Skip to Content
Kilocode Oy / Saaristo.online Privacy Policy1. Introduction2. Definitions3. Types of Personal Data We Collect4. Legal Basis for Processing (Article 6 GDPR)5. How We Use Your Personal Data6. Cookies and Tracking Technologies7. International Transfers8. Data Retention9. Your Rights10. Sharing Personal Data11. Children's Privacy12. Data Security13. Changes to This Policy14. Contact Us

Kilocode Oy / Saaristo.online Privacy Policy

Last updated: 23.06.2025

1. Introduction

This Privacy Policy explains how Kilocode Oy (Business ID: FI18409103), located at Tiilitehtaankatu 15 B 12, 65100 Vaasa, Finland, processes your personal data when you use our services.

Kilocode Oy operates both under its main corporate identity and through its auxiliary trade name Saaristo.online. All data collected via saaristo.online, kilocode.com or kilocode.net, or any related mobile applications or digital services is governed by this Privacy Policy.

Kilocode Oy acts as the sole data controller under:

  • The EU General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679
  • The Finnish Data Protection Act (Tietosuojalaki 1050/2018)
  • The German Federal Data Protection Act (BDSG)
  • The Swedish Data Protection Act (Lag (2018:218))
  • The Estonian Personal Data Protection Act (Isikuandmete kaitse seadus)

This policy incorporates the requirements of these laws where applicable.

2. Definitions

"Company" / "we" / "us" / "our" refers to Kilocode Oy, including its auxiliary name Saaristo.online.

"Service" refers to our websites, applications, and digital services.

"Personal Data" means any information relating to an identified or identifiable natural person.

"User" / "you" / "your" refers to the individual using the Service.

"Controller" and "Processor" have the meanings given in Article 4 of the GDPR.

3. Types of Personal Data We Collect

3.1 Directly Provided by You

  • Name, email address, phone number, mailing address
  • Language preferences and account credentials
  • Boat-related data, such as:
    • Boat name or identification
    • Registration number
    • Boat type, length, beam, draft
    • Onboard equipment and services needed
    • Berthing preferences or typical marina services used
  • Harbor or business profile data (if applicable), including:
    • Harbour name and location
    • Contact persons and roles
    • Berth capacity and service offerings
    • Business or tax identification details (if applicable)

3.2 Automatically Collected Data

  • IP address, browser type and version
  • Device type, operating system, and language settings
  • Session duration, pages visited, navigation behaviour
  • Application usage logs and interaction analytics
  • Geolocation data, including:
    • Real-time position (GPS, Wi-Fi, or IP-based)
    • Movement patterns (heading, speed)
    • Device orientation or compass direction
  • Cookie and similar tracking data

3.3 From Third-Party Services (when enabled)

  • Basic public profile information from social login providers (Google, Facebook, LinkedIn, etc.)
  • Contacts or social graph data (only with your explicit permission)

3.4 Location-Based Features Transparency Clause

When you use our navigation, routing, or map services, we may request access to your real-time geolocation. This data is only collected while the feature is actively in use and is not stored permanently unless saved as part of user-generated content (e.g. trip history, saved routes, or bookmarked locations).

You may opt out of geolocation tracking through your device’s settings, though doing so may limit functionality.

4. Legal Basis for Processing (Article 6 GDPR)

Processing PurposeLegal Basis
Account registration & user authenticationContractual necessity
Booking or service transactionsContractual necessity
Marketing communications (with opt-in)Consent
Analytics and performance improvementLegitimate interest
Navigation and routing servicesContractual necessity
Legal compliance (e.g. taxes, fraud)Legal obligation

You may withdraw your consent at any time where processing is based on consent.

5. How We Use Your Personal Data

  • To register and manage your user account
  • To process bookings or transactions​
  • To respond to support inquiries
  • To send service notifications (e.g., updates, outages, security alerts)
  • To provide location-aware navigation or routing services
  • To improve user experience via analytics
  • To comply with legal obligations in Finland, Germany, and the EU
  • To send relevant marketing if legally permitted and only with opt-in

6. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Session management
  • Language preference
  • Analytics (e.g., Google Analytics, Matomo)
  • Consent management (e.g., Cookiebot)

You can configure cookie preferences via the cookie banner or your browser. For details, see our separate Cookie Policy​.

7. International Transfers

Data may be transferred to third countries only if:

  • There is an adequacy decision by the European Commission; or
  • Standard Contractual Clauses (SCCs) or other safeguards are in place.

This includes our partners and subcontractors in India, Germany, or other countries. All such transfers are legally safeguarded.

8. Data Retention

Data TypeRetention Period
User account info5 years after last activity
Booking and transaction data6–10 years (legal obligation)
Usage analytics12 months (pseudonymised)
Support inquiries2 years

9. Your Rights

Under GDPR and national laws, you have the right to:

  • Access your data (Art. 15 GDPR)
  • Rectify inaccurate data (Art. 16)
  • Erase data ("right to be forgotten", Art. 17)
  • Restrict processing (Art. 18)
  • Object to processing (Art. 21)
  • Data portability (Art. 20)

To exercise your rights, contact: privacy@kilocode.com

You also have the right to lodge a complaint with:

  • Finland: tietosuoja.fi
  • Germany: If you reside in Germany, you may contact the data protection authority (Datenschutzbehörde) of your federal state. A full list is available at: bfdi.bund.de
  • Sweden: imy.se
  • Estonia: aki.ee

10. Sharing Personal Data

We may share your personal data with:

  • Hosting and IT partners (e.g. EU-based servers, cloud infrastructure)
  • Service providers operating under data processing agreements, such as development or analytics partners
  • Legal authorities where required by law
  • Business partners with your consent (e.g. harbor operators)

We do not sell personal data to third parties.

11. Children's Privacy

Our Service is not intended for users under the age of 13. We do not knowingly collect data from children. If we discover such data was submitted, we will delete it unless parental consent is obtained.

12. Data Security

We implement organisational and technical measures:

  • Encryption (TLS, encrypted databases)
  • Access control and role-based permissions
  • Monitoring and incident response procedures

However, no system is 100% secure. We commit to notify you in the event of a breach affecting your personal data.

13. Changes to This Policy

We may update this Privacy Policy. You will be informed via email or service notice before changes take effect. The latest version is always available at: https://kilocode.net/privacy

14. Contact Us

Kilocode Oy

Tiilitehtaankatu 15 B 12, 65100 Vaasa, Suomi

Email: privacy@kilocode.com

This Policy is also available in Finnish. In case of conflict between language versions, the Finnish version shall prevail for Finnish users.