Skip to content
Get a Quote
Get a Quote

HappyOrNot’s Privacy Policy

Last updated: January 22, 2026

Effective Date: January 22, 2026

Click here for Data Processor’s Privacy Statement

Scope and applicability of Privacy Policy

This Privacy Policy (hereinafter “Privacy Policy” or “Policy”) describes how HappyOrNot Ltd (hereinafter, “HappyOrNot Oy”, “HappyOrNot”, “Company”, “We”, “Us” or “Our”) collects, uses, stores, shares and otherwise processes your personal data in connection with your use of:

  • HappyOrNot’s Service (the “Service”) provided as Software as a Service (SaaS), which is accessible through our websites and/or
  • HappyOrNot Analytics App, or
  • Otherwise communicating with HappyOrNot.

In this Privacy Policy, “You”, “Yours” or “Customer”, means a legal entity (including its authorized business users and representatives in B2B context) that enters into a contract with HappyOrNot for the use of our Service.

This Privacy Policy does not however apply to the third-party products and/or services. Third-party products and/or services (the “Third-Party Products/Services”) are those products and/or services which you choose to integrate with the HappyOrNot’s Service e.g., via HappyOrNot’s API. Please review the third-party’s Privacy Policy and applicable Terms of Use/Terms & Conditions to ensure you are willing to accept and comply with the ways in which those third-parties collect and use your personal data.

Furthermore, HappyOrNot’s Service may contain links to other websites and services, and some of HappyOrNot’s Service may be accessed through third-party applications or services. However, any information you provide on or to a third-party website, application, or service is provided directly to the owner or the operator of such third-parties’ products/services and is subject to those third-parties’ privacy policies. Even if such third-party services are accessible through the HappyOrNot’s Service, our Privacy Policy does not apply to nor cover such Third-Party Products/Services, and HappyOrNot shall not be held liable for the content, privacy, policies or security practices of such Third-Party Products/Services. We recommend that you carefully review their privacy policies and products/services you access or use.


HappyOrNot is the Controller (the “Controller”) and is responsible for your personal data. HappyOrNot Oy is part of HappyOrNot Group of companies, consisting of HappyOrNot Americas, Inc., HappyOrNot UK Ltd. and HappyOrNot Oy. When we use “HappyOrNot”, we are generally referring to HappyOrNot Oy, who is the Controller responsible for the Service and the HappyOrNot’s Analytics App in the European Union/European Economic Area (EU/EEA). As a member of the HappyOrNot Group, we as Controller will share your personal data with other members of the HappyOrNot Group as set out in section “Disclosures of your personal data” below.

For data protection and compliance purposes, HappyOrNot has appointed a Data Protection Officer (DPO). If you have any questions about this Privacy Policy, please contact DPO using the details set out below.


Contact details

Full name of legal entity: HappyOrNot Oy (HappyOrNot Ltd)

Company’s Business ID: 2260302-1

Name of Data Protection Officer (DPO): Victor Shekera

Email address: privacy@happy-or-not.com

Phone: +358504777988

Postal address: Åkerlundinkatu 11 C, 33100 Tampere, Finland.

Changes to the Privacy Policy

HappyOrNot keeps the Privacy Policy under regular review. This version was last updated on January 22, 2026. It may change and, if it does, those changes will be posted on this web page. If HappyOrNot changes personal data processing purposes, and where such is required by the law, HappyOrNot will notify you, and where applicable will request your consent.

It is important that personal data we hold about you is accurate and current (up to date). Please keep us informed if your personal data changes during our relationship with you.

The data we collect about you

We collect, use, store and transfer different kinds of personal data about you. To make it easier for you to use this Privacy Policy, we have grouped these into the following categories:

