Privacy Policy – Quikka Mobile App
Effective Date: May 27, 2025
Welcome to the Quikka mobile application. This Privacy Policy explains how Sciometa Oy ("we", "us", or "our"), as the data controller, collects, uses, and protects your personal data when you use Quikka. We are committed to safeguarding your privacy and handle your data in accordance with the General Data Protection Regulation (GDPR) of the European Union.
1. Who is responsible for processing your data?
Data Controller:
Sciometa Oy
Lönnrotinkatu
📧 soki@sciometa.com
2. Who can you contact about data protection?
Data Protection Officer:
📧 soki@sciometa.com
You may exercise all your rights by contacting this address.
3. What data do we collect and how is it generated?
We collect personal data directly from you when you register, use the app, or contact us. Additional data is generated through app usage.
Data collected during registration and usage:
| Data Type | Description |
|---|---|
| Personal Information | First and last name |
| Contact Details | Email address, Phone number, Home address |
| Usage Data | QR code scanning activity, Purchase history, Discount preferences |
| Location Data | Device location (only with your consent) |
| Payment Information | Only card brand and last 4 digits (provided by Stripe) |
Technical and usage information:
- IP address
- Device ID
- App usage times and actions (e.g. button clicks, browsing)
4. For what purposes and on what legal basis do we use your data?
Data is processed to enable and operate the Quikka service and related functionalities. More specific legal grounds can be provided upon request.
5. Who can access your data?
Your data is only accessed by authorized employees of Sciometa Oy. We also use the following trusted service providers:
| Service Provider | Purpose | Data Protection |
|---|---|---|
| Google Firebase | Storage and processing of personal data | In the EU, with data security in place |
| Stripe | Secure payment processing | PCI-DSS compliant. Full card details are never stored on our servers. |
| Cloud and analytics services | Monitoring app functionality and security | Industry-standard encryption and access controls |
6. Are your data transferred outside the EU?
Yes. Some of our providers (e.g., Google and Stripe) may use servers located outside the EU. We protect your data as follows:
- We use EU Standard Contractual Clauses (SCCs) and other safeguards to ensure adequate data protection.
- Data is encrypted and access is technically restricted.
7. How long do we retain your data?
We delete or anonymize your personal data as soon as it is no longer needed for the purposes described above. Personal data is generally retained only for the duration of your participation in the Quikka program.
8. What rights do you have?
Under the GDPR, you have the following rights:
- Right of access – to view the data we hold about you
- Right to rectification – to correct inaccurate or incomplete data
- Right to erasure – "right to be forgotten"
- Right to restrict processing
- Right to object to processing
- Right to data portability
- Right to withdraw consent at any time
You may exercise all your rights by contacting:
📧 soki@sciometa.com
9. Data Security
Your data is protected through technical and organizational measures that meet industry standards.
10. Changes to this Privacy Notice
We may update this notice as necessary. Any significant changes will be announced in the app. The new terms take effect immediately upon publication.
📧 Contact Information
Data Controller & Data Protection Officer:
Sciometa Oy
Lönnrotinkatu
📧 soki@sciometa.com
For all privacy-related questions and to exercise your rights, please contact the above email address.