Updated June 21, 2021
The Product is an invoice management tool designed to be utilized by our customers for their internal invoice management purposes.
When you use the Product, we collect data that you provide to us directly. For example, when you use or register for the Product, we may ask you to provide us with registration information, which includes, for example, your name, contact details (such as address, e-mail address and phone number), company name and occupation and language, as well as user names, passwords and other such credentials that are used to authenticate users and to validate their actions or that may be needed to provide you access to the Product.
Moreover, we may collect or ask for information relating to your subscription or license and/or use of the Product and other interactions with us. Such information may include, for example, details of agreements between you and Dooap, records of contacts and communications, information and details relating to the content you have provided us with and other such transactional information.
When you order the Dooap Product through Microsoft webpages, we do not store and process your credit card information and other invoicing data provided by you. All processing of credit card information is performed by trusted third parties for the sole purpose of verifying your financial qualifications and collect payment from you. The use of your data by our invoicing service provider is subject to its privacy policies. Trial use of the Product is provided free of charge and thus no payment information will be collected unless you subscribe to a license subject to a charge.
The Dooap Product is a business-to-business product and not intended for children under the age of 18 who are not legally capable of forming binding contracts in most jurisdictions. We do not knowingly collect personal data from children under 13. If we learn we have collected or received personal data from a child under 13 without verification of parental consent, we will delete that personal data.
We may use your Personal Information and other data we collect to:
The legitimate grounds for processing your personal data are either compliance with the agreement entered into between us and you, our legitimate interest, compliance with legal obligations to which we are subject or your consent as further described in the examples below.
We may transfer the data (whether personal data or non-personally identifiable anonymous data) with our subcontractors or partners for the above purposes. In such cases, these subcontractors and partners act as our data processors and process the personal data on our behalf. In case we transfer the data, we will ensure that personal data is transferred and processed only to the extent necessary and only for the intended purpose. Such third parties are also required to maintain the confidentiality of your Personal Information.
We may also sell, transfer or otherwise share some or all of our assets, including your personal data, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
We may disclose aggregated anonymous and not personally identifiable information about our users without restriction.
Dooap’s personnel have no general access to personal data included in the Product. Access to such personal data is given exclusively to authorized persons on Dooap’s side or its subcontractors, for instance, in connection with the supply of support services relating to the Product. We have ensured that our employees do not process Personal Information on a wider basis than required for providing the Product. Our personnel have received training on the restrictions relating to the processing of personal data.
Our websites may include links to third party websites. Please note that we do not control, and are not responsible for, the content or practices of such websites, which are also subject to their own terms and privacy policies.
In order to ensure proper functioning of the Product, and to facilitate our global operations, we may need to transfer your personal data with companies operating outside Finland (for example if our servers are located in another country) and the EU/EEA. We also use a subcontractor established in the United States to facilitate the distribution of the Product, and a limited amount of your personal data (email address or other similar identification data needed to transmit emails) may be transferred to the said subcontractor, but solely for the said purpose.
Regarding transfers of personal data to countries where the local data protection legislation does not provide adequate level of data protection, the transfers are based on appropriate safeguards, such as standard contractual clauses approved by the European Commission or a competent supervisory authority.
To learn more about the appropriate safeguards we use, please send us an email at firstname.lastname@example.org.
We employ several security technologies and measures to protect and prevent your personal data stored on our data systems and servers from unauthorized access, use and disclosure. Our servers are in a controlled and secure environment and user credentials are required to access the environment and Personal Information.
You have the option to manage your cookie preferences through your web browser. You can set your browser to accept, block or delete all or certain cookies. Please note that if you choose to block cookies, this may prevent the proper functioning of the Product or Dooap websites. For more information about cookies and how to block them, please visit for example www.youronlinechoices.com or www.allaboutcookies.org.
Outdated data and data that has been marked to be deleted will be deleted in course of regular database updates.
In case you wish to know what personal data we hold about you, you may, as appropriate and in accordance with applicable law, exercise such rights by contacting us through the contact points referred to below.
Also, in case you wish to rectify any incomplete, incorrect or outdated personal data, you may, as appropriate and in accordance with applicable law, exercise such rights by contacting us through the contact points referred to below.
You also have the right at any time to request us to erase personal data concerning you and processed by us and we are obliged to erase the data if there is no longer a legal ground for processing the data.
In some cases, you have the right to object to the processing of your personal data if the data has been processed on the basis of our legitimate interest, and we are obliged to stop processing such personal data unless we can demonstrate compelling legitimate grounds for further processing of such personal data. You also have the right to prohibit us from processing your personal data for purposes of direct marketing, distance selling and other marketing communications, market research and opinion polls (opt-out) by informing us thereof. We may send you marketing communication using electronic means (e-mail, SMS etc.) only in the event you have given your consent to such communication (opt-in), and you have the option to unsubscribe at any time.
In addition you may, under certain circumstances have the right to obtain from us restriction of processing of your personal data. Should the restriction of processing apply, the respective personal data will be marked and may only be processed by us for certain defined purposes. Where your personal data has been processed based on your consent or an agreement entered into between you and us, you have the right to receive such personal data from us that you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another entity without hindrance from us.
Lastly, you as a data subject have the right to file a complaint with the competent supervisory authority regarding our processing of personal data.
Åkerlundinkatu 11 D
33100 Tampere, Finland