top of page

Your Privacy and Security Matters

Privacy Policy

Introduction

 

Welcome to urakka.app. Your privacy is important to us, and we are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our website or use our services. By using our site, you agree to the processing of your personal data in accordance with this Privacy Policy.

 

Information We Collect

 

We may collect personal data in the following ways:

 

  • Directly from you: We collect information when you register for our service, subscribe to our newsletter, fill out forms, or contact us.

  • Automatically: We collect certain data automatically through cookies and other tracking technologies when you visit our website.

  • From third parties: We may receive information about you from third-party services such as social media platforms, advertising partners, and analytics providers.

 

The information we collect may include your name, email address, phone number, IP address, username and password, payment details, and any other data necessary to provide our services.

 

How We Use Your Information

 

We use your personal data for the following purposes:

 

  • To provide and maintain our services: Your data helps us operate, support, and improve our services.

  • Customer support: We use your information to respond to inquiries, resolve issues, and offer better support.

  • Marketing and communication: We may send you updates about our products, services, promotions, news, and events.

  • Personalization: We use your data to tailor content and services to your preferences, such as recommending relevant products.

  • Analytics and research: We analyze user behavior to enhance our website and service experience.

  • Legal compliance and protection: We may use your data to comply with legal obligations, protect our rights or the rights of others, and prevent fraud or misuse.

 

Data Sharing

 

We do not sell, rent, or share your personal data with third parties without your consent, except in the following situations:

 

  • Service providers: We may share your data with third-party providers who perform services on our behalf, such as payment processing, analytics, marketing, or customer support.

  • Legal requirements: We may disclose your data if required by law, legal process, or at the request of authorities.

  • Business transactions: If our business is involved in a merger, acquisition, or other corporate transaction, your data may be transferred to the new owner.

 

Data Security

 

We are committed to protecting your personal data and use appropriate technical and organizational measures to prevent loss, damage, unauthorized access, or misuse. However, please note that no internet transmission is completely secure, and we cannot guarantee absolute security.

 

Cookies

 

We use cookies and similar tracking technologies to enhance your user experience, deliver personalized content and ads, and analyze site traffic. You can manage your cookie preferences through your browser settings.

 

Your Rights

 

You have the right to access, correct, delete, or restrict the processing of your personal data. You may also object to the processing of your data and request data portability. To exercise these rights, please contact us using the information provided below.

 

Changes to This Privacy Policy

 

We reserve the right to update this Privacy Policy at any time. Changes will take effect immediately upon posting the updated version on this page.

Registry

1. Name of the Register

 

This register is maintained by Urakka.app Software Oy (hereinafter “Urakka.app”) and consists of the following sub-registers:

 

  • Customer register

  • Project database

  • Recruitment applications

  • Other registers related to online surveys

 

2. Data Controller

 

Urakka.app Software Oy

www.urakka.app

 

3. Responsible Person for Register Matters

 

The person responsible for register matters is Mika Ketola.

 

His responsibilities include ensuring proper use of the register by:

 

  • Regularly reviewing user access rights

  • Ensuring appropriate data security measures (including security updates)

  • Providing adequate user instructions for register handling

 

4. Contact Person for Register Data

 

The contact person for register data is also Mika Ketola.

 

He is responsible for maintaining user access rights, providing information about the register, and informing customers of their rights to review and update their data.

 

5. Purpose of the Register

 

The register contains information about Urakka.app's clients and partners—both individuals and companies—for maintaining business relationships.

 

It is used for the delivery of services to clients and partners. The data may also be used for marketing and communication towards companies and individuals. Anonymous usage data may be used for research and statistical purposes.

 

The register is also used for project management, processing recruitment applications, and for other information collected through online forms related to our operations.

 

6. Information Contained in the Register

 

The register may include the following data:

 

  • First and last names

  • Job titles

  • Company or organization name and department

  • Address information

  • Phone and mobile numbers

  • Email addresses

  • Website URLs

  • Target language

  • Customer history, log data

  • Recruitment application details

  • Attachment information

  • Additional information submitted via online forms

 

The register consists of multiple parts, and not all data fields are present in every sub-register.

 

7. Sources of Data

 

Data is collected directly from customers: companies, organizations, and individuals. In addition, public databases may be used as sources.

