Hero image for the mobile version of UpCloud's website
Hero image for UpCloud's website

Marketing Privacy Notice

Last updated: 11 August 2025

Data Controller

UpCloud Oy (later referred to as “UpCloud”, “we, “us”)

A limited liability company registered in Finland with the business ID: 2431560-5
Address: Aleksanterinkatu 15 B, 7th floor, 00100 Helsinki, Finland
upcloud.com

Contact person:
UpCloud Support Team, email: [email protected]
UpCloud’s Data Protection Officer, email: [email protected]

Introduction

This  Privacy Notice informs you why and how we process your personal data and how we respect your privacy in our marketing practices. This Privacy Notice applies to you if you are a potential customer identified by UpCloud (e.g. by having expressed interest in our services through any engagement like attending a webinar or downloading a whitepaper), or if you are a representative of a potential customer whose contact details we have gathered from public sources (“Prospect Customer”, “you”).

This Privacy Notice only covers personal data processing carried out by UpCloud. This Privacy Notice does not address, and we are not responsible for, the privacy practices of any third parties. This applies also in cases where our services or websites include hyperlinks to third parties’ websites.

For information about how we process personal data of our customers, service users, partners and visitors, please refer to our general Privacy Notice here.

PERSONAL DATA PROCESSING

Personal Data We Collect & Data Sources

We are continuously prospecting new customers and generating sales leads. We may create profiles of Prospect Customers and contact them to provide relevant information about our services, to schedule meetings, or to invite them to a webinar or event hosted by UpCloud. For this purpose, we processed the following personal data:

(i) Basic contact details of Prospect Customer and/or their representative(s), such as name, email address, job title, company name; country; 

(ii) Any communications and interaction between us, such as marketing messages or contact requests; 

(iii) Your interest in and/or participation to our webinars or events, and the information you may provide to us in connection with the registration, for example any dietary requirements.

We collect this information:

(i) From you directly (e.g. when you submit a contact request form); 

(ii) through your interaction with us or UpCloud website (e.g. when you download a whitepaper, or open our newsletter); 

(iii) From publicly available resources, such as LinkedIn; or 

(iv) From our external service providers who generate sales leads; 

(v) Using data enrichment tools which enhance existing data by incorporating additional information from external sources.

In addition, we may process virtual meeting recordings, including video and/or audio, with your prior consent.

Purposes of the processing:

We process personal data of Prospect Customers to sell, market and promote UpCloud services, and to improve our brand reputation and recognition. We may create profiles of Prospect Customers by ranking them based on their interest in various topics relevant to UpCloud, such as data security or certain product features. The ranking of Prospect Customer profiles is influenced by interactions with UpCloud website (e.g. downloading a whitepaper, submitting a contact request form), communications with UpCloud (e.g. opening a newsletter), registration to webinars or events hosted by UpCloud, and input by UpCloud sales and marketing teams. The processing does not involve automated decision-making. To improve the efficiency of our communications, we may use artificial intelligence (AI) during video meetings to analyse conversations with your prior consent. AI may also be used to assist in drafting messages to Prospect Customers. 

Legal grounds for processing:

The above described processing of personal data is based on 

(i) our legitimate interests to sell, market and promote our services and brand. 

(ii) In some cases we will ask your consent for processing (e.g. sending non-essential cookies to your browser or when using AI in virtual meetings).

International Transfers

We store the personal data primarily within the European Union (EU). However, we may transfer the personal data outside the EU or European Economic Area (EEA) in limited cases. This happens in the following cases: 

  1. We share the personal data with our affiliated companies that are located outside the EEA.
  2. We may share the personal data with our selected business partners located outside the EEA if it is necessary for preparing a joint proposal, managing the Prospect Customer relationship, or promoting our complementary service offering.
  3. When we use external service providers or vendors that are located outside the EEA to support our operations. 

If we transfer personal data outside the EEA, we take steps required by law to ensure that your privacy is protected. This includes us requiring our service providers and vendors to enter into binding contractual commitments with us designed to protect your data and the evaluation of the information security measures undertaken by such service providers and vendors. When we share personal data outside the EEA, we rely on either the Standard Contractual Clauses approved by the EU Commission or EU Commission’s Adequacy Decision, depending on the transfer location. All UpCloud group companies regardless of their location follow the same information security management system that is designed to ensure high level of security and confidentiality of UpCloud’s information assets.

