Privacy policy

Privacy Policy

This Privacy Policy applies to the User Register of the Data Controller's services, applications, and websites ("Services"). The Privacy Policy explains how we process personal data concerning our Service Users. Some of our services may be subject to a separate privacy policy. If a separate privacy policy applies to a specific service, we will publish the information in connection with that service. We may update this Privacy Policy when necessary due to changes in data processing practices or other reasons. The up-to-date version is available on our website at

Please note that this Privacy Policy applies to the processing of personal data that we perform as a Data Controller. We may process certain personal data on behalf of our customers as a Data Processor in connection with the provision of the Services, in which case the customer is considered the Data Controller. In such cases, the processing of data is governed by the customer's privacy policy or other documentation that informs the data subjects about the processing of their personal data by the Data Controller.

Data Controller's Contact Information

Service: AgeIn®,

Company: Onnexi Oy
Business ID: 2873321-4
Email Address:

The supervisory authority for the protection of the data subject's rights is the Data Protection Ombudsman, who can be contacted if necessary.
Data Protection Ombudsman's Office Address: P.O. Box 800, 00521 HELSINKI
Visiting Address: Ratapihantie 9, 6th floor, 00520 HELSINKI

Processed Personal Data and Data Sources
We collect two types of information about users: (i) customer and employee data about users, and (ii) analytics data. In addition, we collect user-provided review data. While we do not typically use analytics data or review data to identify individuals, sometimes individuals may be identifiable from them either alone or when combined or linked with other user data. In such cases, review data is considered personal data in the sense required by applicable law, and we process combined data as personal data. We collect and process the following user data:

From Customers:
IP address
Phone number
Email address
Additional information provided voluntarily
Information about tasks performed and received through our Services

From Employees, in addition to the above:

Voluntarily provided employee data

Most user data is collected directly from the user when registering for the Service or during the use of the Service. Additionally, personal data may be collected and updated from service providers of personal data services and public registers. Evaluation data that we collect and process in connection with the use of our Services includes information provided by users about the Service.

We may use cookies and other technologies to collect analytics data when you visit our Services. A cookie is a small text file sent to and stored on a user's computer that allows the website administrator to identify frequent visitors to the site, facilitate user access to the Services, and enable the compilation of aggregate data about visitors. This feedback helps us continuously improve our Services and better serve our customers. Cookies do not harm users' computers or files. We use them to provide personalized information and services to our customers. You can prevent the use of cookies in your browser or set your browser to warn you when cookies are being installed. For example, the following links provide information on changing cookie settings in popular browsers: Safari, Google Chrome, Internet Explorer, and Mozilla Firefox. Please note that some parts of our Services may not work correctly if the use of cookies is disabled.

Web Analytics Services
Our Services use various web analytics tools, including Google Analytics, to collect analytics data and reports on the use of our website by visitors. For more information about Google Analytics, please visit the Google Analytics website.

Purpose and Legal Basis for Processing Personal Data

We process personal data for the following purposes:

To provide our Services and fulfill our contractual obligations
We primarily process personal data to provide our Services to Users and to operate, maintain, and develop our business. Personal data may be used to fulfill our contractual obligations to Users, such as providing access to the Services and delivering key functionalities of the Services.

For customer communication and marketing
We may process personal data to contact our customers about matters related to our Services, inform customers about changes to the Services, and market our services.

For quality improvement and trend analysis
We may process data about the use of the Services to improve the quality of our Services, such as analyzing various trends related to the use of the Services. Where possible, we use only aggregated data that cannot identify individuals for this purpose.

Identification and authentication purposes
We may use your information for identification and authentication purposes. For example, when you enter your account login ID and password to enter one of our registration or login portals, we use your login credentials to authenticate your identity.

We use your information to tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experience while using the Service. For example, if you allow us to collection geolocation data, we use this information to deliver content that is around your specific location and identify business location/listings around your location

Research and reporting
We may use your information to administer surveys and questionnaires (online and offline) for research and reporting purposes to help us better serve individuals by learning more about their needs and the quality of the products, services, and educational information we provide. The survey responses may be utilized to determine the effectiveness of our Service, various types of communications, advertising campaigns and/or promotional activities.
Combining information. We (and our third party business partners on our behalf) may merge, co-mingle, or otherwise combine information, including your personal information, in furtherance of the purposes described above.

Deidentified data
We may also deidentify or anonymize your data in such a way that you may not reasonably be re-identified by us or another party, and we may use this deidentified data for any purpose permitted under applicable law. To the extent we deidentify any data originally based on personal information, we will maintain and use such data in deidentified form and will not attempt to reidentify the data.

Legal Basis for Processing
We process personal data to fulfill contractual obligations to our customers and legal obligations. Additionally, we process personal data based on our legitimate interests in operating, maintaining, and developing our business and in creating and maintaining customer relationships. When we process your personal data based on our legitimate interests, we weigh our legitimate interests against your privacy rights. In some parts of the Services, Users may be asked for consent to process personal data. In such cases, the User may withdraw their consent at any time.

Transfer of Data to Countries Outside the European Economic Area
We store personal data within the European Economic Area.

Recipients of Personal Data
We do not share personal data with third parties outside our organization unless one of the following conditions applies:

Sharing is necessary for the purposes described in this Privacy Policy
To the extent necessary for third parties to access personal data to perform the Services, we ensure appropriate contractual and organizational measures to ensure that personal data is processed solely for the purposes described in this Privacy Policy and in compliance with applicable laws and regulations.
For legal reasons, we may disclose personal data to third parties if access to personal data and its use is reasonably necessary: (i) to comply with any applicable law, regulation, and court order; (ii) to detect, prevent, or address fraud, security or technical issues, or resolve such matters; and (iii) to protect AgeIn or our Users' rights, property, or safety or the general public interest, as required or permitted by law. If possible, we will inform Users of such transfers and processing.

To authorized service providers, we may disclose personal data to authorized service providers who provide services such as data storage, sales, marketing, and customer support on our behalf. In accordance with the commitments in our agreements with service providers, service providers commit to complying with privacy and data security standards at least as stringent as those described in this Privacy Policy.

For other legitimate reasons, if we are a party to a merger, acquisition, or other corporate transaction, we may disclose personal data to third parties involved in that transaction. However, we ensure that all personal data remains confidential in such cases. In this case, we will inform Users of the transfer as soon as reasonably possible, and the processing of personal data may be subject to a different privacy policy.

With explicit consent, we may disclose personal data to third parties for purposes other than those mentioned above. Users have the right to withdraw such consent at any time.

Retention Period
We do not retain personal data longer than the maximum time allowed and required by law and only as long as necessary to provide the Services or part thereof. The retention period depends on the data's nature and the processing purpose. The maximum retention period may therefore vary case by case. User data related to the use of the Services is deleted as a rule within a reasonable time.

This is the current version of the AgeIn Privacy Policy, updated on November 20, 2023.
AgeIn may, at any time and without notice, modify this Privacy Policy. Such modifications will be operative as of their publication on the Service or when they are notified to users by any means, whichever occurs first. The user must keep informed of the terms included herein by logging in periodically.