  • Identity Data: first name, last name, company name, job title/position, and Profile Data.
  • Contact Data: first name, last name, contact address, email address and phone number(s), your communication preferences and copies of the communications between you and HappyOrNot.
  • Profile Data: your email address, username and password.
  • Transaction Data: billing and delivery addresses, payment methods, including purchase confirmations and invoices, payment card details, history of your payments, purchases, deliveries, returns and refunds (if applicable), including terms and conditions of your purchases.
  • Device Data: the type of device your organization uses, mobile network information, device’s mobile operating system, internet protocol (IP) address, time zone setting, and other information, such as timestamps and all the details regarding the request (URL, non-sensitive headers, where applicable), self-reported client agent information, which can include Operating System (OS) and browser info, masked user emails (e.g. – ***@domain.com) for authenticated operations. For digital products such as Smiley DigitalTM, we additionally collect requester IP address. For HappyOrNot’s Analytics App we collect OS version, Device type and version, Analytics App version, rough location (country), Connection type (WI-FI/LTE etc.), errors, crashes (including event trails), exceptions and debug logs.
  • Content Data: information that is stored or generated through the use of the Service via Device and/or Analytics App and other information such as timestamps and all the details regarding the request (URL, non-sensitive headers, where applicable), self-reported client agent information, which can include Operating System (OS) and browser info, masked user emails (e.g. – ***@domain.com) for authenticated operations. For digital products such as Smiley DigitalTM, we additionally collect requester IP address. For HappyOrNot’s Analytics App we collect OS version, Device type and version, Analytics App version, rough location (country), Connection type (WI-FI/LTE etc.), errors, crashes (including event trails), exceptions and debug logs.
  • Usage Data: logs and detail of use of our Service, including our Analytics App, being the dates and times on which you access the Service, including time when you download, access and update the Analytics App, any error or debugging information, and the actions HappyOrNot and you take in relation to them, and Cookies Data. Additionally, we collect IP addresses as well as browser type, URLs of referring/exit pages, operating system (OS), date/time stamp, information you search for, locale and language preferences, your mobile carrier, and system configuration information.
  • Security Data: information we collect about your use of Service and the Analytics App, including our web-site(s) in order to ensure your and our other users’ safety and security.
  • Cookies Data: the information collected through the cookies and similar technologies listed in our Cookies Notice Banner.
  • Marketing and Communications Data: your direct marketing preferences, consents for receiving direct marketing from us and/or our third parties and the history of the direct marketing communications we have sent to you.
  • Location Data: your device’s location as disclosed by mobile network, GPS technology, Wi-Fi connections or your IP address during the time period of our relationship.
  • Connected Data: information stored on your Device that you permit the Analytics App to connect to, being login information, and other information such as operating system (OS) version, Device type and version, Analytics App version, rough location (country), connection type (WI-FI/LTE etc.), errors, crashes (including event trails), exceptions and debug logs.
  • Feedback Data: your feedback and survey responses, including demographics data (where applicable) and the feedback specifically intended for HappyOrNot to improve its Service.
  • Personalization Data: Cookies Data, Device Data, Content Data, Transaction Data, Usage Data, Location Data, and the preferences we have inferred you have and use to personalize the Service and Analytics App.

You may refuse to provide us with information asked, but please note that by limiting the information you provide to us, and depending on the situation, we may only be able to provide you limited Service or unable to provide you Service at all.

We purposefully do not collect any sensitive/special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).

Our Service is not intended for, and we do not knowingly collect any personal data from, children under the age of 18. If we learn we have collected or received personal data from a child under 18 years old without verification of parental consent, we will delete that personal data.

How is your personal data collected?

We collect your personal data in the following way:

