Audicin Privacy Policy

(last updated: 15.10.2025)

‍

Introduction

At Audicin, we provide personalized audio journeys to help you to regulate your nervous system and track aspects of your health, such as sleep. Protecting your data privacy is of utmost importance to us. We collect and process information to deliver our services, support customer management, and continually improve user experience. 

‍

This privacy policy explains what information we collect and process, why we collect it, how we use it, use of cookies or other tracking technologies on the website or on Audicin application, and how you can exercise your legal rights. This privacy policy does not cover any third-party websites, applications, software, products, or services that integrate with our services or are linked to us or to our services.

‍

We may update this policy from time to time, and we encourage you to review it regularly.

‍

About this policy

This privacy policy applies to processing of personal data by Audicin Oy and Audicin Inc. (together “Audicin”) when you use the Audicin application, you visit our website, or use other Audicin services (“Services”).

‍

Processing purposes

When you use Audicin Services, we collect and process your data for the following purposes:

‍

• To deliver services: we use your personal data to provide you the services. This includes providing access to the application with personalized information.
• To provide customer service: we use your personal data when we are conducting customer/ employment/ partner relationship management, support, and communication, conducting customer surveys, customer complaint handling, maintenance, software and system updates, user identification as well as for problem diagnosis and fixing.
• To improve our services, including development of new services: we process personal data and user data to analyse the use of our services to understand how to improve user experience and to develop new services.
• To perform analytics: we may process usage data of our services or personal data related to wellbeing in order to develop more advanced features and personalized user experiences. Some features may utilize automated technology from third parties.
• For research & development projects: If you have opted in to be in our research program, we collect and process information you provide in that specific research program.
• To enable third-party integrations and services: we may process the personal data you provide via third-party services, integrations and offerings. These include integrations with your consent with Apple HealthKit or Google Health Connect, or other services. We only process your data in connection with those third-party integrations you consent to integrate, in accordance with the applicable terms and with relevant third-party developer licence agreements when we become aware of those policies and agreements.
• For marketing purposes: we process your personal data when we are communicating with you about our offerings, conducting sales promotions, and other marketing campaigns, as well as creating aggregated target groups for marketing. Knowing customers’ preferences enables us to target our offerings and provide products and services that better meet the needs and expectations of our customers.
• To ensure information and account security: we process your personal data when ensuring security or our operations, including detecting or preventing various types of misuse of services and fraud to provide you with secure and reliable services.
• To comply with legal obligations: we may also process personal data to be in compliance with the obligations laid down in the applicable law, regulations and decisions issued by authorities. Such examples of statutory obligations that require the processing of personal data can be the following: prevention, detection and investigation of fraud; accounting and tax regulations; regulatory reporting; obligations related to risk management; other obligations related to service- or product-specific legislation; and obligations under employment legislation.

‍

Legal basis for processing personal data
The legal basis for processing your data varies depending on the purpose for which we process your data:

‍

Contract

When we process personal data in order to provide you with our services, the legal basis is the user agreement which is executed when you create an account and accept our terms and conditions of use and this privacy policy.

‍

Consent

We process your health information only with your consent. Also we process your personal data for electronic direct marketing purposes only if you have given your consent.

‍

Legitimate interest

We process your personal data based on legitimate interest, where the purpose of the processing is to develop and improve our services, to provide customer service, or to market our services. We carefully weigh our interest against your privacy in accordance with applicable law, when we decide to use your information based on our legitimate interest.

‍

Legal obligation

We need to process certain information in order to comply with legal requirements and obligations in various countries. These may include, for example, accounting and tax and consumer protection laws.

‍

How we collect your data

We collect your personal information directly from you when you make an account with us, order or subscribe from us and when you are using our services. We may also collect information via third-parties, such as cloud service providers and marketing partners. 

‍

What data we collect

We process the following categories of personal data when you use our services:

‍

• Customer  information, such as name, email address, company name, company invoicing details, contact person
• Listening & Usage Data such as content played, listening duration, and timestamps
• Biometric and user data such as gender, age, heart rate, and other biosensor data
• Calculated user, health, sleep and activity data, such as duration of sleep, oxygen saturation and activity during day 

• Device & Technical Data such as device type, operating system, network information and location data, including IP address 
• Marketing & Contact Data such as preferences, communication history, and survey responses 
• Cookies and Tracking Technologies data such as browsing behavior, preferences, and interaction data via our website and application

‍

Cookies

When you visit our website or use our application, we may use cookies and other technologies to collect and store analytics data and other information. Cookies are small text files placed on your computer that gather standard internet log and visitor behavior information. We will inform you and obtain your consent before collecting data through cookies or similar technologies.

