Privacy Policy

1. Introduction

AR-Go lab Oy ("Company", "we", "us", or "our"), a company registered in Finland with business ID (Y-tunnus) 3096104-8, operates the VIDDDY platform ("Platform"), an AI-powered feedback analysis service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.

We are committed to protecting your privacy and ensuring that your personal data is processed lawfully, fairly, and transparently. This Privacy Policy is designed to comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

Please read this Privacy Policy carefully. By accessing or using the VIDDDY platform, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy.

2. Data Controller Information

3. Categories of Personal Data We Collect

3.1 Information You Provide to Us

• Account Information: When you register for an account, we collect your name, email address, phone number, company name, job title, and password.
• Billing Information: If you subscribe to a paid plan, we collect payment information, billing address, and transaction history.
• Customer Feedback Data: When you use our platform to analyze customer feedback, we process the content of that feedback, which may include personal data of your customers.
• Communications: When you contact us, we collect information you provide in your communications, including emails and support requests.

3.2 Information Collected Automatically

• Usage Data: We collect information about how you interact with our Platform, including log data, device information, IP address, browser type, pages viewed, features used, and the dates and times of access.
• Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect information about your browsing activities. Please see our Cookie Policy for more details.

3.3 Information from Third Parties

• Integration Partners: If you connect our Platform with third-party services (such as CRM systems, social media platforms, or other business tools), we may receive information from those services.
• Business Partners: We may receive information about you from our business partners, such as when they refer you to our Platform.

4. Legal Basis for Processing Personal Data

We process your personal data based on the following legal grounds:

• Performance of a Contract: Processing necessary for the performance of our contract with you (i.e., to provide the VIDDDY platform and services).
• Legitimate Interests: Processing necessary for our legitimate interests, provided these interests don't override your fundamental rights and freedoms.
• Consent: Processing based on your consent, which you can withdraw at any time.
• Legal Obligation: Processing necessary to comply with legal obligations to which we are subject.

The specific legal basis for processing depends on the type of information and the purpose for which we process it, as detailed in Section 5.

5. How We Use Your Information

We use your personal data for the following purposes:

5.1 Providing and Improving the Platform

• To set up and maintain your account
• To provide the feedback analysis services you request
• To process payments and billing
• To improve and enhance the functionality of our Platform
• To develop new features and services

5.2 Communications

• To send administrative messages, updates, and security alerts
• To respond to your inquiries and support requests
• To send marketing communications (with your consent where required by law)
• To provide information about new features, events, or offers

5.3 Analytics and Research

• To analyze usage patterns and trends on our Platform
• To conduct research and development for improving our Platform
• To generate anonymous, aggregated insights about customer feedback

5.4 Legal and Security

• To verify your identity and prevent fraud
• To enforce our Terms of Use and other legal rights
• To comply with applicable laws, regulations, and legal processes
• To protect the safety, security, and integrity of our Platform, users, and third parties

6. How We Share Your Information

We may share your personal data with the following categories of recipients:

6.1 Service Providers

We share your information with third-party service providers who help us operate, provide, improve, and market the Platform, such as:

• Cloud hosting providers
• Payment processors
• Customer support services
• Analytics providers
• Marketing and communication platforms

These service providers are contractually obligated to use your information only for the purpose of providing services to us and in accordance with applicable data protection laws.

6.2 Business Partners

With your consent (where required by law), we may share your information with business partners for marketing or promotional purposes.

6.3 Corporate Transactions

In the event of a merger, acquisition, reorganization, bankruptcy, or similar event, your information may be transferred as part of our business assets.

6.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

6.5 With Your Consent

We may share your information in other ways if you provide consent.

7. International Data Transfers

We may transfer, store, and process your information in countries other than your own. When we transfer your personal data outside the European Economic Area (EEA) or Finland, we ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable law. These safeguards may include:

• Transferring to countries that have been deemed to provide an adequate level of protection by the European Commission
• Using specific contracts approved by the European Commission that give personal data the same protection it has in Europe (Standard Contractual Clauses)
• Transferring to organizations that are part of approved certification frameworks, such as the EU-US Privacy Shield (if applicable)

8. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements.

To determine the appropriate retention period, we consider:

• The amount, nature, and sensitivity of the personal data
• The potential risk of harm from unauthorized use or disclosure
• The purposes for which we process the personal data
• Whether we can achieve those purposes through other means
• Applicable legal, regulatory, or business requirements

When we no longer need your personal data, we will securely delete or anonymize it. If this is not possible (e.g., because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.

9. Your Data Protection Rights

Depending on applicable law, you may have the following rights with respect to your personal data:

• Right to Access: The right to request information about your personal data and obtain a copy of it.
• Right to Rectification: The right to have inaccurate or incomplete personal data corrected or completed.
• Right to Erasure (Right to be Forgotten): The right to request the deletion of your personal data in certain circumstances.
• Right to Restriction of Processing: The right to request the temporary or permanent restriction of processing of your personal data.
• Right to Data Portability: The right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
• Right to Object: The right to object to processing of your personal data in certain circumstances, including for direct marketing purposes.
• Right Not to Be Subject to Automated Decision-Making: The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.
• Right to Withdraw Consent: The right to withdraw your consent at any time where we rely on consent to process your personal data.

To exercise these rights, please contact us using the information provided in Section 13. Please note that these rights may be limited in some circumstances under applicable law.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

• Encryption of sensitive data
• Regular security assessments and testing
• Access controls and authentication mechanisms
• Data backup and recovery procedures
• Staff training on data security and privacy

No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

11. Children's Privacy

The VIDDDY platform is not intended for use by children under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us using the information in Section 13, and we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will notify you by email (if we have your email address) or by posting a notice on our website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

13. Cookie Policy

13.1 What Are Cookies

Cookies are small text files that are placed on your device when you visit a website. They are widely used to make websites work more efficiently and provide information to the website owners.

13.2 How We Use Cookies

We use the following types of cookies:

• Essential Cookies: Necessary for the functioning of our Platform. They enable core functionalities such as security, network management, and account access.
• Functional Cookies: Help us remember your preferences and customize your experience.
• Analytics Cookies: Collect information about how visitors use our Platform, which helps us improve it.
• Marketing Cookies: Track your browsing habits to deliver advertising relevant to your interests.

13.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can:

• Delete existing cookies
• Block cookies from being set
• Be notified when a cookie is set

Please note that blocking or deleting cookies may impact your experience on our Platform, as some features may not function properly.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:

15. Data Protection Authority

If you are located in the European Union or European Economic Area, you have the right to lodge a complaint with a data protection authority if you believe that our processing of your personal data infringes applicable data protection laws. The relevant data protection authority will be the supervisory authority in:

• The EU country where you have your habitual residence
• The place where you work, or
• The place of the alleged infringement

For individuals in Finland, the data protection authority is: