Privacy Policy

1. DATA CONTROLLER

LoupeDeck Oy (2769529-5)

Museokatu 8 A, 00100 Helsinki

This Privacy Policy applies to LoupeDeck’s processing of personal data in connection with LoupeDecks products and services.  If you have any questions related to data protection and processing of personal data at LoupeDeck, you can contact our data protection officer at support@loupedeck.com/de.

2. WHY DO WE PROCESS YOUR PERSONAL DATA?

We process your personal data for the following purposes:

Providing LoupeDeck Online Store

When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, e-mail address and phone number, as well as data related to your purchase, such as order information and delivery details.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. More information regarding data collection with using our online store is provided in the section 8 of this privacy Policy.

Marketing our products and services and Communications

If you order our products or consent to our marketing communications, we may occasionally send you e-mail about our online store, new product and other updates related to our products and services. You can also subscribe to our mailing list at our websites by providing us with your e-mail address. You can opt-out from these e-mails by clicking the “unsubscribe” button at the bottom of these e-mails or contacting us at support@loupedeck.com/de.

In addition, we may send you certain customer communications and transactional messages that pertain to your purchases or agreements with us, or other communications that we are otherwise legally required to bring to your attention.

Information about your interaction with LoupeDeck’s customer support.

LoupeDeck user accounts and custom profiles

We collect personal data in connection with LoupeDeck user accounts and custom profiles. LoupeDeck customers may create either an ordinary user account or a developer account.

For user accounts we collect information such as user account information including your username, and data on functionalities such as user actions and adjustments saved on your profile.

For developer accounts we may process also additional information related to your role as a developer and relative to the content provided by you to us.

LoupeDeck Software

In connection with the LoupeDeck Software, we collect anonymous technical data from your computer, from your LoupeDeck products and the software. When you download LoupeDeck Software, you accept the terms and conditions of LoupeDeck End-User Licence Agreement (EULA).  We ask for your explicit consent to the collection of telemetry data or, to the extent that such limited data is de-identified and processed in an anonymised manner, we will notify you of such data collection in EULA.  We, for example, may collect information regarding your operating system, software information and diagnostic data after software crash. All these data are de-identified and processed in an anonymous manner.

Telemetry data collected though the LoupeDeck Software may include, for example, the following data:

  • Log and usage information, the time and duration of your use of features and plugins, service performance data;
  • Service and device information, such as device model, settings, operating system and when your device was purchased from LoupeDeck Online Store.
  • Identifiers, such as IP-address and user IDs, such as your LoupeDeck Account, where available;
  • Defect information, such as crash logs, device performance and stability and error codes.

3. LEGAL BASES FOR PERSONAL DATA PROCESSING

We process your data based on several legal bases and the same personal data attributes may be processed for multiple reasons. This provides that although you may request erasure for certain data kept pursuant to an agreement, we may require to keep it partially or in whole e.g. to comply with legal obligations such as tax and bookkeeping purposes.

Here you can find a short overview of our legal bases for processing:

Processing based on the performance of a contract; –       To provide you with our services, such as certain online services like the LoupeDeck account, ;

–       To identify you;

–       To process your order and payment;

–       To arrange for a delivery or return a purchase;

Processing for compliance with a legal obligation; –       To keep appropriate records for tax or accounting purposes;

–       To process information for data protection or product compliance purposes in certain occasions,

Processing based on a legitimate interest; –     To communicate with you about or products and services,

–       To process certain information relative to telemetry and data analytics,

–       To respond to your requests and inquiries

Processing based on consent;

NB: You can always withdraw your consent.

–       To deliver content and communications classifiable as advertising,

–       To deliver tailored content,

–       To process identifiable information relative to telemetry and data analytics,

–       To process cookies. Processing of cookie data is further described in section 9 [or in the Cookie Policy].

SECTION 4 – SOURCES OF PERSONAL DATA

Primarily, we collect personal data directly from you.

We may also collect personal data automatically from your devices that interact with our services e.g. when collecting cookie data.

