Privacy Notice

Updated: 3.11.2025

1. Document name

Privacy Notice of LokiTime Oy’s online services and marketing operations

2. Controller

LokiTime Oy
Kampinkuja 2, 00100 Helsinki, Finland
Email: support@lokitime.com

3. Contact person for privacy matters

Tuomas Pohjola
Chief Executive Officer (CEO)
Email: tuomas.pohjola@lokitime.fi
Phone: +358 40 560 1234

4. Purpose of processing personal data

Personal data is collected and processed for the following purposes:

• Provision, operation and maintenance of LokiTime’s online services and applications
  
• Customer relationship management and communication
  
• Billing, order fulfilment and contract administration
  
• Marketing, advertising and analytics
  
• Product development and service improvement
  
• Ensuring information security and preventing misuse
  
• Compliance with applicable legal obligations
  

Personal data is processed in accordance with the EU General Data Protection Regulation (GDPR), the UK GDPR, and other applicable data protection laws.

5. Categories of data subjects

The following categories of individuals are covered by this Privacy Notice:

• Visitors to LokiTime’s websites and online services
  
• Individuals who fill in online forms, participate in campaigns, or communicate with LokiTime
  
• Representatives and contact persons of LokiTime’s customers, partners, and suppliers
  
• Users of LokiTime’s software and mobile applications (end users)

6. Data we collect

Personal data may include the following:

• Name and contact information (email, phone number, company, job title)
  
• Technical data (IP address, browser information, device identifiers)
  
• Information provided voluntarily through forms or communications
  
• Login credentials, usage logs, and system access details for registered users
  
• Billing and contract information for customer accounts
  
• Consent information and communication preferences
  

7. Sources of personal data

Personal data is collected:

• Directly from the data subject (e.g. via forms, chat, or registration)
  
• From customers or partners in connection with service use
  
• Automatically through website analytics and cookies
  
• From publicly available business information sources where permitted by law

8. Data collected through marketing and analytics technologies

LokiTime uses marketing and analytics tools to improve its website, measure effectiveness, and deliver relevant advertising. These include:

• Pipedrive Campaigns for managing marketing communication and lead generation
  
• Google Analytics 4 (GA4) for understanding website usage and visitor behaviour
  
• Meta Pixel and LinkedIn Insight Tag for targeted advertising and performance measurement
  
• Usercentrics for managing cookie and consent preferences in compliance with data protection laws
  

Each technology processes data in accordance with its respective privacy policy. Cookies are only stored with the user’s consent.

Cookie consent management:
You can change or withdraw your cookie consent at any time by clicking the “Cookie Settings” button in the lower left corner of the page.

9. Legal basis for processing

The processing of personal data is based on one or more of the following legal grounds:

• Performance of a contract between the Client and LokiTime
  
• Compliance with legal obligations
  
• Legitimate interests of LokiTime (e.g., marketing, product development, fraud prevention)
  
• Consent of the data subject, where required (e.g., for marketing or cookies)

10. Disclosure and transfer of data

Personal data may be disclosed to:

• LokiTime’s group companies and subcontractors involved in service provision
  
• Technical service providers (e.g., hosting, analytics, communication systems)
  
• Authorities, when required by law
  
• Partners involved in the delivery, support, or resale of LokiTime’s services
  

LokiTime does not sell personal data to third parties.

11. International data transfers

Personal data may be transferred and processed outside the European Economic Area (EEA) when necessary for providing the Service. In such cases, LokiTime ensures an adequate level of protection by using:

• European Commission’s Standard Contractual Clauses (SCCs), or
  
• Other legally approved safeguards ensuring compliance with GDPR
  

12. Data protection and security

LokiTime applies appropriate technical and organizational measures to protect personal data from unauthorized access, loss, misuse, or alteration.
Examples include:

• Secure servers and data centres
  
• Role-based access control
  
• Encryption and secure data transfer
  
• Regular security audits and monitoring
  

Only authorized personnel and subcontractors who need the data for their duties have access to personal data.

13. Data retention

Personal data is retained only as long as necessary for the purposes described in this Notice or as required by law.
When data is no longer needed, it is securely deleted or anonymized.

14. Rights of the data subject

Individuals have the following rights under applicable data protection laws:

1. Right of access – to obtain confirmation whether personal data is processed and receive a copy.
   
2. Right to rectification – to have inaccurate or incomplete data corrected.
   
3. Right to erasure (“right to be forgotten”) – to request deletion of personal data when lawful grounds exist.
   
4. Right to restriction of processing – to limit processing in specific cases.
   
5. Right to data portability – to receive personal data in a machine-readable format.
   
6. Right to object – to object to processing for direct marketing or on legitimate interest grounds.
   
7. Right to withdraw consent – when processing is based on consent.
   
8. Right to lodge a complaint – to a supervisory authority such as the Finnish Data Protection Ombudsman or another competent authority in your country.
   

Requests concerning personal data can be sent to:
tuomas.pohjola@lokitime.fi

15. Cookies and tracking technologies

The LokiTime website uses cookies to enhance usability, measure performance, and personalize content.
Cookies are categorized as essential, analytical, or marketing.
Users can manage their cookie preferences through the Usercentrics consent banner available on all LokiTime websites.

16. Data processing roles

When acting as a Controller, LokiTime determines the purposes and means of processing personal data (e.g., marketing, customer communications).

When acting as a Processor, LokiTime processes personal data on behalf of its customers in accordance with a Data Processing Agreement (DPA).
The DPA specifies the scope, purpose, and security measures for the processing of customer data.

17. Data transfers in business operations

In the event of a merger, acquisition, or business restructuring, personal data may be transferred to the acquiring entity as part of the transaction. In such cases, LokiTime ensures continued compliance with this Privacy Notice and applicable law.

18. Updates to this Privacy Notice

LokiTime may update this Privacy Notice from time to time to reflect legal, technical, or operational changes.
Updated versions will be published on LokiTime’s website and will take effect upon posting.

19. Contact information

If you have any questions regarding this Privacy Notice or your personal data, please contact:

LokiTime Oy
Kampinkuja 2, 00100 Helsinki, Finland
Email: support@lokitime.com
Phone: +358 40 560 1234