Last updated March 4, 2024

1 Foreword

This Jolla Privacy Policy provides information on Jolla's privacy principles, the type of personal data we collect, the purposes for using this data, how we use, store and retain this data, and your rights with regard to this data. This Privacy Policy applies to all our products and services covered by the terms available at http://www.jolla.com/legal ("Terms of Service"), as well as our website located at http://www.jolla.com.

We will occasionally update this Privacy Policy. When we update this Privacy Policy, the date at the top will be revised. We will also inform all of our registered users about the changes using a suitable medium. We also recommend to check the Jolla website from time to time to inform yourself of any changes regarding this Privacy Policy.

Please review this Privacy Policy carefully. If you have any questions, comments or concerns about this Privacy Policy, please contact us by submitting a query to Jolla Customer Support.

2 Jolla's privacy principles

Protecting the privacy of our users is one of the key building blocks of our business. We believe it is important because it is what our users want and thus it is something we will work hard to provide. Our approach towards your privacy can be summarized in the following principles:

  • You have the right to the utmost protection of your privacy. It should be for you to decide what personal data you want to share and when.
  • We do not share your personal data with third parties without your express authorization. We are not building a business on monetizing your personal data. We can succeed as a business when our users are happy and know that they can trust us not to share their data with others if they have not authorized it expressly.
  • We work hard to protect your data. We will dedicate time and resources to ensuring that your data is protected against intrusion from third parties. This means we seek to protect you from not only criminal intrusion, but also unauthorized access from governmental sources.

3 The type of information we collect

As described below, we collect and process a minimal amount of personal data and non-personal usage data when you use Jolla products and services.

Personal Data

We may collect the following types of personal data from you:

Personal and contact details.
When creating a Jolla account you are required to provide us with your email address, full name, and your birth date, and optionally your country of residence. If you wish to contact us we require you to provide us with your email address and we may require you to provide us with your full name, country of residence and IMEI of your mobile device in question.
Payment information.
If you make a purchase from us, we utilise a third party payment service provider that will collect your credit card or other payment information as necessary to process your payment.
Device details.
If you have a Sailfish device (meaning a device running on Sailfish OS) in use with a Jolla account, we will collect information about your device such as the IMEI number of the device, and the IP address when it is connected to the internet and thus, to our services. In very exceptional cases, if you contact us and request that we provide certain customer care services, we may ask you to install and use certain tools providing us with access to diagnostic data.
Information from third party sources.
If you connect your Sailfish device to a third party service such as Facebook, Google or Twitter, information, including your contacts, calendar entries, photos, check-ins, and similar entries you have stored in the third party service in question may also be stored on your Sailfish device, but we will not collect, store, or have access to such data without your permission. These services may be installed on your device by default but have no access to your information on the device until you enable the third party service.
Location data.
If you use location services on your Sailfish device, information about your location, including GPS coordinates, WLAN SSID's and WLAN signal strength will be temporarily stored on your device, but we will not collect, store or have access to such data without your permission. As some of the location services available on Sailfish devices - e.g., the Mozilla location services - are provided by third parties, those third parties may collect such information. In such cases you will be asked to expressly accept the third party's privacy policy or other comparable set of terms governing their processing of your data.

Usage Data

When using Jolla's website or services, we also collect anonymous usage data such as information about how you use these services, including for example, the web pages you have accessed and any user specific settings (such as your preferred language) you have set.

We ensure that in common use the usage data does not contain any personal data. However, when you use Jolla Official store service the usage data is stored together with your personal data in such a way that the usage data could be considered to be personal data as well. In such cases, we process it in accordance with the personal data provisions of this Privacy Policy.

4 The purposes for which we use personal data

We require you to provide us with personal data:

  • to provide you with Jolla products and services.
  • to better understand who our users are and how you use Jolla products and services.
  • to inform you about updates and developments related to Jolla products or services, and
  • to provide you with support services.

In case you decide to opt in for marketing content we will use your personal data to send you marketing material and information about our products and services.

5 Storing, processing and retention of your personal data

As a contractual obligation after you've accepted this privacy policy we will have your permission to store and process your personal data.

