Centero privacy policy

1. Introduction

At Centero, we’re committed to protecting and respecting your privacy. This policy explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others, how we keep it safe and secure and your rights and choices in relation to your information.

Services to which this privacy policy applies to:

  • Master’s Thesis study on 3rd party application patch management on Windows environments

We encourage you to read the policy notice carefully and contact us with any questions or concerns about our privacy practices via email to or by writing to:

Centero Oy
Data Protection Officer
Yliopistonkatu 28E
40100 Jyväskylä

2. Who we are?

We are Centero, Finnish-based agile IT service provider dedicated to help organizations endpoint management and cloud technologies.

In this policy ‘Centero’, ‘we’, ‘us’ or ‘our’ means:

  • Centero Oy (Finnish business ID: 2109868-4) registered to Yliopistonkatu 28E, 40100 Jyväskylä, FINLAND

Contact details for privacy protection issues via email to or directly to our Data Protection Officer:

  • Juha Haapsaari (

3. How do we collect information from you?

We obtain information about you in the following ways.

3.1. Information you give use directly

Filling the Master’s Thesis study on 3rd party application patch management on Windows environments survey.

4. What information do we collect?

The personal information we collect, store and use include:

  • Your name and contact details (including email address, telephone number, postal address)
  • Any other personal information shared with us

We do not collect any sensitive personal information in special categories (like race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, sex life or sexual orientation).

5. How and why your information is used?

We may use and process your information for different purposes, which may include:

  • Providing you with the summary of the study results
  • Keeping a record of your relationship with us
  • Performing analysis and market research so we can understand how we can improve our services, products or information
  • Internal research and development purposes
  • Carrying out polls and surveys
  • Sending you communications which you have requested and that may be of interest to you. These may include information about campaigns, activities and promotions of our products and services

6. How long is your information kept for?

We keep your information for no longer than is necessary for the purpose it was collected for. The length of time we retain your personal information for is determined by operational considerations.

We review or retention periods on regular basis. You can request information about your collected personal information or request removal of your personal information from

7. Who can access your information?

We do not sell or rent your information to third parties. We also do not share your information with third parties for marketing purposes.

7.1. Third parties working on our behalf

Our selected 3rd party service providers, suppliers, agents, subcontractors and other associated organizations can have access to your information for the purpose of administering the platform for us. However, when we us these third parties, we have a contract in place that requires them to keep your information secure and prevents them from using it for their own purposes.

Third parties related to this privacy policy are:

3rd party name Purpose / reason Role Other information
Survey Monkey Survey provider Data processor
ActiveCampaign, LLC Marketing registry and marketing communications Data processor
Microsoft CRM service provider Data processor
Zapier Data synchronization Data processor
PieSync NV Data synchronization Data processor


We may transfer your personal information to a 3rd party as part of a sale of some or all of our business and assets to any 3rd party or as part of any business restructuring or reorganization, or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our staff, supporters, customers, users of the website or others. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.

8. What legal basis do we have for processing your personal data?

Data protection law requires us to rely on one or more lawful grounds (legal basis) to process your personal information. There are different lawful grounds for collecting personal information. We consider the following grounds to be relevant to this privacy policy:

  • Consent
    Where you have provided specific consent to us using your personal information in a certain way, such as sending email to you, using cookies to collect information about your visit to our websites.

Consent given by you can be withdrawn and managed any time by contacting

9. Where do we store and process personal data?

As part of the services offered to you through this website, the information which you provide to will be transferred to United States. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy.

10. How do we secure personal data?

When you give us personal information, we task steps to ensure that appropriate technical and organizational controls are in place to protect it.

SSL encryption is used on our 3rd party services to make sure that information given is always protected.

Information given us using other methods (such as email, social media, written letters etc.) are transmitted or delivered in ways that we cannot guarantee to be 100% secure. Therefore, even we have steps in place to keep your information secure, you send the information at your own risk. Once the information is received by us, we make our best effort to ensure its security on our systems.

We, or our 3rd party service providers, have implemented protection against accidental loss of data with regular backup of data.

Access to your personal information requires authentication and authorization.

11. Use of automated decision-making and profiling

We may analyse your personal information to create a profile of your interests and preferences so that we can tailor and target our communications in a way that is timely and relevant to you. We may make use of additional information about you when it is available from external sources (such as social media etc.) to help is do this effectively.

You can always opt out of your information used for decision-making, profiling or marketing communications by contacting

12. Your rights

You always have rights to personal information that we hold for you. Here are the rights that apply to this privacy policy:

12.1. Right of access

You have right to request access to the personal data we hold for you. You also have right to request copy of the information we hold about you, and we will provide this information to you unless legal exceptions apply.

12.2. Right to rectification

You have right to have inaccurate or incomplete information we hold about you corrected.

12.3. Right to restrict processing

You have right to request us to restrict processing of some or all your personal information if there is a disagreement about its accuracy or we are not lawfully allowed to process it.

12.4. Right to erasure

You have right to request us to delete some or all your personal information, and we will anonymize or delete this information unless legal or contract exceptions apply. When possible, we anonymize requested information rather than delete it.

12.5. Right to data portability

You have right to request your personal information to be provided in machine-readable form when we are processing (using automated means) your personal information based on your consent or in order to enter or carry out a contract with you.

12.6. Right to object

You have right to object processing of your information when we are using it for direct marketing or for statistical/research purposes.

If you want to exercise any of the above rights, please email us at or in writing to Centero Oy, Data Protection Officer, Yliopistonkatu 28E, 40100 Jyväskylä, FINLAND. We may be required to ask more information and/or provide evidence of identity. We are dedicated to respond fully to all request within 30 days of receiving of your request, however if we are not able to do so we will contact you with reasons for delay.

You also have right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that processing of your personal data infringes GDPR regulation.

13. Use of cookies

3rd party service provider uses cookies on their websites to recognize you when you fill the survey. Cookies are small pieces of information stored to your device. For example, cookie can contain information about your device geographical location or consent you have given to us. This helps us to deliver a better and more personalized service when you browse our websites.

You can switch of cookies by setting preferences on your browsers. Switching cookies of may result loss of functionality when using our web site. For detailed information about cookies, see 3rd party cookie policy on

14. Changes to this policy

Any changes we may make to this policy in future will be available on this website so please check this page when you take the survey to ensure that you agree with any changes.