Privacy Policy

Date: July 6th, 2021

Version: 1.4

Bitwards Oy ("us", "we", or "our") operates Bitwards Access Platform that contains the Bitwards Cloud Service ( and the Bitwards Mobile Applications (hereinafter the "Service").

This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Service.

We will not use or share your information with anyone except as described in this Privacy Policy.

We use your Personal Information for providing and improving the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

General Description of the Service

The Bitwards Mobile Application (hereinafter "App") allows you to access Spaces, open Locks, Lockers or Cabinets, use various electronic Devices and authenticate in Access Control Readers (hereinafter "Resource"). Your Access Rights (hereinafter "Rights") are issued and managed in the Bitwards Cloud Service (hereinafter "Cloud Service"), which sends the issued Rights to the App on your mobile device (hereinafter "Mobile") once you sign in. To sign in, you need to register to an account (hereinafter "Account") in the Service with the invitation link sent to your email or SMS. You need to be signed in to the App to use your Rights. When you sign out, the Rights will be deleted from your Mobile.

Only registered users can use the App and the Service. The invitation to the Service is created by an Account administrator and is sent to you via email or SMS. During the registration we ask you to type your name and mobile phone number. This information is used to help the Account administrator in finding you within the Cloud Service, assigning you correct Rights and ensuring the quality of the overall Service. Additionally, you may give your address and phone number, however, this information is not mandatory but it can be used to provide faster and more personal support and service.

Once you sign in, the App will synchronize your Rights with the Service and list all your accessible Resources on a list in the App. You may then access your desired Resources by selecting the correct Resource from the list on the App. After the synchronization, the Mobile does not need real-time Internet connection during the accesss to the Resources.

Depending on the type of Resource, the App uses the Bluetooth and/or NFC radio of your Mobile to communicate with the Resource. In order to access, you need to allow the App to use the Bluetooth and NFC radio of your Mobile and they must be switched on in your Mobile. When you activate your Bluetooth, the App will display all visible Resources in your vicinity.

The Resources also have a geolocation, which allows the App to display them on a map. In order to always display the Resources nearest to your current location, you need to give the App the right to use your current location. The location information is only used for improving usability of the App and the Service.

During the access to a Resource, the App exchanges data between the Cloud Service and the Resource in the background. This data is used to maintain the Service and it also collects the logs of all granted and denied accesses. This log data can be viewed in the Cloud Service by the Administrator of your Account owner. You can also view your personal access history for each Resource in the App.

What are your data protection rights?

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access - You have the right to request us for copies of your personal data. We may charge you a small fee for this service.

The right to rectification - You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.

The right to erasure - You have the right to request that we erase your personal data, under certain conditions.

The right to restrict processing - You have the right to request that we restrict the processing of your personal data, under certain conditions.

The right to object to processing - You have the right to object to our processing of your personal data, under certain conditions.

The right to data portability - You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you would like to exercise any of these rights, please contact us at our email:

Information Collection & Use

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to, your email address, name, phone number (hereinafter "Personal Information"). You will be prompted to set a password to login to the Service. This password is not visible to any other person and is stored in encrypted format in the Service.

Log Data

We may also collect information that your browser sends whenever you visit our Service or when you access the Service with a Mobile device (hereinafter "Log Data"). This Log Data may include information such as your computer’s Internet Protocol ("IP") address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics related to the use of the Service.

When you access the Service by or through a mobile device, this Log Data may include information such as the type of Mobile you use, your Mobile operating system and version, the version of the App used and other statistics related to the use of the Service.


Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.

We do not use cookies to collect information but links to other web sites may contain cookies. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may have restricted access to these external web sites.

Service Providers

We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used.

These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Compliance with Laws

We will disclose your Personal Information where required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.

Business Transaction

If Bitwards Oy is involved in a merger, acquisition or asset sale, your Personal Information may be transferred. We will provide notice before your Personal Information is transferred and becomes subject to a different Privacy Policy.


The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

International Transfer

Your information, including Personal Information, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

If you are located inside the European Union (EU) and choose to provide information to us, we retain and process your information within the EU.

Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children’s Privacy

We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your Children has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a children under age 13 without verification of parental consent, we take steps to remove that information from our servers.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us at