  • Communications. When you communicate with us (either prior to establishment of formal business relationship or after) via email, phone (where applicable), online meeting platforms, third-party social media sites, HappyOrNot’s online forms, or third-party online forms such as via LinkedIn or Zoom, e.g., when you register for our webinars – we collect your Contact Data. If communication relates to an error or problem you are having with our Service or the Analytics App, being our customer, we will also collect Usage Data for diagnosis and improvements.
  • Registration/Setting up of Account. Once your organization has formally established business relationship with HappyOrNot, we will create the Account for you as a user. We collect your Identity Data and Contact Data when registering/setting up the Account for you. In some cases, another user (such as your system administrator) may create an account on your behalf and may provide your information, including personal data, to HappyOrNot (most commonly when your company requests that you use HappyOrNot’s Service). We collect and process such information under the direction of our customers and often have no direct relationship with the individuals whose personal data we process. If you are providing information (including personal data) about someone else, HappyOrNot assumes that you have the authority to act on their behalf. In case you do not have such authority, we kindly ask you to obtain the necessary authority first before providing personal data to HappyOrNot.
  • Information you generate when using our Service or our Analytics App. Each time you access and use our Service or Analytics App, including participation in promotions, contests, or surveys, we collect Content, Device, Cookies, Profile and Usage Data. We collect Device, Cookies, Profile and Usage Data using Cookies. You can access our Cookie Notice Banner at the bottom of the page.
  • Information we collect through monitoring the use of our Service and our Analytics App. Each time you access and use Service and Analytics App we collect information about that access and use, Device used, Content, Cookies, and Usage Data.
  • Direct Marketing. We collect and record Direct Marketing Data when we add you to our marketing database, you request to change your direct marketing preferences, or you interact with our direct marketing communications, or if we receive prospect information from our data broker partners. You always have the ability to opt out of receiving any of marketing communications by using the “unsubscribe link” within the e-mail or by amending your marketing preferences in the preferences center.
  • Information we receive from third parties and publicly available sources. We will receive personal data about you from the third parties and public sources set out below:
    • Device and Cookies Data from the following parties:
      • analytics providers Google Analytics, Google Search Console, Ahrefs, Pardot, Gainsight, Power BI, Writesonic based in Ireland, Denmark, United States and Singapore;
      • advertising networks Google Ads, Meta, LinkedIn, Microsoft Ads, Reddit based in Ireland, Netherlands and United States.
    • Contact, Financial and Transaction Data from providers of technical, delivery services and payment providers such as Stripe based in the United States and the European Union/European Economic Area (EU/EEA).
    • Identity, Contact and Direct Marketing Data from data brokers or aggregators such as Google, Clay or LinkedIn Sales Navigator, based in European Union/European Economic Area (EU/EEA) and the United States.
    • Identity and Contact Data from publicly available sources such as company’s websites or other similar publicly available sources.

Some of HappyOrNot’s Service offers features and functionality which allow posting of information publicly, e.g., in social media platforms. Any personal information you choose to submit and publish in any such social media platforms or similar forums may be read, collected, or used by others who visit these platforms and forums, and may be used to send you unsolicited messages. HappyOrNot is not responsible and shall not be held liable for the personal data you choose to submit or publish through these channels, nor shall HappyOrNot be held liable for any acts or omissions of other users who may access such information.

Cookies

We use cookies (small files placed on your device) on our website(s), including our Analytics App and in our direct marketing emails to improve your experience and for development of our Service and/or our Analytics App. We use both session cookies and persistent cookies to identify that you’ve logged into our Service and to tell us how and when you interact with our Service. We also use cookies to monitor aggregate usage and web traffic routing on our Service and to customize and improve our Service. Unlike persistent cookies, session cookies are deleted when you log off from the Service and close your browser. For detailed information on the cookies we use, the purposes for which we use them and how you can exercise your choices regarding our use of your cookies, see our Cookie Notice Banner at the bottom of the page.

Please note, however, that if you don’t accept cookies, you may not be able to access all portions or features of the Service. Some third-party service providers that we engage with (including third-party advertisers) may also place their own cookies on your browser. This Privacy Policy covers only HappyOrNot’s use of cookies and does not include the use of cookies by third-parties.

How we use your personal data

HappyOrNot will only use your personal data when we have a lawful basis to do so. Our lawful basis for each purpose for which we use your personal data is specified below. Most commonly we will use your personal data in the following circumstances:

  • Performance of a contract. Where we need to process your personal data to perform a contract with you or where you ask us to take steps before we enter into a contract with you. Where we rely on performance of a contract and you do not provide the necessary information, we will be unable to perform your contract.
  • Legal obligation. Where we need to use your personal data to comply with a legal or regulatory obligation. Where we rely on legal obligation and you do not provide the necessary information, we may be unable to fulfil a right you have or comply with our obligations to you, or we may need to take additional steps, such as informing law enforcement or a public authority or applying for a court order.
  • Legitimate interests. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us at privacy@happy-or-not.com.
  • Consent. Where you have freely consented before the processing in a specific, informed and unambiguous indication of what you want. You can withdraw your consent at any time by using our Cookie Notice Banner, using the “unsubscribe link” within the e-mail or by amending your preferences in the preferences center or by contacting us at privacy@happy-or-not.com.