 

8. Principles for Disclosure of Personal Data

 

Personal data will not be disclosed to third parties except as permitted by applicable laws. Data is stored both within and outside the EU/EEA in secure data centers. Urakka.app has contracts with all service providers and data processors to ensure compliance with the EU General Data Protection Regulation (GDPR). Anonymous data (excluding names and identifiable information) may be used for research purposes.

 

9. Use of the Register

 

The register is accessed, maintained, and modified by authorized personnel of Urakka.app. Access is strictly limited and requires personal credentials. User access is granted upon authorization and revoked when employment ends or the employee’s role changes within Urakka.app.

 

10. Relation to Other Personnel Registers

 

This register is for the exclusive use of Urakka.app. Updates are based on information provided by customers or publicly available sources.

 

11. Data Security

 

All data in the register is used solely by Urakka.app. Several service providers host and store the register on secure servers located in protected facilities with no unauthorized access.

 

12. Data Retention, Archiving, and Deletion

 

Data in the register is retained based on its intended use. There is currently no archiving in place.

Data Processing Agreement (DPA)

1. Parties to the Agreement

This Data Processing Agreement (“DPA”) is entered into between the following parties:

 

  1. Urakka.app Software Oy (“Processor”), acting as the data processor.

  2. [Customer] (“Controller”), who determines the purposes and means of processing personal data.

 

2. Purpose and Nature of Processing

2.1 The Processor processes personal data in order to provide the Urakka.app service according to the purposes defined by the Controller.

2.2 The processing includes data storage, analysis, and use of artificial intelligence functionalities.

 

3. Types of Personal Data and Categories of Data Subjects

3.1 The processed data may include usernames, contact details, tasks, and documents stored by the Controller in the service.

3.2 Data subjects may include the Controller’s employees, customers, or other designated users.

 

4. Processor’s Obligations and Limitation of Liability

4.1 The Processor shall only process personal data in accordance with the Controller’s documented instructions.

4.2 The Processor is not responsible for the legality of the personal data processing. Legal responsibility lies solely with the Controller.

4.3 The Processor’s liability is limited to a maximum amount equal to the service fees paid during the three (3) months preceding any claim.

 

5. Subprocessors and External Services

5.1 The Processor uses subprocessors for data processing purposes, including Google Cloud Platform and AI technologies such as OpenAI GPT.

5.2 The Controller agrees to the use of these subprocessors. The Processor ensures that all subprocessors comply with GDPR requirements.

5.3 An up-to-date list of subprocessors is available upon request.

 

6. Data Security

6.1 The Processor implements appropriate technical and organizational measures to protect personal data, including encryption, access control, and data backups.

6.2 The Controller is responsible for the secure management of user credentials and passwords.

 

7. Data Breaches

7.1 The Processor will notify the Controller of any personal data breach without undue delay.

 

8. Data Retention and Deletion

8.1 Personal data is retained in the service for the duration of the contractual term.

8.2 Upon termination of the agreement, the data will be permanently deleted within three (3) months unless otherwise required by law.

 

9. Data Access and Audit Rights

9.1 The Controller may request information about the Processor’s data handling and security practices once per year.

 

10. Governing Law and Dispute Resolution

10.1 This DPA is governed by the laws of Finland.

10.2 Any disputes shall be resolved in the District Court of Helsinki.

General Terms and Conditions

Acceptance of Terms

 

By using the Urakka.app service, the customer accepts the current general terms and conditions, the user account terms of use, and the Data Processing Agreement (DPA) in accordance with GDPR. The Provider reserves the right to unilaterally amend these terms by notifying the customer at least 60 days before the new terms take effect.

 

Software, License, and Intellectual Property Rights

 

The software is provided to the customer “as is” and is used via the Provider’s cloud services. It is not downloadable or available for independent use.

 

The customer is granted a license to use the Urakka.app software as agreed in this and all related agreements. The license remains valid during the contract term, provided there are no overdue payments owed to the Provider.

 

No copy, part, or source code of the software is ever transferred to the customer. The customer accesses the service through a license-based cloud platform. All intellectual property rights (IPRs) remain with their original owners and cannot be transferred through this or any other agreement.

 

Use of AI and Tokens

 

AI usage within Urakka.app refers to all functionalities powered by artificial intelligence, such as translations, task creation, and other AI-based features. Usage is tracked using tokens—units of text processed by the AI. A token may be part of a word, a full word, a space, or a symbol, generated from both input and AI output.

