Audicin Beta Test Privacy Policy

‍

(last updated 14.07.2025)

Introduction

Audicin develops personalized audio treatments to recover from stress, prevent stress responses and to boost productivity. Audicin conducts a beta testing project, in which we measure Audicin user listening behaviour and biometrics. Whilst doing this safeguarding our participant’s data privacy is important to us. We collect and process data for managing execution of the project, from recruitment to collecting data and user feedback to compensation and overall management of the project.

This privacy policy explains what information we collect and process in the beta testing project, why we collect it, how we use it, and how you can exercise your legal rights. This privacy policy does not cover any third-party websites, applications, software, products, or services that integrate with our services or are linked to us or to our services.

We may be updated from time to time. We encourage you to review our Privacy Policy to stay informed. We also advise you to read Audicin Privacy Policy: https://www.audicin.com/privacy-policy-audicin

Controller’s contact information

Audicin Oy

Address: Åkerlundinkatu 8, 33100 Tampere

Email:support@audicin.com

Personal data we collect and process

We collect and process following information in order to execute and manage the project:

1. Information about the participants to recruit and manage the project
   • personal information (email address, name, country, wearable)
2. Data collected in the beta testing project from the participants
   • When using Audicin Application: Audicin listening behaviour of the participant (Minutes listened, Time started, time ended, How many sessions of how long, What tracks were listened)
   • Connected Iphone and Apple Watch to Apple Health App data: Heart Rate, Resting Heart Rate, Heart Rate Variability, Respiration Rate, Step Count, Mindful session, Sleep analysis, Active and Basal Energy burned, Blood Pressure, Blood Pressure Systolic and Diastolic, Menstrual flow, Sleeping wrist temperature, Oxygen saturation, Headphone audio exposure and event, Environment audio exposure and event, Audio exposure and event, biological sex, date of birth, wheelchair use, vo2Max, flights climbed, ascent and descent speed for stair, height, body mass, irregular heart rhythm event, walking heart rate average, body temperature

Legal basis for processing data

When signing as participant to the beta testing project, and connecting iPhone and Apple Watch to Apple Health App data

All data collected for this project is based on your explicit consent and we will only be processing your information and data collected based on your consent.

When using Audicin Application

We use your personal data to provide you with the service and/or fulfil the contractual obligations. This requires us to process your data for the customer/employment/partner relationship management, support, and communication, conducting customer surveys, customer complaint handling, maintenance, software and system updates, user identification as well as for problem diagnosis and fixing. Hence, the above-mentioned processing of your personal data is based on your agreement with us.

In addition, we use your personal data for the following purposes based on legitimate interests pursued by us; Information and account security purposes, including detecting or preventing various types of misuse of services and fraud to provide you with secure and reliable services.

We may also process personal data to be in compliance with the obligations laid down in the applicable law, regulations and decisions issued by authorities. Such examples of statutory obligations that require the processing of personal data can be the following:

• prevention, detection and investigation of fraud;
• accounting and tax regulations;
• regulatory reporting;
• obligations related to risk management;
• other obligations related to service- or product-specific legislation; and
• obligations under employment legislation.
  

How we collect your data

We collect your data when you are using Audicin application, and connect your iPhone and Apple Watch to Apple Health Application within Audicin application.

Data storage

We store your personal data primarily within the European Economic Area. However, we have service providers in several geographical locations. As such, we and our service providers may transfer personal data to, or access it in, jurisdictions outside the European Economic Area or your domicile.

If we transfer your personal data outside the European Economic Area, we provide adequate protection for such transfers through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards, such as the Privacy Shield Framework.

Data sharing

We do not share your data with any third party except under specific circumstances, such as legal requirements, authorized service providers, legitimate business reasons, or with your explicit consent.

Information security

We use various technical or organization methods and security measures to seek to ensure a sufficient level of data security and to prevent your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure.

Only the personnel with work related needs have access to your personal data or the project data.

Cookies

We use cookies and various other technologies to gather and store analytics data and other information when you visit our website. Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. We use cookies to enable usage of our website, gather information on usage and browsing behaviour and to optimize advertising. Please see our Cookie policy for more information and how to manage your cookie preferences.

Electronic communication via email or other tools.

We may send you information about this project by email, or via other tools. You can opt-out such electronic direct communication at any time free of charge by contacting us directly. However, withdrawal of the consent will result in non-completion of the project attendee requirements and will result in withdrawal from the project.

Data retention

We retain your information only as long as legally necessary and in accordance with the specific purposes it was collected. We keep this project data for a period of time in line with the requirements of any academic journal that publishes our report or for a minimum of three years, whichever is longer.  

Your legal rights

You have the right to control how your personal data is processed by us by exercising the rights listed below:

• Right of access: you can get a copy of your personal data that we store in our systems;
• Right to rectification: you can rectify inaccurate personal data that we process about you;
• Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data;
• Right to restriction: you may request us to restrict processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data.

• Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format
• Right to object: you can ask us to stop processing your personal data;
• Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
• Right to complaint: you can submit your complaint regarding our processing of your personal data to local data protection authority. For more information, please see https://tietosuoja.fi/en/home.