ACCOUNT MANAGEMENT AND PROFILING

Purpose or activity Type of personal data Lawful basis for processing
Combining the information we collect about you into a single customer account profile. Contact Direct marketing Legitimate Interests (to publicize and grow our business).

DIRECT MARKETING

Purpose or activity Type of personal data Lawful basis for processing
To send you direct marketing communications via email or via pop-up messages (where applicable). Contact

Direct Marketing

 Consent

Unless we can rely on the soft opt-in and you have not opted out, in which case we rely on Legitimate Interest (to publicize and grow our business).

TROUBLESHOOTING, IMPROVEMENT AND SECURITY

Purpose or activity Type of personal data Lawful basis for processing
To administer, monitor and improve our business, Service and Analytics App, including monitoring and analyzing trends, usage, and activities in connection with HappyOrNot Service, data analysis and system testing, and troubleshooting.

 

 

 Identity

Contact

Device

 Legitimate interests (for running our business, provision of administration and IT services, network security, maintaining the security of Service and Analytics App, providing a secure Service to users and preventing fraudulent and other misuse of our Service and Analytics App).
Applying security measures to our processing of your personal data, including processing in connection with the Service and Analytics App. All personal data under this Privacy Policy. Legal obligation (applying appropriate technical and organizational measures under EU GDPR and Article 32 of the UK GDPR.
Otherwise monitoring use of the Service and the Analytics App, including deploying appropriate security measures. Contact

Security

Transaction

 Legitimate interests (running our business, provision of administration and IT services, network security, maintaining the security of our Service and Analytics App, providing a secure Service to users and preventing fraudulent and other misuse of our Service and Analytics App).

RIGHTS AND OBLIGATIONS

Purpose or activity Type of personal data Lawful basis for processing
To comply with our other legal obligations, including compliance with tax legislation, accounting, judicial, law enforcement and government authorities’ requests. All personal data under this Privacy Policy. Legal obligation under Data Protection Act (1050/2018), Finnish Accounting Act (1336/1997), Act on Detecting and Preventing Money Laundering and Terrorist Financing (444/2017) and any other applicable European Union Law, or law of other relevant jurisdiction (if applicable).

COOKIES AND PERSONALIZATION

Purpose or activity Type of personal data Lawful basis for processing
To deploy and process personal data collected via Cookies that are strictly necessary, as set out in the Cookies Notice Banner. Cookies Legitimate interests (delivering and securing of our Service and Analytics App).
To deploy and process personal data collected via Cookies that are not strictly necessary, as set out in the Cookies Notice Banner. Cookies Consent
To deliver (personalized) advertisements to you. Personalization Consent

OTHER COMMUNICATIONS

Purpose or activity Type of personal data Lawful basis for processing
To notify you of changes to the Service, Analytics App, your purchases and our terms and conditions for ongoing contracts. Contact For ongoing or prospective contracts, Performance of a contract.

 

Otherwise, Legitimate interests (in servicing our users and prospective users).
To notify you of updates to this Privacy Policy (where applicable). Contact

Transaction

 Legal obligation (to inform you of our processing under EU GDPR and Articles 13 and 14 of UK GDPR.
To respond to your requests to exercise your rights under this notice. As relevant to your request. Legal obligation (complying with data subject requests under EU GDPR and Chapter 3 of the UK GDPR.
To enable you to participate in a prize draw or competition (where applicable, please also see the separate prize or competition privacy notice). Contact

Direct Marketing

Competition

 Legitimate interests (in growing and publicizing our business).

Unless you have previously opted out, where we will rely on Consent.

Performance of a contract (once you have entered).
To ask you to complete a survey/feedback and process your response (where applicable, please also see the separate privacy notice). Contact Legitimate interests (to analyze how users use our products and/or Service and to develop them and grow our business).

Unless you have previously opted out, where we will rely on Consent.
To otherwise respond to your enquiries, fulfil your requests and to contact you, where necessary. As relevant to your enquiry or request. Legitimate interests (service our customers and users and prospective customers and users).

