Visma Enterprise Oy Mobile app Privacy
Visma Enterprise takes security and privacy very seriously. We are ISO 27001 certified and run a private Bug Bounty program on hackerone.com. The collected data is used solely for the intended purpose and for improving the service, via statistics and usage analysis, no personal data is sold to any third party.
What data we collect
The collected data includes the pictures you take or pick from gallery and PDF attachments that you want to attach to travel claims as receipts. The pictures that you have taken or files selected as attachments will not be sent to our service until you click the “send attachments” button. Camera is also used to handle QR code reading which can be used to login the mobile app.
While using the “Journeys” function, your device collects data about your phone location and route. When you send data to the M2 server, only the journey’s time, length as well as starting- and endpoints of the route, location of the stops and their addresses are shown on the kilometre claim. All data is treated according to Finnish law and used only accordance with the agreement made with your employer.
Force to follow roads feature
By enabling the “Force to follow roads” -setting in the app, you consent to send your route information anonymously to Google Snap to Road API. Google returns the enhanced route back to the App. You may turn the setting off whenever you want, if you want to use only GPS raw data without enhancing it with Google Snap to Road API.
You are, at any time, able to disable the location data or camera access from the application settings in iOS and Android 6.0 or later, thus disabling “Journeys” function or camera functions.
Android specific permissions
android.permission.ACCESS_FINE_LOCATION, CAMERA, WRITE_EXTERNAL_STORAGE, FOREGROUND_SERVICE, VIBRATE, INTERNET
IOS specific permissions
Privacy - Location, Location Always, Location When In Use, Camera, PhotoLibraryAddUsage, PhotoLibraryUsage, MotionUsage
What it's not used for
We do not sell your personal information to anyone, ever.
Our app security measures include but are not limited to:
HTTPS -protocol using TLS with the most secure algorithms
Data centre location
All your data will be stored in Finland and Finland only. No data will be sent outside of EU/ETA. Anonymous location information is sent to Google Snap to road API from M2 App if “Force to follow roads” setting is enabled in the App.
Third party libraries
Android apps use a third party library called Zxing, under Apache 2.0 license.
Detailed up to date list of used libraries is listed in the Apps.