From our legal department

Website Privacy Policy

This document describes the Privacy Policy ("Policy") for websites under the domain ("Websites", "Sites"). Pondenome Oy, doing business as evidenceAI, takes the privacy of our site visitors, clients, and partners very seriously and is committed to transparent and ethical practices regarding processing of Personal Data, as well as the storage and use of proprietary data. This Policy specifically outlines our practices regarding the processing and storage of Personal Data, as defined by the General Data Protection Regulation (GDPR) of the European Union. We've tried to keep this Policy short and sweet but still provide comprehensive information and make it understandable for people with little technical background (not an easy feat). This document wasn't written by lawyers, but we've tried to conform to legal traditions, especially the capitalization of terms having special meaning.

Processing of Personal Data

As is the case in any website you visit, certain data is transmitted to the server that handles your web requests. We have taken steps to minimize the amount and type of data that is collected and retained, as well as how long it is retained. Nonetheless, in order for the Sites to function securely and to provide a nice user experience, we process some information which may constitute Personal Data. This section clarifies what Personal Data we process.

What information do we collect about you?

We process the following categories of information which may qualify as Personal Data:

  • Internet Protocol (IP) address
  • Browser User Agent (i.e. some technical details about the browser you are using)
  • Patterns about the individual pages in our Websites that you visit, such as the order of pages and time spent on each page
  • Info you submit through our contact form, including name, email address, and any data you choose to include in the message itself

Why do we collect this information?

The general purpose of collecting the above-described information is to learn about how visitors of our Websites use the Sites, in order to continually improve their overall design and content. Also, we operate our Websites as a means to generate client leads, so some of the above information may be used for such purposes. Lastly, we may use the above info for security purposes, such as blocking certain IP addresses from visiting our Websites, as unfortunately there are nefarious actors out there who might try to abuse our Sites.

How specifically do we use this information?

The following section describes specifically how we may use each of the categories of Personal Data we process:

  • IP Address: Although an IP address does not necessarily identify you personally, and we do not generally aim to use IP addresses to personally identify our site visitors, there is a possibility it may be used to identify you, and therefore, we want to clarify why we may process and store this information. Primarily, we may store log files of the IP addresses of our site visitors in order to prevent abuse of our website, such as Denial of Service (DoS) attacks. We may also use IP addresses to give us a general sense of the region from which our visitors come. For example, we might be interested to know what percentage of visitors come from Finland vs. the United States. We only retain IP address data for a maximum of 90 days. After 90 days only an anonymized version of this data is retained(e.g.
  • Browser User Agent: This category includes technical details about the browser you are using to visit our Sites. We use this info to help insure browser compatability with as many different browsers as possible. We only retain IP address data for a maximum of 180 days.
  • Usage Patterns: This category includes patterns about how you navigate our Sites, such as the order of the individual pages that you visit, such as the order of pages and time spent on each page page. We use this information to improve the overall design and usability of our website. We only retain Usage Patterns data for a maximum of 180 days.
  • Contact Form Data: This category includes any info you submit through our contact form, including name, email address, and any data you choose to include in the message itself. We use this information to respond to your message and answer any questions you may have. We may store this information indefinitely, unless you request that we delete it.

With whom do we share this information?

In general, we aim to minimize the amount of Personal Data that we share with third parties, and we always do so in a transparent way and with your consent, as outlined in this Policy. Nonetheless, we do engage with some third parties as Data Processors in order to operate our Websites. We take steps to ensure all such third parties are bound by the same restrictions as outlined in this Policy, and we carefully select our service providers based on their commitment to privacy and security.

Like many companies that operate websites, we do not own the servers that run our Websites. Instead we engage with third parties to provide computing services, which allows us to achieve better reliability, scalability, and security monitoring at a lower cost. Our Websites are currently running on servers owned by Linode LLC, and they are physically located in Frankfurt, Germany.

We utilize a third-party form processing service, Getform, to handle submissions of our contact form. Contact form data is retained on Getform's server for a maximum of six months.

Data Security

How do we store this information?

In general, Personal Data that we collect is stored on servers that are restricted in access to only employees who have a need to access them. Contact form data are also delivered by email to employees responsible for following up on customer leads.

Your Rights

What are your data subject rights?

Under this privacy policy, you retain the following rights:

  • The right to access: You have the right to request for copies of your Personal Data.
  • The right to rectification: You have the right to request thtat we correct any information you believe is inaccurate or incomplete.
  • The right to erasure: You have the right to request that we erase your Personal Data, under certain conditions.
  • The right to restrict processing: You have the right to request that we restrict the processing of your Personal Data, under certain conditions.
  • The right to object to processing: You have the right to object to our processing of your Personal Data, under certain conditions.
  • The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

We aim to provide your with the maximum level of rights concerning your Personal Data. Under some circumstances, we may have a legitimate interest to process Personal Data despite your objections, such as preventing abuse of our Services.

How can you assert your rights?

If you wish us to take action concerning any of the rights listed above, please contact our Data Protection Officer, Rob Guinness, by the following methods:

Email: r o b <<dot>> g u i n n e s s <<at>> e v i d e n c e a i <<dot>> c o m

Mail:  Kes√§kodintie 67, 08500 Lohja, FINLAND


What are cookies?

Cookies are small text files placed on your computer to retain information about your site visit. More information about cookies is available from

When you visit our Sites, we ask for your consent to set a cookie on your computer. The sole purpose of this cookie is to help our analytics engine distinguish between different site visitors. If you choose not to consent to the use of cookies, we not place any cookies on your computer.