 

Token usage is monitored at the organization level and pooled by user accounts. This means unused tokens by one user may be used by others in the same organization during the same month.

 

Organizations can view AI usage statistics monthly in the Urakka.app application. If the monthly token limit is exceeded, the excess will be billed separately according to the current pricing. All AI-based functions are subject to these limitations.

 

The Provider reserves the right to immediately change the limits, quantities, and pricing related to AI usage if any changes occur in the pricing or terms from the third-party AI provider. The customer will be informed of such changes without delay.

 

Responsibility for Software Use and Downtime

 

The customer is responsible for acquiring the devices, internet connection, and other technical requirements necessary for using the software.

 

The Provider is not liable for any direct or indirect damages caused by service downtime, such as lost revenue, data loss, or business interruptions. The Provider’s total liability is limited to the amount paid by the customer for the software during the past three (3) months.

 

Billing Cycle

 

The Provider bills ongoing contracts monthly unless otherwise agreed. Fixed-term contracts (12–48 months) are invoiced annually. In each case, the Provider invoices at the beginning of the contract or billing period.

 

Suspension of Service Due to Late Payments

 

The Provider has the right to suspend the service and block customer access if an invoice remains unpaid for more than thirty (30) days.

 

Reactivation requires full payment of all overdue invoices, including late fees, as well as a reactivation fee of €125 (VAT 0%). The reactivation fee must be paid before access is restored.

 

The Provider is not liable for any damages resulting from the suspension of the service.

 

Termination

An ongoing (non-fixed-term) contract may be terminated by either party with one (1) month’s notice, effective at the end of the next billing period.

 

A fixed-term contract may be terminated to end at the conclusion of the agreed fixed term.

 

Renewal of Fixed-Term Contracts

Fixed-term contracts are automatically renewed for one-year periods unless terminated at least two (2) months before the current term ends. The Provider commits to sending the customer a written reminder at least three (3) months before the contract period ends.

 

Customer-Specific Modification Requests

The software’s functionalities, interface, and features are standardized for all customers and are not typically customized.

 

If the customer requests changes—such as new features, interface adjustments, or integrations—the Provider may, at its discretion, choose to implement them. Such modifications must also benefit other customers and be feasible within the software’s current functionality and development roadmap.

 

The Provider reserves the right to decide independently on any changes to the software.

 

Customer Content After Termination

Upon request, customer content will be available for up to three (3) months after contract termination, after which the Provider has the right to delete the data permanently. After deletion, content cannot be restored.

 

The customer may request a copy of uploaded images, videos, or documents for an additional fee. The work is performed on an hourly basis and invoiced according to the Provider’s training and support service rates.

 

Discontinuation of Software Development or Maintenance

The Provider reserves the right to discontinue software development or maintenance in whole or in part, by giving written notice at least six (6) months in advance. The Provider ensures continued access to the software until the end of the notice period, after which it is no longer obligated to provide the software or related support services.

 

Data Security Responsibility

The Provider is responsible for ensuring the software complies with GDPR data protection requirements.

 

The customer is responsible for the security of their own users, including proper management of usernames and passwords, and preventing unauthorized access.

 

The Provider is not responsible for internal data security breaches within the customer’s organization, including misuse or data leaks.

 

Assignment of Agreement

The Provider has the right to assign this agreement in full or in part to a third party by notifying the customer in writing at least sixty (60) days in advance. If the assignment involves significant operational or financial changes, the Provider will inform the customer accordingly.

 

The customer may not assign the agreement to a third party without written permission from the Provider.

 

Amendments to the Agreement

Amendments to this agreement are only binding if agreed upon in writing and signed by both parties. No verbal agreements are valid.

 

Reference Rights

The Provider has the right to use the customer’s name in its own marketing materials. The Provider may also describe the content delivered to the customer in general terms.

 

Pricing and Index Adjustments

The Provider reserves the right to adjust service prices by notifying the customer at least 60 days in advance. The customer may continue using the service under the new prices without modifying the service agreement. For fixed-term contracts, the new prices will take effect after the current contract term ends.

 

Signatures

This agreement is signed electronically between the parties. The customer may also begin using the Urakka.app software independently through registration, in which case these terms are accepted during the sign-up process and no separate signature is required.

bottom of page