• How to use the “Locations of Data and Systems” -template?

    Identify the related systems and data sources from the API Canvas “Key resources” and “Key partners” sections. Put them in the template according to geographic and network locations. This helps to understand where the systems are situated and what are the geopolitical requirements.

    In this stage, the goal is to discover

    • integration architecture requirements

    • legal and geopolitical requirements and considerations

    1. Interview the process owners and/or the owners of the current systems, information architect or solution architects who know the domain and the related systems.

    2. Fill in the template names of systems to the correct location in the “map”.

      • I.e. if the CRM system is related to the APIs in the API Canvas and it’s located in the local network, write it in the left bottom box.

      • If the CRM system is providing APIs, for example for searching customers and creating and updating them, then mark it in the “Provider” box.

      • If it is consuming APIs from other systems, mark the names of those APIs or those systems to the “Consumer” box.

    3. Put applications that are accessible by partners to the “Partner network” boxes. Partners in this context mean customers, vendors, subcontractors, anyone with an agreement and access, typically via VPN, IP restrictions or specific partner user account but only to certain systems or parts of the network.

    4. If some systems are accessible only from a certain country (country-specific organization or actually restricted by location) mark them to “Country-specific network” and also note which country or geopolitical area they can be accessed from e.g. Finland, EU, EEC).

    5. Put systems and data that can be accessed from anywhere in the world and in public internet to the “Different locations globally”. It’s important to know if this means that the systems are located in multiple locations, if the same data and services need to be read fast from different locations or if different locations have and can have different systems and data, even data models.

    6. If there are multiple systems or if the situation is otherwise very complex, use multiple templates, or better yet, write a short description and possibly a network diagram of the situation

    7. Check you have also marked the API Consuming applications in their correct places, at least those someone already knows about but also those in the near future. It’s almost always safe to assume there will be users accessing the API from at least public internet and company networks.

  • What are legal, and regional and networking requirements?

    Knowing where data and systems exist and where they can be accessed from is important to know especially for data handling.

    There are lots of privacy and other requirements related to specific countries or geopolitical areas.

    For example, the Finnish social security number should not be seen or used outside the European Union area and data related to Russian citizen needs to be mastered inside Russian borders. Similar legislation exists also in other countries. There may also be a trade or national security requirements related to routing, storing or handling data in certain areas.


    Response time and latency

    What is the maximum amount of time the API consumer can wait for a response to any request? What is the expected response time for API so they can keep their customers using their system?


    Technical background
    • Estimating response time requirements is a combination of capacity, network locations, and API consumer requirements.

    • Some API consumers are more sensitive to response times and there is more latency if the systems are far away from each other and there are multiple systems involved.

    • Also if there is a huge amount of traffic and the requests and responses are big and take lots of processing, the response times are going to be longer.

Privacy policy
When you browse our website, we automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. 

With your permission, we may send you emails about our site, new services, events and other updates.
How do you get my consent? 
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only. 
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent? 
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at [email protected]
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
Our website is hosted on Strikingly Inc., a Delaware, US based company. They provide us with the website platform including the subscription and web form data you submit to us.
Your data is stored through Strikingly’s data storage, databases and the general Strikingly application. They store your data on a secure server behind a firewall. More information can be optained from their Privacy policy https://support.strikingly.com/hc/en-us/articles/214364818 
We use Google’s application suite for email, documents and calendar and Campaign monitor for sending email campaigns. We only allow dedicated personnel to get access to these systems. Emails sent to our general email [email protected] are also stored in PlanMill, our ERP system, for customer service and archiving.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. 
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. 
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. 
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. 


When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. 

You are asked separately for accepting cookies on the site.
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. 
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at [email protected]