Last updated May 23, 2018
2 Jolla's privacy principles
Protecting the privacy of our users is one of the key building blocks of our business. We believe it is important because it is what our users want and thus it is something we will work hard to provide. Our approach towards your privacy can be summarized in the following principles:
- You have the right to the utmost protection of your privacy. It should be for you to decide what personal data you want to share and when.
- We do not share your personal data with third parties without your express authorization. We are not building a business on monetizing your personal data. We can succeed as a business when our users are happy and know that they can trust us not to share their data with others if they have not authorized it expressly.
- We work hard to protect your data. We will dedicate time and resources to ensuring that your data is protected against intrusion from third parties. This means we seek to protect you from not only criminal intrusion, but also unauthorized access from governmental sources.
3 The type of information we collect
As described below, we collect and process a minimal amount of personal data and non-personal usage data when you use Jolla products and services.
We may collect the following types of personal data from you:
- Personal and contact details.
For example, when creating a Jolla account, or when contacting us, we may ask you to provide some personal information such as your name, email address, postal address, and phone number. We may also ask for data such as your age, country, and preferred language.
- Payment information.
If you make a purchase from us, we utilize a third party payment service provider that will collect your credit card or other payment information as necessary to process your payment.
- Device details.
If you have a Sailfish device (meaning a device running on Sailfish OS), we may collect information about your device such the IMEI number of the device, and the IP address when it is connected to the internet. In very exceptional cases, if you contact us and request that we provide certain customer care services, we may ask you to install and use certain tools providing us with access to diagnostic data.
- Information from third party sources.
If you connect your Sailfish device to a third party service such as Facebook, Google or Twitter, information, including your contacts, calendar entries, photos, check-ins, and similar entries you have stored in the third party service in question may also be stored on your Sailfish device, but we will not collect, store, or have access to such data without your permission.
- Location data.
When using Jolla's website or services, we also collect anonymous usage data such as information about how you use these services, including for example, the webpages you have accessed and any user specific settings (such as your preferred language) you have set.
4 The purposes for which we use personal data
We collect personal data:
- to provide you with Jolla products and services.
- to better understand who our users are and how you use Jolla products and services.
- to inform you about updates and developments related to Jolla products or services.
- to provide you with support services, and
- to send you marketing material and information about our products and services.
5 Storing, processing and retention of your personal data
The criteria used to determine the retention periods include:
- How long is the personal data needed to provide the products and services?
- Is the personal data especially sensitive? If so, a shortened period might be appropriate.
- Has the user requested the deletion of personal data? In this case, the retention period will be cut short without delay.
- Is Jolla required to retain the data to comply with a contractual or legal obligation?
6 Your rights regarding your personal data
You can obtain access your personal data for any purpose at any time, and request that we correct it if it is inaccurate, or that we delete it. You can also object to the use of your personal data or choose to deactivate your account
To request access, correction or deletion of your personal data, or to object to the use of any of your data for any of the purposes mentioned above in Section 4 of this policy, or to request the deactivation of your account, please contact us at Jolla Customer Support. We will take action on your request within 30 days.
7 Disclosure of personal data to third parties
We will not disclose your personal data to third parties unless:
- you have provided us with your express consent for doing so;
- the disclosure is reasonably necessary for us to provide a product or service you have requested from us;
- the disclosure is reasonably necessary for us to be able to enforce our Terms of Service;
- the disclosure is reasonably necessary for the purposes of detecting and preventing fraud, security breaches, or criminal behaviour; or
- applicable law requires us to disclose it.
Note that we might include third party services ("Third Party Services") on our devices or in our software. Such Third Party Services may collect personal data from you in accordance with their own privacy policies. You will be presented with these privacy policies before you start using Third Party Services so that you can make an informed decision about whether you can accept their processing of your personal data.
We do not use "cookies" or any similar technologies for the purpose of collecting personal data. The only cookies we might set are used for purposes such as tracking session ids (non-personal data).
When using Jolla services, you may be directed to third party websites which have set up cookies. Although we seek to ensure that our users' privacy is protected at all times, we cannot be responsible for how these third party cookies are used. You should consult the privacy policies of these third parties for more information about how they treat your personal data.
9 Data Security
Your data is secure and protected from unauthorized access, manipulation, loss, destruction and unauthorized disclosure through adequate security measures.
We and our Hosting Providers use industry standard security mechanisms to protect the collected personal data. We ensure that any Hosting Provider we use commits to using both software based security measures (including, but not limited to firewalls and SSL communications where appropriate), as well as physical security measures such as controlled access to server facilities.
If you are under the age of 13, you are not permitted to create a Jolla account or use our products and services, without consent from your parent or legal guardian. If we learn that we have collected personal data from a child under 13 without such consent, we will delete the personal data and close down the account.
11 General information
The name of the data controller is Jolla Ltd., business id 2399817-6, with a registered office at Polttimonkatu 3, 33210, Tampere, Finland.
The name of the personal data register is the Jolla Account User Register.
If you are not satisfied with our response or feel that we are mishandling your personal data, you can contact the Data Protection Ombudsman of Finland through this link http://www.tietosuoja.fi/en/.