our customer data. Competitions or events may also be organised by our partners, in which case we will receive your contact information directly from them.

How and for what purposes are we using your data

Grounds for data processing

When you acquire a service from us, we make a contract with you. In order to implement the service agreed upon, we process necessary personal data, for example your invoicing data.

We process your data when we have need for it in order to implement our appropriate interests (legitimate interest). The processing of necessary information is done to ensure the functionality of the services (e.g. combining the data for your e-scooter performance and faults, your location and the e-scooter you are using) and for their improvement and statistical analysis (e.g. movements of large user groups and the implementation or analysis of the changes required by their impacts) and to develop business operations (e.g. based on your purchase history, evaluating the need of future products that will be ordered for the warehouse). In such processing, we process your data typically as a part of a larger mass and we do not aim to examine your data specifically. By evaluating the data of a large group of people we can e.g. develop our services based on accurate and up-to-date information. In addition, with our legitimate interest, we may offer you information of our services that you might be interested in. You have the right to object data processing that is based on legitimate interest. On the other hand, CSH Group / Augment can refuse this objection based on applicable legislation for example if the processing is necessary for the establishment, exercise or defence of legal claims.

We will process a part of your personal data based on the consent that you have provided. Such processing includes cookies used online that improve the functionality of our services. When we process your data based on your consent, you can revoke your consent at any time.

In exceptional situations we may process your data in order to protect vital interests. Such situations are life-threatening situations where we can reduce the threat by processing necessary information. Protecting vital interests might include, for example, finding out buyers from our register if a device we have sold were to manifest some dangerous manufacturing fault.

In addition, we process personal data for compliance with our legal obligations. Such obligations include retaining invoicing data separately for a legislated period of time or saving information regarding the e-scooters traffic data for the use of authorities in order to solve serious crimes.

Processing your personal data as a part of a large group of people

When providing services, a lot of information is collected e.g. when providing websites. Utilising this data is a part of modern information society.

We find out a lot of information from the average behaviour of large masses of people. Such information include e.g. using the location data of vehicles as well as e.g. the ways and times of using vehicles. We make use of this information no only to develop our own services but also to enable the purposeful development of our partners’ and social services.

Examples of processing the data of large masses of people include user data of public transport or monitoring and statistical analysis of movements of large user groups. In such purposes, an individual person cannot be identified from the result of the processing but information connected with an individual person must be processed as a part of a group of data in order to compile the information. This kind of processing is based on CSH Group / Augment's legitimate interest, and in certain cases you have the right to object this kind of processing.

Profiling

We wish to customise and develop our services, marketing and other interaction to suit you.

We can target the marketing of products that may interest you in our direct marketing. In order to form a marketing target group, we can process your age, purchase and payment history, place of residence, contact information, cookie information and other information and external classifications, such as the average size of a household of the postal code area of your invoicing address. When profiling, we therefore utilise both collective information and information directly related to you.

We may use automatic credit check in our web shop and the stores when you purchase products or services with a credit purchase. In some cases, the purchase may be prevented due to credit history issues, previous payment behaviours, history of payments history, or large sum of credit debt. In this case, please contact our customer service so that we can look for an alternative solution.

Checking your own data

You can check the data concerning you at CSH Group / Augment self service. The data generated from the use of services may also be gained via the user interfaces of the services.

If you cannot use CSH Group / Augment self service or the service interfaces for some reason, you can also contact our customer service to deal with the issue.

Please note that the right to inspect your own data only concerns your own personal data. Due to this, inspection rights cannot be used for inspecting the data of other family members or employees using a corporate micromobility subscription. In addition, the confidentiality of the communication services we offer is legislated by communications legislation that restricts disclosing the information to other than the parties to the communication.

Transferring your own data

If you wish you can download the information that you have disclosed to us based on a contract or consent.

Updating and specifying personal data

When you use our services we will ask you for your personal data. If your data has changed, we ask you to update the changed information to us.

If you detect an error in your own data, you can fix this by notifying us via self-service and customer service channels.

In addition, we update and specify the personal data regarding you from other sources. We may, for example, receive your contact information from our partners for marketing purposes. We aim to keep your personal data accurate and up to date. Due to this, we check, for example, that your address information is up to date from the Population Register Centre and local address databases or other public sources.

The retention period for personal data

We retain your personal data only for the necessary time period. The retention period for your personal data varies depending on the service and the nature of the data.

When the retention period for the data has terminated, we dispose of the personal data either by removing them or making them anonymous (i.e. anonymisation of the data in question). For example, we process your customer data for the entire duration of the customer relationship and due to certain legal obligations also for a required period afterwards or, based on our legitimate interest, for direct marketing purposes. On the other hand, the retention period of the data collected in connection with producing the services may be quite short: for example, technical data related to transmitting a phone call may be disposed of already during the call. The data may be backed up and stored to ensure information security. The backups will be erased according to the backup retention cycle.

Please note that the public comments or other content you produce on CSH Group / Augment’s online discussion forums may remain visible even after your customer relationship with CSH Group / Augment has ended.

We regularly evaluate the need for the retention period of the data and evaluate their purposefulness as technology and use needs develop.

Marketing

We constantly develop and produce new services that correspond with our customers’ needs in a changing and developing world. To be able to tell you about such services, we use your personal data for direct marketing purposes. We may be in contact with you by letter or phone and also via e-mails, text messages, and other methods of communication.

We may also be in contact with you as a potential new customer when we have received your contact information e.g. when you participate in our competition or an event we organise or in another way.

If you do not wish to receive marketing communication from us, you can let us know i.e. via OmaCSH Group / Augment or customer service.