‍

International data transfers

We process your data primarily within the European Economic Area (EEA). However, we have service providers in several geographical locations. As such, we and our service providers may transfer personal data to, or access it in, jurisdictions outside the European Economic Area or your domicile.

‍

In situations where personal data is transferred outside the EEA, we implement safeguards to ensure that the high level of protection required by European data protection law is maintained after the transfer of personal data. These include, for example, an adequacy decision by the European Commission and the recipient of the personal data being committed to the required safeguards, such as the EU-US Data Privacy Framework. As safeguards, we may also require the use of standard contractual clauses approved by the European Commission as part of the contracts binding on our partners, in addition to which we require the implementation of appropriate technical and administrative safeguards.

‍

Data sharing

We do not sell or share your data with any third party except under specific circumstances, such as legal requirements, authorized service providers, legitimate business reasons, or with your consent. 

‍

For service providers we only share personal information to provide and improve our services, provide partner services and other products, and for business operations. We require third parties to use the information only for the purposes we authorize and for the reasons explained in this policy. We use service providers for purposes such as; providing services to customers, storing our user’ data, analysis and development of our services, marketing activities.

‍

Protecting your information

We use various technical or organization methods and security measures to ensure a sufficient level of data security and to prevent your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include anonymization, or pseudonymisation of personal data, access restrictions and encryption of the data and training of our personnel.

‍

Data retention

We retain your information only as long as legally necessary and in accordance with the specific purposes it was collected. The maximum period may therefore vary per information category and use of such information. 

‍

Your legal rights

You have the right to control how your personal data is processed by us by exercising the rights listed below:

• Right of access: you can get a copy of your personal data that we store in our systems;
• Right to rectification: you can rectify inaccurate personal data that we process about you;
• Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data;
• Right to restriction: you may request us to restrict processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data.

• Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format 
• Right to object: you can ask us to stop processing your personal data;
• Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
• Right to complaint: you can submit your complaint regarding our processing of your personal data to local data protection authority. For more information, please see https://tietosuoja.fi/en/home.

‍

In order to exercise these rights, contact us at support@audicin.com, providing your full name, company name and email.

U.S. STATES WITH ENHANCED PRIVACY REQUIREMENTS

This notice supplements the information in Audicin’s Privacy Policy and applies only to visitors, users, and other individuals who reside in U.S. states with enhanced privacy policy requirements (“consumers”). 

‍

Data collection, use and disclosure of information

When you use our services (such as application or website), we collect information that identifies, describes,relates to, refers to, or can be directly or indirectly linked or associated with a specific consumer,device or household (“personal data”).

You can find information about the categories and purposes of personal data we collect and process, and sharing of your personal data in relevant sections of this Privacy Policy.

‍

Consumer rights for residents of a state with enhanced rights

1. Right to know about the personal information we collect and share: U.S. state laws may give you the right to ask us to share what personal information we have collected about you in the past 12 months.
   
   • The categories of personal information we collected about you;
   • The categories of personal information we have disclosed about you (if any);
   • The categories of sources for the personal information we collected about you;
   • Our business or commercial purposes for collecting or selling that personal information;
   • The categories of third parties with whom we share that personal information; and
   • The specific pieces of personal information we collected about you.
2. Right of correction; you have the right to request correction of your personal information. 
3. Right of deletion; You have the right to request erasure of your personal information, subject to certain exceptions, such as situations where we have a legal obligation to retain the data. 
4. How to make information, review, correction, or deletion requests
   
   • You may submit a request free of charge up to twice within a 12-month period. We will respond to all confirmed requests within 45 days of receipt. Should we reasonably require additional time to respond, we will inform you within the initial 45-day period.
   • You can make your request by submitting a verifiable consumer request to us by sending an e-mail to support@audicin.com with following information; your full name, e-mail address, and a phone number, subject for request. We may request additional information if necessary to confirm your identity. This is required by law in some cases and is for security purposes.
   • Only you, or a person registered with the appropriate mechanism associated with your state of residency that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
   • After we receive and validate your request, we will disclose, correct or delete your personal information, unless an exception applies, e.g. when we have a legal obligation to retain the data in question. 
   • If we decide not to act on your request, you may submit a written request for rectification to support@audicin.com as “rectification request”. We will process your request within the time set by applicable law. If you request for rectification is declined, we will inform you of the reason. If you do not agree with our decision or would like to lodge a complaint regarding our processing of your personal information, you may contact the data protection authority in your jurisdiction, such as the Data Protection Commissioner.

‍

Controller’s contact information

Audicin Oy

Address: Käpyläntie 1 D 66, 00610 Helsinki

email:support@audicin.com

‍

Audicin Inc.

Address:1108 Nueces St. Apt 402 Austin, TX 78701

email:support@audicin.com

‍