Legal

Privacy Policy.

Privacy Policy

Last updated: February 27, 2026

Roitto Design Works ("we", "us", "our"), operated by Jukka Roitto (Business ID 3600460-1, Kuopio, Finland), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or purchase and use our products.

1. Data Controller

Roitto Design Works
Jukka Roitto
Kuopio, Finland
Business ID: 3600460-1

2. What Data We Collect

We may collect the following categories of personal data:

  • Contact information — name, email address (when you contact us or make a purchase)
  • Purchase and billing data — transaction details, payment method (processed by Paddle; we do not store payment card details)
  • License data — license keys, email address associated with the license, activation records, and device identifiers (machine ID) used for software activation and license verification
  • Usage data — anonymized software usage analytics (if implemented), such as feature usage frequency and error reports
  • Website data — cookies and analytics data collected through our website (see Section 7)

3. How We Use Your Data

We use your personal data for the following purposes:

  • Processing and fulfilling purchases
  • Managing software licenses and activations
  • Providing customer support
  • Sending product updates and important notices related to your purchase
  • Improving our products and services
  • Complying with legal obligations (e.g., tax reporting)

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal Basis for Processing (GDPR)

We process your data based on the following legal grounds under the EU General Data Protection Regulation (GDPR):

  • Contract performance — to fulfill our obligations when you purchase a license
  • Legitimate interest — to improve our products, prevent fraud, and ensure license compliance
  • Legal obligation — to meet tax and accounting requirements
  • Consent — for optional communications such as newsletters (you may withdraw consent at any time)

5. Third-Party Processors

We use the following third-party services that may process your data:

  • Paddle.com — payment processing, billing, tax handling, and invoicing (Merchant of Record). See Paddle's Privacy Policy.
  • Google Firebase — license activation, verification, and management (stores license key, email address, and machine ID). See Firebase Privacy Policy.
  • Website analytics — anonymized website usage tracking (if implemented)

All third-party processors are selected for their compliance with applicable data protection regulations.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

  • Purchase and license data — retained for the duration of your license plus any legally required retention period (typically 6 years for tax records under Finnish law)
  • Support correspondence — retained for up to 2 years after the last interaction
  • Website analytics — anonymized data retained for up to 26 months

7. Cookies

Our website may use cookies for essential functionality and analytics. We use only necessary cookies by default. Any non-essential cookies require your consent before being placed. You can manage your cookie preferences through your browser settings.

8. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data we hold
  • Rectify inaccurate or incomplete data
  • Erase your data ("right to be forgotten"), subject to legal retention requirements
  • Restrict processing of your data
  • Data portability — receive your data in a structured, commonly used format
  • Object to processing based on legitimate interest
  • Withdraw consent at any time for consent-based processing

To exercise any of these rights, contact us using the details below. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or alteration. However, no method of electronic transmission or storage is 100% secure.

10. International Transfers

Your data may be processed by third-party services located outside the EU/EEA. In such cases, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission.

11. Children's Privacy

Our products and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. We encourage you to review this policy periodically.

13. Contact and Complaints

For questions about this policy or to exercise your data rights, contact us at:

Roitto Design Works
Jukka Roitto
Kuopio, Finland
Support: roittodesignworks.com/support
Website: roittodesignworks.com

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Finnish Data Protection Ombudsman (tietosuoja.fi).