We may use your contact information (f. ex. email address or phone number) or technical contact data (for example cookies) to generate the target group in the social media service or web services, in order to market our products. In such case we ensure, that your information is not disclosed to be used by other parties purposes, but they are processed only for the purposes defined by CSH Group / Augment. Example of the service like this is Facebook Custom Audience.

Direct marketing by third parties

If you wish, you have the possibility to receive offers and marketing from our partners. If you have given us your consent to utilise e.g. traffic or location data in targeting marketing, you may receive relevant offers from service providers in your area. When we transmit our partners’ communication to you, we do it ourselves. We do not disclose your contact or other information to third parties for marketing purposes. In this manner, we ensure that direct marketing meets your needs and does not disturb you.

If you do not wish to receive marketing communication from our partners, you can let us know for example via customer service.

Personal data processors and data disclosures

Disclosing personal data

When we provide services, we may disclose your personal data also to our subcontractors when they need to receive your data to e.g. provide a service.

On our website, we use different kinds of techniques enabled by our partners for analysis and marketing purposes. When providing these services, we disclose personal data to the service provider. In these cases, we do not disclose personal data that identifies you, but technical data enabled by the service, for example with the help of cookies. These services are very common properties of modern websites. You can read more about our cookies in this privacy notice.

When you use identification services, such as mobile verification, we disclose the data identifying you to the party using the identification service after you verify your identity using e.g. a secret pin number.

We produce some of our services in cooperation with our partners. To provide such services, we disclose your personal data to the service provider. In some cases, using the service requires that you approve the privacy notice or terms of the service provider before using the service. Third parties process your data for their own purposes as an independent data controllers in accordance with their privacy notice. Before disclosing the data, we ensure that the disclosure is in accordance with the law.

Assisting authorities

Some authorities, such as local data protection authorities, police or emergency centre authorities are entitled to receive your data in order to implement their legislated duties. We can also disclose your data to other authorities or parties with the decision of a competent authority or a court of law within the limits allowed by the law.

Subcontractors and processing data outside Finland

The production of our services is primarily centralised to Finland. Maintenance of the IT systems related to the call or the services related to invoicing that follow may be located outside of Finland and the EU and EEA.

We use subcontractors when producing our services as well as related support services. When using subcontractors, we ensure that they abide with our privacy notice and process the data with care and confidentiality. We ensure this with contracts as well as by conducting inspections of the subcontractors’ operations and by providing secure tools for their use.

Some of the personal data is processed outside of Finland and outside of the EU area. This is necessary in order to produce the services, improve quality, provide expertise or enhance operations. Some of the processing work consists of maintaining the data located in Finland and processing them with remote management, but in some cases we transfer the personal data to be processed by our subcontractors for example in United Kingdom and the United States. In these cases we ensure that the processing party operates in accordance with our privacy notice, appropriately and with care, and that the justification of the processing is ensured according to the applicable data protection legislation, e.g. by using model contract clauses approved by the EU Commission.

Data security

We ensure data security when processing your personal data. Typically your data will be processed in our own server rooms. We control the security of the server rooms by using appropriate measures to protect the data. The servers always use appropriate protective measures, such as access control based on passwords and other protective methods as well as technical encryption of the data. Our technical operating environment has been secured with fire walls and appropriate anti-virus software.

We primarily process your data in a form where an outsider cannot identify you as an individual. For example, when we transmit information about traffic, your identity cannot be directly recognised from the traffic unless you disclose it to the party in question. With these measures, we protect the confidentiality of your movements and prevent connecting your data to your identity when not necessary.

Everyone is responsible for looking after data security. In order to ensure the protection of your data, we ask you to pay attention to looking after the data security of your own devices in a manner as appropriate as possible.

Preventing data security breaches and malfunctions

In order to prevent data security breaches and to remove data security malfunctions we take the necessary measures e.g. by preventing reception of e-mails, removing viruses and other malware from the messages and implementing other comparable necessary technical procedures within the limits and obligations imposed by legislation. Sending or receiving such messages may be prevented. The scope of our privacy notice, our contact information and other information

The scope of our privacy notice

This privacy notice concerns the processing of personal data in CSH Group Oy / Augment and our subsidiaries. Our affiliates may also have privacy policies that complement this privacy notice or that are parallel to this privacy notice.

Our contact information: CSH Group Oy, Upankatu 1, FI-60100 Seinajoki, Finland.

Your rights regarding the processing of your data

You have the right to influence the processing of your own data.

You have a right to check what data we process on you. You can access your own data in the CSH Group / Augment self service.

If you notice incorrect or outdated data in the personal data we process, we ask you to correct the data either via self-service forms or our customer service. With your up-to-date information, we can provide you you the best possible service.

Through contacting our customer service, you can cancel the consents that you have given, such as marketing consents. If the consent is related to using a particular service, you can cancel the consent in the manner described in the service in question.

You have the right to request us to remove the data that are no longer necessary for its purpose of use. We do our best to remove such data automatically, but if you, for one reason or another, notice outdated or unnecessary information in our processing, you can contact us.

You have the right to receive the data you have provided yourself if processing them is based on a contact between us or a consent you have provided. Services related to this are available as in-built properties but you can be in contact with us via customer service.

In addition, you can ask us to restrict the data processing in certain situations or object to their processing. We have aimed to describe all our processing in an open and comprehensible manner in this privacy notice.

Cancellation of consent

When we process your data exclusively based on the consent you have given, you have the possibility to cancel it if you change your mind. This can be done easily in the service you use or via OmaCSH Group / Augment. Please note, however, that this does not affect the data processing that is done before the cancellation of consent.

Right to appeal

Please contact us if you wish to make an appeal or present development suggestions about our processing of personal data. You can find the contact information on this page in the Contact Information section. You can make an appeal concerning data protection or processing of personal data to a supervising authority, such as the Data Protection Ombudsman in matters concerning other processing of personal data.