How We Share Personal Data

We may share the personal data with third parties in the following circumstances:

  • UpCloud group companies

Your personal data may be shared with or accessed by UpCloud group companies as part of running our business. UpCloud group companies may use your personal data for the purposes defined in this Privacy Notice to enable internal collaboration between our group companies, such as sales and marketing activities, Prospect Customer relationship management, and the management of our internal IT systems.

  • For joint events and webinars

From time to time, UpCloud collaborates with partners to deliver content at joint webinars and events. When you choose to register for one of these co-hosted events, we may share your contact information with the named event partner to facilitate logistics and communication. 

  • For legal compliance

We may share personal data with third parties to comply with our legal obligations such as responding to lawful requests from public authorities or law enforcement or meeting the requirements of applicable laws and regulations. Where possible, we will inform you in advance of such disclosures

  • For other legitimate reasons

In case that UpCloud undertakes efforts to engage in a business transition like a merger with or acquisition by another company, or sale of all or part of its assets, we may disclose or transfer relevant information we have, including personal data, to the prospective sellers or buyers in the transaction.

  • With your explicit consent

We may share personal data with third parties for other reasons than the ones mentioned above when we have your explicit consent to do so. You have the right to withdraw this consent at all times.

All of our affiliates and third-party service providers are required to take appropriate security measures to protect your data and they may only process personal data for the purposes mentioned in this Privacy Notice and in accordance with our instructions.

Retention

We retain the personal data for as long as you remain a potential customer of UpCloud. We review our Prospect Customer database regularly to ensure that the personal data remains relevant and accurate.

Your Rights

You have always the right to:

  1. Obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data.
  2. Request an electronic copy of the personal data for portability.
  3. Have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have collected about you corrected or completed.
  4. Request restriction of processing of your personal data in the circumstances referred to in Article 18 of the GDPR.

You have also the right to:

  1. Request erasure or deletion of your personal data. UpCloud will always respond to your request and inform you whether your personal data will be deleted, or retained despite your request, including reasoning behind the retention.
  2. Withdraw your consent at any time, where the processing of your personal data is based on your consent.

Where the processing of your personal data is based on UpCloud’s legitimate interest, you have the right to:

  1. Object to the processing of your personal data in the circumstances referred to in Article 21 of the GDPR.

Please note that if you request deletion of or restrictions to the personal data we process about you, we may no longer be able to contact you regarding our services or offer you relevant information.

How to use the rights

If you want to make a request to exercise any of the above rights, please contact UpCloud Support Team at [email protected]. Please include the following information to your request: the full name, company name (if applicable), address, e-mail address, and phone number.

When you exercise your rights, we may need to request additional information from you to verify your identity. This is a security measure to ensure that we do not disclose personal data to any person who does not have the right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded.

Direct marketing

Notwithstanding any consent granted beforehand for the purposes of direct marketing, you have the right to opt-out of receiving electronic direct marketing communications from us by using the unsubscribe possibility offered in connection with any direct marketing messages.

Lodging a complaint

You have the right to make a complaint at any time to the supervisory authority in your country of residence. List of the EEA supervisory authorities can be found here. The relevant supervisory authority overseeing UpCloud Oy is The Finnish Data Protection Ombudsman. We would, however, appreciate the chance to deal with your concerns before you approach any supervisory authority. 

Security

We have physical, technical, and organisational measures and procedures in place to safeguard and secure the personal data we collect and process. The measures include, for example, where appropriate, encryption, firewalls, secure facilities and managing access rights to systems. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, and availability. We regularly test our websites, data centres, systems, and other assets for security vulnerabilities.

Updates

We may update this Privacy Notice from time to time by publishing a new version on our website. If we plan to introduce material changes, we will inform you about it in advance.

Questions or Concerns?

If you have any questions about this Privacy Notice or the way UpCloud processes your personal data, please contact UpCloud’s Data Protection Officer at [email protected].

Back to top