In some cases, we also process personal data we have received from third party sources, such as our retailers who disclose us information related to purchases.

5. RECIPIENTS OF PERSONAL DATA

Some of our operations may require the disclosure of your data to third parties to provide you with our services. E.g. when you make an order in our online store, we disclose personal data related to payments to the payment service provider.

We do not disclose any personal data to third parties unless it is in accordance with applicable law. We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

6. DATA SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. In other words, we use appropriate safeguards to protect your personal data.

7. DATA TRANSFERS OUTSIDE THE EU/EEA

Our data processing is in part provided by third-party service providers, such as IT service providers, that may process your personal data outside the EU/EEA. When our service providers are transferring your personal data outside the EU/EEA, we contractually ensure that appropriate safeguards are in place.

9. PROFILING AND AUTOMATED DECISION-MAKING

As a main rule, we do not use personal data for profiling and automated decision-making. Some of the communications, including marketing communications, we send to you may be tailored to you based on the products and Services you have purchased from us or tailored according to your own subscription and choice. We do reserve the right to use online targeted advertising techniques which are specified in the section of this Privacy Policy regarding our LoupeDeck Online Store and in applicable LoupeDeck cookie policies.

10. STORAGE PERIOD

Your personal data will be stored as long it is necessary for providing our products and services to you. As a main rule, we discard the personal data collected by us once it no longer serves the purpose for which it was collected.

Your LoupeDeck Account and any data linked to your profile is considered active unless you have not terminated your Account as provided in the Account Terms.

In the end of the data lifecycle of your personal data, we either delete the data or de-identify and process it in an anonymized form. Our de-identification and anonymization methods may vary from time to time and differ in relation to the scope of the datasets.

11. DATA SUBJECTS’ RIGHTS

You may have certain data protection rights as a data subject.

  • Right of access: You have a right to access personal data that we held about you. You can ask for a copy of your personal data.
  • Right of rectification: You have a right to rectify possible erroneous or inaccurate information we may process.

 

  • Right to erasure: You have a right to request us to erase data about you if you consider that we have or no longer have an adequate legal basis for processing your personal data.

 

  • Right to restriction of processing: You have a right to request us to restrict the processing of your data if you consider your personal data to be erroneous or if the processing is unlawful and you need your personal data for making, presenting or defending a legal claim.

 

  • Right to data portability: You have a right to acquire your personal data from us in a machine-readable format and a right to move such data to another controller in certain situations.

 

  • Right to object: If we are processing your personal data on a basis of legitimate interest, you have a right to object this processing.

 

  • Right to lodge a complaint with a supervisory authority: You have a right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes data protection legislation. National supervisory authority in Finland is the Office of the Data Protection Ombudsman: tietosuoja.fi.

12. CHANGES TO THIS PRIVACY POLICY

We may modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website.

13. THIRD PARTIES

Third party apps and services

LoupeDeck services may include third party apps or services, such as registration by third parties or e-commerce elements provided by third parties. Third-party websites, apps, services and features may operate independently from us and may have their own privacy notices or policies. Where such linked website, app, service is not owned by us, we are not responsible for its privacy practices.

Social media plugins

Our webpages include so called social media plugins such as Facebook, Twitter, Instagram and Youtube. When you visit our webpages, technical information and personal data such as IP-address and information that you visited our website may be provided to the provider of the social media plugin. This data processing is subject to the terms of use and privacy policy of such social media service provider.

Links

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy Policys.

14. LOUPEDECK ONLINE STORE

Shopify Store

Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Policy (https://www.shopify.com/legal/privacy).

Payment

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with an AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Cookies related to our Shopify online store

Here is a list of the most important cookies that we use in our online store. We’ve listed them here so that you can choose if you want to opt-out of cookies or not.

_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).

_shopify_visit, no data held, Persistent for 30 minutes from the last visit, used by our website provider’s internal stats tracker to record the number of visits

_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer. cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.

_secure_session_id, unique token, sessional storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.