Skip to content

Privacy Policy

Effective Date: 1 May 2025
Last Reviewed: 12 June 2025

This Privacy Policy explains how Hyper ICT Oy (“we”, “our”, or “us”), the company operating laskutasku.fi, collects, uses, discloses, and protects your personal and business data when you use our services. By accessing or using the platform, you consent to the practices described in this Policy.

1. Who We Are

LaskuTasku is a secure, cloud-based invoicing system operated by:
Hyper ICT Oy
Business ID: 3394765-5
Address: Soukankaari 11, 02360 Espoo, Finland
Email: info@hyper-ict.com

We comply with all applicable privacy laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

2. What Data We Collect

We collect two main types of data:

A. User Data (your information)

  • Full name
  • Email address
  • Phone number
  • Goods and Items and Services name
  • Price list
  • Physical address (street, city, country)
  • Company registration number
  • Tax identification number (VAT number)
  • Payment gateway keys (entered by user for Stripe, PayPal, Razorpay, Paystack)
  • IP address (automatically logged)

B. Client Data (your customers’ information)

  • Customer’s name
  • Email and address
  • Country and city
  • Goods or Items or Services that buy
  • Payments
  • VAT number or company registration number

C. Technical Data

  • Browser type and version
  • Device type
  • IP address
  • Geolocations
  • Operating system
  • Session cookies (see section 9)

3. How We Collect the Data

We collect data only through:

  • Online forms you voluntarily fill during registration, invoice creation, or profile setup
  • System logs created during your authenticated sessions
  • Payment integration configuration inputs provided by you

We do not collect data from third-party sources, social logins, or passive background tracking beyond standard session cookies.

4. Why We Collect and Use This Data

We use your data exclusively for:

  • Creating and managing invoices
  • Populating invoice fields with your or your clients’ details
  • Delivering invoices to your customers via email or download
  • Allowing you to connect your payment providers securely (e.g., Stripe)
  • Providing customer support and troubleshooting technical issues
  • Ensuring secure, authenticated access to your account

We do not use your data for:

  • Marketing or advertising
  • Profiling or behavior analysis
  • Selling to third parties

5. Lawful Basis for Processing

Under GDPR, we rely on the following lawful bases to collect and process your data:

  • Contractual necessity: To fulfill the services you requested
  • Legal obligation: For accounting, tax, or regulatory purposes
  • Legitimate interest: To secure and improve our service
  • Consent: When you explicitly provide or configure data (e.g., payment keys)

6. Data Sharing and Disclosure

We do not sell, rent, or share your personal data or your clients’ data with any external company, third-party marketer, or unauthorized agent.

Access to data is limited to:

  • You (via your account)
  • Our authorized technical staff for support or security maintenance

In rare cases, we may be legally required to disclose data (e.g., court orders), but we will inform you unless prohibited by law.

7. Data Storage Location and Security

All data is securely stored in Microsoft Azure datacenters located in the United States.

We use industry-standard protections including:

  • Encryption in transit and at rest (AES-256, TLS 1.3)
  • Access control and audit logs
  • Secure cloud architecture
  • Regular vulnerability scanning and updates

We follow Zero Trust principles in our infrastructure design and strictly restrict internal data access.

8. Data Retention Policy

We retain data under the following conditions:

  • Your data and your client data are stored indefinitely unless deleted by you.
  • When you delete data (e.g., a client or invoice), it is permanently removed from our platform and not recoverable.
  • Upon account deletion, all your stored data is permanently erased within 30 days.

Backups are maintained securely for disaster recovery and are also deleted according to this policy.

9. Use of Cookies

We use only session cookies, which:

  • Help authenticate and maintain your login session
  • Automatically expire after logout or browser close
  • Do not track your behavior across other websites

We do not use third-party analytics, ads, or cross-site tracking tools.

10. Your Rights (under GDPR)

As a data subject, you have the following rights:

  • Right to Access: Request a copy of your data
  • Right to Rectification: Correct incomplete or inaccurate data
  • Right to Erasure: Delete your account and all data
  • Right to Restrict Processing: Ask us to limit data use
  • Right to Data Portability: Request your data in machine-readable format
  • Right to Object: Stop processing for non-essential use
  • Right to Complain: Lodge a complaint with the Finnish Data Protection Ombudsman

To exercise your rights, contact: info@hyper-ict.com

11. Data of Minors

Our service is intended only for users aged 18 or older. We do not knowingly collect data from children.

12. Third-Party Services

Although LaskuTasku connects to external payment providers (Stripe, PayPal, Razorpay, Paystack), these integrations are optional and initiated by you.

We are not responsible for the privacy practices of these providers. You are advised to review their policies separately.

13. Changes to This Policy

We may update this policy to reflect legal changes or improvements in our services. You will be notified of significant changes via email or on your dashboard.

The latest version is always available at: https://laskutasku.fi/privacy-policy

14. Contact

For any questions, requests, or concerns about this Privacy Policy, please contact:

Privacy Officer
Hyper ICT Oy
Soukankaari 11, 02360 Espoo, Finland
📧 info@hyper-ict.com
📞 +358 41 573 3138