PERSONAL DATA SHARING

Purpose or activity Type of personal data Lawful basis for processing
Share personal data with our third-party providers for purposes not otherwise set out above. See “Disclosures of your personal data”. Legitimate interests (for the purpose relevant to the recipient, as set out in “Disclosures of your personal data”.

BUSINESS CONTACTS

Purpose or activity Type of personal data Lawful basis for processing
Process personal data relating to staff members of our business contacts, including suppliers, customers and prospects. Contact Legitimate interests (servicing and receiving products and/or services, to or from our business contacts and carry out our B2B business).

You can access and modify your personal preferences, subscriptions and notifications data in your HappyOrNot Service account by accessing your user profile at the HappyOrNot Reporting Service website. If you want to delete or disable your personal data in HappyOrNot Service account, please contact your organization administration.

In case your account is administered by the Authorized HappyOrNot Reseller, and you want to modify some personal data, please contact your local Authorized HappyOrNot Reseller.

Automated decision making and profiling

HappyOrNot does not make decisions based solely on automated processing or profiling that produce legal or similarly significant effects concerning you.

Use of Artificial Intelligence (AI) in our Service.

As part of our Service, we use artificial-intelligence-based tools to help our customers analyze feedback more efficiently. In particular, our systems may automatically:

  • summarize feedback content;
  • categorize feedback into themes or groups, and
  • generate insights based on the data.

This processing may involve personal data where such data is included in feedback submissions. The AI tools are used solely to support our customers in understanding trends and improving their products or services.

No automated decision-making with legal or significant effects using AI

The AI-supported processing described above does not produce decisions that have legal or similarly significant effects on individuals, hence does not constitute automated decision-making within the meaning of Article 22 of the GDPR. All outputs are provided for informational and analytical purposes only and are intended to support, and not replace, human review, judgment and decision-making.

Transparency about the AI Use under EU Artificial Intelligence Act (EU AI Act)

In line with the EU Artificial Intelligence Act, we are transparent about the use of AI systems in our Service. The AI tools we use:

  • are designed to support analytical and organizational tasks;
  • do not interact with individuals in a way that would mislead them into believing they are communicating with a human, and
  • do not perform biometric identification, emotion recognition, or other prohibited or high-risk AI practices.

Where AI-generated content is presented to end users (such as summaries or suggestions), this content is clearly provided as AI-assisted output.

Data protection by design and safeguards

In accordance with Articles 5, 25 and 32 of the GDPR, and the risk-management principles of the EU AI Act, we implement appropriate technical and organizational measures to ensure that AI-supported processing is carried out in a lawful, fair and transparent manner. These measures include, in particular:

  • data minimization and purpose limitation;
  • role-based access controls and confidentiality obligations;
  • encryption and other security measures to protect data in transit and at rest;
  • regular assessment of risks related to AI-supported processing, and
  • human oversight over the use and interpretation of AI-generated outputs.

We do not use customer feedback data to train public or third-party AI models unless this has been expressly agreed with the customer in writing and is covered by an appropriate data-processing agreement.

International transfers and AI providers

Where AI tools involve third-party service providers or processing outside the European Economic Area, we ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR, such as Standard Contractual Clauses and, where required, supplementary measures.

As part of our HappyOrNot AI, we use OpenAI Large Language Models (LLMs). However, no personal data is used to train the AI models, and we do not share or allow others, such as OpenAI to train their models nor to use your personal data. Furthermore, no personal data could be revealed as part of the output generated by HappyOrNot AI system. Our AI model is trained with the input from the customers, particularly from the customer’s feedback responses. When our AI models are trained, the training undergoes a human oversight to endure accuracy and compliance with applicable laws.

Criminal offence data

HappyOrNot does not collect criminal offence data. However, we may process data in monitoring and use of our Service and Analytics App for security purposes, where HappyOrNot suspects that you may have committed a crime, such as attempting to make a fraudulent purchase or claim or circumvent the security of the Service or Analytics App or otherwise impersonating some other person. In such circumstances we may be under legal obligation to provide that information to law enforcement and/or use it to establish, exercise or defend a legal claim. In those circumstances, according to the type of activity and purpose, we will rely on legitimate interests (protecting our business, employees and other users) and legal obligation (where required by legal, judicial or law enforcement to disclose or process that information).