In order to exercise these rights, or If you decide at any point that you no longer wish to take part in the beta testing project, please email the beta testing coordinator directly, Ilmo Strömberg (ilmo@audicin.com).

—-------------

U.S. STATES WITH ENHANCED PRIVACY REQUIREMENTS

This notice supplements the information contained in this Beta testing project Privacy Policy, as well as Audicin’s Privacy Policy and applies solely to the project participants who reside in U.S. and in the states with enhanced privacy notice requirements.

Consumer rights for residents of a state with enhanced rights

1. Right to know about the personal information we collect and share
   
   • The categories of personal information we collected about you;
   • The categories of personal information we have disclosed about you (if any);
   • The categories of sources for the personal information we collected about you;
   • Our business or commercial purposes for collecting or selling that personal information;
   • The categories of third parties with whom we share that personal information; and
   • The specific pieces of personal information we collected about you.
2. Right of correction; you have the right to request correction of your personal information.
3. Right of deletion; You have the right to request erasure of your personal information
4. How to make disclosure, access, correction, or deletion requests
   
   • You can make your request by submitting a verifiable consumer request to us by sending an e-mail to support@audicin.com with following information; your full name, e-mail address, and a phone number. We may request additional information if necessary to confirm your identity. This is required by law in some cases and is for security purposes.
   • Only you, or a person registered with the appropriate mechanism associated with your state of residency that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
   • After we receive and validate your request, we will correct or delete your personal information, unless an exception applies, e.g. when we have a legal obligation to retain the data in question.

‍

About this policy

This privacy policy applies to processing of personal data by Audicin Oy and Audicin Inc. (together “Audicin”) when you use the Audicin application, you visit our website, or use other Audicin services (“Services”).

‍

Processing purposes

When you use Audicin Services, we collect and process your data for the following purposes:

‍

• To deliver services: we use your personal data to provide you the services. This includes providing access to the application with personalized information.
• To provide customer service: we use your personal data when we are conducting customer/ employment/ partner relationship management, support, and communication, conducting customer surveys, customer complaint handling, maintenance, software and system updates, user identification as well as for problem diagnosis and fixing.
• To improve our services, including development of new services: we process personal data and user data to analyse the use of our services to understand how to improve user experience and to develop new services.
• To perform analytics: we may process usage data of our services or personal data related to wellbeing in order to develop more advanced features and personalized user experiences. Some features may utilize automated technology from third parties.
• For research & development projects: If you have opted in to be in our research program, we collect and process information you provide in that specific research program.
• To enable third-party integrations and services: we may process the personal data you provide via third-party services, integrations and offerings. These include integrations with your consent with Apple HealthKit or Google Health Connect, or other services. We only process your data in connection with those third-party integrations you consent to integrate, in accordance with the applicable terms and with relevant third-party developer licence agreements when we become aware of those policies and agreements.
• For marketing purposes: we process your personal data when we are communicating with you about our offerings, conducting sales promotions, and other marketing campaigns, as well as creating aggregated target groups for marketing. Knowing customers’ preferences enables us to target our offerings and provide products and services that better meet the needs and expectations of our customers.
• To ensure information and account security: we process your personal data when ensuring security or our operations, including detecting or preventing various types of misuse of services and fraud to provide you with secure and reliable services.
• To comply with legal obligations: we may also process personal data to be in compliance with the obligations laid down in the applicable law, regulations and decisions issued by authorities. Such examples of statutory obligations that require the processing of personal data can be the following: prevention, detection and investigation of fraud; accounting and tax regulations; regulatory reporting; obligations related to risk management; other obligations related to service- or product-specific legislation; and obligations under employment legislation.

‍

Legal basis for processing personal data
The legal basis for processing your data varies depending on the purpose for which we process your data:

‍

Contract

When we process personal data in order to provide you with our services, the legal basis is the user agreement which is executed when you create an account and accept our terms and conditions of use and this privacy policy.

‍

Consent

We process your health information only with your consent. Also we process your personal data for electronic direct marketing purposes only if you have given your consent.

‍

Legitimate interest

We process your personal data based on legitimate interest, where the purpose of the processing is to develop and improve our services, to provide customer service, or to market our services. We carefully weigh our interest against your privacy in accordance with applicable law, when we decide to use your information based on our legitimate interest.

‍

Legal obligation

We need to process certain information in order to comply with legal requirements and obligations in various countries. These may include, for example, accounting and tax and consumer protection laws.

‍

How we collect your data

We collect your personal information directly from you when you make an account with us, order or subscribe from us and when you are using our services. We may also collect information via third-parties, such as cloud service providers and marketing partners. 

‍

What data we collect

We process the following categories of personal data when you use our services:

‍

• Customer  information, such as name, email address, company name, company invoicing details, contact person
• Listening & Usage Data such as content played, listening duration, and timestamps
• Biometric and user data such as gender, age, heart rate, and other biosensor data
• Calculated user, health, sleep and activity data, such as duration of sleep, oxygen saturation and activity during day 

• Device & Technical Data such as device type, operating system, network information and location data, including IP address 
• Marketing & Contact Data such as preferences, communication history, and survey responses 
• Cookies and Tracking Technologies data such as browsing behavior, preferences, and interaction data via our website and application

‍

Cookies

When you visit our website or use our application, we may use cookies and other technologies to collect and store analytics data and other information. Cookies are small text files placed on your computer that gather standard internet log and visitor behavior information. We will inform you and obtain your consent before collecting data through cookies or similar technologies.

