Privacy Policy

Makevia Oy Business ID: 3588322-9 Email: support@keikkaflow.com Phone: +358 45 156 7778 This Privacy Policy describes how KeikkaFlow application ("Service") processes users' personal data in accordance with the EU General Data Protection Regulation (GDPR) and Finnish data protection legislation.

We collect the following personal data: Required information: • Email address (for login) • Full name (for identification) Optional information: • Phone number • Company name Automatically collected data: • Device information (device type, operating system) • Application usage data (login times, actions) • Push notification identifiers • IP address Job data (entered by company): • Customer names, phone numbers and emails • Job addresses and descriptions • Work times and statistics

We process personal data for the following purposes: Contract performance (GDPR 6(1)(b)): • Creating and managing user accounts • Providing the Service • Customer support Legitimate interest (GDPR 6(1)(f)): • Developing and improving the Service • Preventing misuse • Statistics and analytics Consent (GDPR 6(1)(a)): • Sending push notifications • Marketing communications (if separately consented) Legal obligation (GDPR 6(1)(c)): • Accounting obligations • Authority requests

We retain personal data as follows: • User data: Duration of account and 30 days after deletion • Job data: 5 years after job completion (accounting obligation) • Log data: 12 months • Billing data: 6 years (Accounting Act) After account deletion, personal data is anonymized or deleted after the retention period.

We may disclose data to the following parties: Service providers: • Supabase Inc. (database and authentication) - USA • Apple Inc. (push notifications, App Store) - USA • Google LLC (push notifications, Play Store) - USA • Expo / Meta (application platform) - USA Data transfers outside the EU are made based on EU Standard Contractual Clauses or equivalent safeguards. Other disclosures: • To authorities to fulfill legal obligations • To potential buyer in connection with business sale We do not sell personal data to third parties.

Under GDPR, you have the following rights: Right of access (Art. 15): Right to know if your data is being processed and to receive a copy. Rectification (Art. 16): Right to request correction of inaccurate data. Erasure (Art. 17): Right to request deletion of data ("right to be forgotten"). Restriction of processing (Art. 18): Right to restrict processing in certain situations. Data portability (Art. 20): Right to receive your data in machine-readable format. Right to object (Art. 21): Right to object to processing based on legitimate interest. Right to complain (Art. 77): Right to file a complaint with the supervisory authority: Office of the Data Protection Ombudsman (Finland) www.tietosuoja.fi tietosuoja@om.fi

You can exercise your rights by contacting: Email: support@keikkaflow.com Phone: +358 45 156 7778 We will respond to your request within 30 days. In complex cases, the response time may be extended by 60 days. We may request additional information to verify your identity. Account deletion: You can delete your account from the app settings or by contacting us.

We protect personal data with the following measures: Technical measures: • Encryption in transit (TLS/SSL) • Encryption at rest (AES-256) • Secure connections (HTTPS) • Strong password policy • Regular security updates Organizational measures: • Access control and permissions • Staff data protection training • Security policies and guidelines • Regular security audits Data breaches are reported to authorities and data subjects as required by GDPR.

The KeikkaFlow mobile application does not use cookies. The application may collect the following analytics data: • Application usage statistics • Crash reports • Performance data This data is collected to improve the service and is mostly anonymized.

The Service is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you notice that a minor has registered for the Service, please contact us immediately.

We may update this Privacy Policy from time to time. Significant changes will be notified: • In the application • By email We recommend reviewing this policy regularly.

Data Controller: Makevia Oy Business ID: 3588322-9 Email: support@keikkaflow.com Phone: +358 45 156 7778 Data protection inquiries and requests: support@keikkaflow.com Supervisory Authority: Office of the Data Protection Ombudsman Lintulahdenkuja 4, 00530 Helsinki, Finland www.tietosuoja.fi