Disclosures of your personal data

HappyOrNot may share your personal data with the following third parties:

  • Internal third parties.

    Companies within the HappyOrNot Group, acting as joint controllers or processors (as case may be), which are based in Finland, the USA and the United Kingdom and provide IT and system administration services and undertake leadership reporting.

  • External third parties.

      • In case you use the Analytics App, your Appstore Provider (App Store, Google Play) and mobile network operator (where applicable) to allow you to install the Analytics App.
      • Service providers acting as processors based in Finland, Ireland, Denmark, Germany, United States, who provide IT and system administration services, hosting services, delivery and logistics services, payment processing, fraud and identity verification providers, customer service support, email delivery and administration, and data storage and analysis. Except as set forth in this Policy, these third-party service providers must only use your information to provide the services requested by HappyOrNot.
      • Our professional advisors based in Finland, Sweden, Norway, the United Kingdom, the USA, including lawyers, auditors, insurers, consultants and other similar advisors who provide legal, accounting, insurance and other similar services.
      • Your service providers that you have appointed, and we need to contact to fulfil your requests, such as purchasing agents etc.
      • Marketing and promotional partners and co-operatives acting as processors based in Finland, Denmark, Ireland, Netherlands, Singapore, the United Kingdom, and USA with whom we share data, including advertising ID and hashed email address (in an encrypted way) to enhance our offerings and identify prospective customers.
      • Third party partners where you have expressly consented, asked us to or subscribed to receive marketing from or with them.
      • Regulators, competent public authorities, law enforcement, where such is permitted or required by law, or other third-parties acting as controllers, where necessary, to exercise our rights or comply with a legal obligation.
      • Any other third-party disclosures, for example market comparison sites, researchers.
      • Third parties to whom we may choose to sell, transfer or merge parts of or all our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners will assume the rights and obligations regarding your personal data and may use your personal data in the same way as set out in this Privacy Policy.

International transfers

Your personal data is located and processed within the European Union/European Economic Area (EU/EEA). Where we have a need to transfer your personal data between our group companies (Finland, United Kingdom and USA), or with our Authorized Resellers (globally), in order to provide Service to you, we ensure your personal data is protected and all transfers between our group companies are governed by our intra-group data sharing and transfer agreement, and transfers with Authorized Resellers are governed by the appropriate measures, including necessary paperwork, depending on the Authorized Resellers’ country.

HappyOrNot has employees in Finland, United Kingdom, USA and Australia, who in some cases may have access to the personal data of European Union/European Economic Area (EU/EEA) residents.

Some of our third-party service providers are located and process personal data outside the European Union/European Economic Area (EU/EEA). Whenever we transfer your personal data out of the European Union/European Economic Area (EU/EEA), other than between our group companies or Authorized Resellers, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data. These include countries where European Commission has adopted the adequacy decisions, or where the entity is certified under Data Privacy Framework Program.
  • We execute the Data Processing Agreement (DPA) or use EU Commission’s Standard Contractual Clauses.

Please contact our DPO using the contact details above if you want further information on the specific mechanism used by us when transferring your personal data outside European Union/European Economic Area (EU/EEA).

Data Security

All information you provide to us is stored on secure servers and located in the European Union/European Economic Area (EU/EEA), namely in Ireland. HappyOrNot has implemented reasonable administrative, physical, technical and organizational measures to ensure protection against the loss, unauthorized use or access, and alteration of the data under our control. When our Service is accessed using a supported browser, Secure Socket Layer (SSL) technology protects information using both server authentication and data encryption to help ensure that data is safe, secure, and available only to you. HappyOrNot also implements a security method based on dynamic data and encoded session identifications and hosts the website in a server environment designed to be secure, which uses a firewall and other technologies designed to prevent interference or access from outside intruders. We have put in place procedures to detect and respond to personal data breaches and notify you and any applicable regulator(s) when we are legally required to do so.