‍

International data transfers

We process your data primarily within the European Economic Area (EEA). However, we have service providers in several geographical locations. As such, we and our service providers may transfer personal data to, or access it in, jurisdictions outside the European Economic Area or your domicile.

‍

In situations where personal data is transferred outside the EEA, we implement safeguards to ensure that the high level of protection required by European data protection law is maintained after the transfer of personal data. These include, for example, an adequacy decision by the European Commission and the recipient of the personal data being committed to the required safeguards, such as the EU-US Data Privacy Framework. As safeguards, we may also require the use of standard contractual clauses approved by the European Commission as part of the contracts binding on our partners, in addition to which we require the implementation of appropriate technical and administrative safeguards.

‍

Data sharing

We do not sell or share your data with any third party except under specific circumstances, such as legal requirements, authorized service providers, legitimate business reasons, or with your consent. 

‍

For service providers we only share personal information to provide and improve our services, provide partner services and other products, and for business operations. We require third parties to use the information only for the purposes we authorize and for the reasons explained in this policy. We use service providers for purposes such as; providing services to customers, storing our user’ data, analysis and development of our services, marketing activities.

‍

Protecting your information

We use various technical or organization methods and security measures to ensure a sufficient level of data security and to prevent your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include anonymization, or pseudonymisation of personal data, access restrictions and encryption of the data and training of our personnel.

‍

Data retention

We retain your information only as long as legally necessary and in accordance with the specific purposes it was collected. The maximum period may therefore vary per information category and use of such information. 

‍

Your legal rights

You have the right to control how your personal data is processed by us by exercising the rights listed below:

• Right of access: you can get a copy of your personal data that we store in our systems;
• Right to rectification: you can rectify inaccurate personal data that we process about you;
• Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data;
• Right to restriction: you may request us to restrict processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data.

• Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format 
• Right to object: you can ask us to stop processing your personal data;
• Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
• Right to complaint: you can submit your complaint regarding our processing of your personal data to local data protection authority. For more information, please see https://tietosuoja.fi/en/home.

‍

In order to exercise these rights, contact us at support@audicin.com, providing your full name, company name and email.

U.S. STATES WITH ENHANCED PRIVACY REQUIREMENTS

This notice supplements the information in Audicin’s Privacy Policy and applies only to visitors, users, and other individuals who reside in U.S. states with enhanced privacy policy requirements (“consumers”). 

‍

Data collection, use and disclosure of information

When you use our services (such as application or website), we collect information that identifies, describes,relates to, refers to, or can be directly or indirectly linked or associated with a specific consumer,device or household (“personal data”).

You can find information about the categories and purposes of personal data we collect and process, and sharing of your personal data in relevant sections of this Privacy Policy.

‍

Consumer rights for residents of a state with enhanced rights

1. Right to know about the personal information we collect and share: U.S. state laws may give you the right to ask us to share what personal information we have collected about you in the past 12 months.
   
   • The categories of personal information we collected about you;
   • The categories of personal information we have disclosed about you (if any);
   • The categories of sources for the personal information we collected about you;
   • Our business or commercial purposes for collecting or selling that personal information;
   • The categories of third parties with whom we share that personal information; and
   • The specific pieces of personal information we collected about you.
2. Right of correction; you have the right to request correction of your personal information. 
3. Right of deletion; You have the right to request erasure of your personal information, subject to certain exceptions, such as situations where we have a legal obligation to retain the data. 
4. How to make information, review, correction, or deletion requests
   
   • You may submit a request free of charge up to twice within a 12-month period. We will respond to all confirmed requests within 45 days of receipt. Should we reasonably require additional time to respond, we will inform you within the initial 45-day period.
   • You can make your request by submitting a verifiable consumer request to us by sending an e-mail to support@audicin.com with following information; your full name, e-mail address, and a phone number, subject for request. We may request additional information if necessary to confirm your identity. This is required by law in some cases and is for security purposes.
   • Only you, or a person registered with the appropriate mechanism associated with your state of residency that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
   • After we receive and validate your request, we will disclose, correct or delete your personal information, unless an exception applies, e.g. when we have a legal obligation to retain the data in question. 
   • If we decide not to act on your request, you may submit a written request for rectification to support@audicin.com as “rectification request”. We will process your request within the time set by applicable law. If you request for rectification is declined, we will inform you of the reason. If you do not agree with our decision or would like to lodge a complaint regarding our processing of your personal information, you may contact the data protection authority in your jurisdiction, such as the Data Protection Commissioner.

‍

Controller’s contact information

Audicin Oy

Address: Käpyläntie 1 D 66, 00610 Helsinki

email:support@audicin.com

‍

Audicin Inc.

Address:1108 Nueces St. Apt 402 Austin, TX 78701

email:support@audicin.com

‍