We store and process your personal data (if any) on servers located in the European Economic Area which are hosted and maintained by third party service providers ("Hosting Providers"). We will retain your data for as long as necessary to provide the products and services you have requested from us, and fulfil the purposes of this Privacy Policy, or for as long as necessary to comply with our legal obligations.

When you request us to delete your personal data we will do so within 30 days. This also means that the Jolla services will cease to work on your device after your personal data is deleted.

In general, the criteria we at Jolla use to determine the retention period for personal data includes the following:

  • How long is the personal data needed to provide the products and services?
  • Is the personal data especially sensitive? If so, a shortened period might be appropriate.
  • Has the user requested the deletion of personal data? In this case, the retention period will be cut short without delay.
  • Is Jolla required to retain the data to comply with a contractual or legal obligation?

6 Your rights regarding your personal data

You can obtain access your personal data for any purpose at any time, and request that we correct it if it is inaccurate, or that we delete it. You can also object to the use of your personal data or choose to deactivate your account

To request access, correction or deletion of your personal data, or to object to the use of any of your data for any of the purposes mentioned above in Section 4 of this policy, or to request the deactivation of your account, please contact us at Jolla Customer Support. We will take action on your request within 30 days.

7 Disclosure of personal data to third parties

We will not disclose your personal data to third parties unless:

  • you have provided us with your express consent for doing so;
  • the disclosure is reasonably necessary for us to provide a product or service you have requested from us;
  • the disclosure is reasonably necessary for us to be able to enforce our Terms of Service;
  • the disclosure is reasonably necessary for the purposes of detecting and preventing fraud, security breaches, or criminal behaviour; or
  • applicable law requires us to disclose it.

The following third party Services are utilised in the services provided by Jollyboys Ltd. and user information required for the operation of said services is shared with the provider in question:

  • Sailfish OS Forum hosted by Discourse hosting provider Communiteq. When used as a logged in user the necessary Jolla account information is passed to the service provider.
  • Payment services in Jolla shop are provided by Fastspring. Fastspring will treat personal data according to their terms and policies, which are presented to the user at the time of the transaction. Fastspring and Jolla are maintaining a shared register of customers, which contains the information necessary to fulfil the sales service requirements. Jolla and Fastspring are operating as joint controllers in agreement.

Please note that we also include third party service integrations on our devices and in our software, for example, email, cloud storage, or social media accounts integrations. In such cases Jolla does not have access to the data these services collect, or to the data you may decide to share with them. The data processing is thus, handled in accordance with the privacy practices and policies of said third party, and such data is not subject to Jolla Privacy Policy.

The privacy policies and terms of these third party services will be presented to you before you start using the service in question, so that you can make an informed decision about whether you can accept their processing of your personal data.

8 Cookies

We do not use "cookies" or any similar technologies for the purpose of collecting personal data. The only cookies we utilise are used for tracking session ids (non-personal data), for detecting potential frauds and to ensure security in service use, all of which are based on legitimate purpose of use.

When using Jolla services, you may be directed to third party websites which have set up cookies. Although we seek to ensure that our users' privacy is protected at all times, we cannot be responsible for how these third party cookies are used. You should consult the privacy policies of these third parties for more information about how they treat your personal data.

9 Data Security

Your data is secure and protected from unauthorized access, manipulation, loss, destruction and unauthorized disclosure through adequate security measures.

We and our Hosting Providers use industry standard security mechanisms to protect the collected personal data. We ensure that any Hosting Provider we use commits to using both software based security measures (including, but not limited to firewalls and SSL communications where appropriate), as well as physical security measures such as controlled access to server facilities.

10 Children

If you are under the age of 13, you are not permitted to create a Jolla account or use our products and services, without consent from your parent or legal guardian. If we learn that we have collected personal data from a child under 13 without such consent, we will delete the personal data and close down the account.

11 General information

The name of the data controller is Jollyboys Ltd., business id 3381425-4, with a registered office at Polttimonkatu 3, 33210, Tampere, Finland ("Jolla").

The name of the personal data register is the Jolla Account User Register.

If you have a question about this Privacy Policy, or if you would like to make a complaint about a possible breach of privacy laws, please contact us at Jolla Customer Support.

If you are not satisfied with our response or feel that we are mishandling your personal data, you can contact the Data Protection Ombudsman of Finland through this link http://www.tietosuoja.fi/en/.