Any payment transactions carried out by us or our chosen third-party provider of payment processing services will be encrypted using Secured Sockets Layer (SSL) technology. Where we have given you (or where you have chosen) a password that enables you to access our Service or HappyOrNot Analytics App, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Data Retention

Generally, we keep your data for a period of your relationship with us and for a period of two (2) years after the relationship has been terminated. However, in some cases by law we are required to keep basic information about our customers (including Contact, Identity, Security and Transaction Data) for a longer period, such as 6-10 years after they cease being our customers for tax, accounting and other compliance purposes. In some circumstances you can ask us to delete your data: see “Your legal rights” section below for further information. Once we no longer have a legal right to hold your personal data, we will delete or, in some circumstances, we will anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you. If you do not use our Service or the HappyOrNot Analytics App for a period of more than two (2) years, then we will treat the account as expired and will delete your personal data or anonymize your personal data (so that it can no longer be associated with you).

Your Legal Rights

You have the following rights under data protection laws in relation to your personal data:

  • Access. Request access to and/or a copy of the personal data we process about you (commonly known as a data subject access request). This enables you to check that we are lawfully processing it.
  • Correction. Request correction of any incomplete or inaccurate data we hold about you. (We may need to verify the accuracy of the new data you provide to us.)
  • Deletion. Request us to delete or remove personal data where there is no good reason for us continuing to process it. You also can ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we have processed your information unlawfully or where we need to erase your personal data to comply with law. In some cases, we may need to continue to retain some of your personal data where required by law. If these apply, we will notify you at the time of our response.
  • Objection. Object to us processing your personal data where: (a) we are relying on legitimate interests as the lawful basis and you feel the processing impacts on your fundamental rights and freedoms, or (b) the processing is for direct marketing purposes. In some cases, we may refuse your objection if we can demonstrate that we have compelling legitimate grounds to continue processing your information which override your rights and freedoms.
  • Restriction. Request that we restrict or suspend our processing of your personal data:
    • if you want us to establish the data’s accuracy;
    • where our use of the data is unlawful, but you do not want us to erase it;
    • where we no longer require it, but you need us to hold onto it to establish, exercise or defend legal claims; or
    • you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
  • Data portability. Request we transfer certain of your personal data to you or your chosen third-party in a structured, commonly used, machine-readable format. This right only applies to information processed by automated means that we process on the lawful bases of consent or performance of a contract.
  • Withdraw consent. Withdraw your consent at any time where we are relying on consent to process your personal data. Please know that this does not affect the lawfulness of any processing carried out before you withdraw your consent, and after withdrawal, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • Complain to the Office of the Data Protection Ombudsman in Finland, the United Kingdom’s Information Commissioner’s Office or California Privacy Protection Agency/California Attorney General data protection regulator. If you are unhappy with how we process your personal data, kindly contact us first in line with our complaints procedure at privacy@happy-or-not.com so that we have the chance to put it right. However, you also have the right to make a complaint to the Office of the Data Protection Ombudsman in Finland, the United Kingdom’s Information Commissioner’s Office or California Privacy Protection Agency/California Attorney General at any time.

You can exercise any of these rights at any time by contacting HappyOrNot at privacy@happy-or-not.com. You can also use the Cookies Banner to give or withdraw your consent to or disable our processing of your Cookies Data.


For California residents, and where California Consumer Privacy Act (CCPA) applies – personal data is collected and used as specified in sections “The data we collect about you”, “How is your personal data collected”, “How we use your personal data” and “Disclosures of your personal data”. HappyOrNot does not “sell” your personal data to third parties in the conventional sense of the term. However, we may share your advertising ID and hashed email address (in an encrypted way) with our third-party advertising platforms to deliver targeted and personalized advertising and to monitor advertising effectiveness.  Visiting users have the right to deny this advertising based on their profile or to withdraw consent by disabling “Preference/Cookies” in the website’s Cookie Notice Banner. Existing customers can manage their advertising settings in Cookie Notice Banner as well as directly in their accounts and social media services they use.

For data subjects located in the European Union/European Economic Area (EU/EEA), you can contact the supervisory authority of your habitual place of residence, place of work, place of alleged infringement or in HappyOrNot’s place of establishment at the following address:

HappyOrNot Oy (HappyOrNot Ltd)

Business ID: 2260302-1

Address: Åkerlundinkatu 11 C,

33100 Tampere, Finland.

 

If you any questions regarding this Privacy Policy or requests, kindly contact us at privacy@happy-or-not.com.

Search