Privacy Policy | Koivu Labs

1. Data Controller

Koivu Labs
Saarijärvi, Finland
Email: hello@koivulabs.com

2. Data We Collect

Koivu Labs collects minimal data. We operate on a privacy-by-default principle.

—Authentication data: Email address and password hash, stored by Firebase Authentication, used exclusively for admin portal access. This data is never shared or sold.
—Content data: Project information and dev log entries stored in Firebase Firestore. This is editorial content, not personal user data.
—Visitor data: We do not currently run active analytics or tracking on public-facing pages. No cookies are placed on visitors without consent.

3. Third-Party Services

—Firebase (Google): Used for authentication and database storage. Subject to Google's privacy policy. Data is stored in EU regions where possible.
—Vercel: Hosting provider. May log request metadata (IP, user agent) for security and performance purposes per their privacy policy.
—OpenAI: Used optionally for AI text refinement in the admin portal. Text submitted for refinement is processed according to OpenAI's data policy. No public visitor data is sent to OpenAI.

4. Legal Basis for Processing

Processing of admin authentication data is based on legitimate interest in securing the content management system. No personal data of public visitors is actively processed.

5. Data Retention

Authentication data is retained as long as the admin account is active. Content data (projects, logs) is retained indefinitely as editorial content. You may request deletion at any time.

6. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

—Access the personal data we hold about you
—Request correction of inaccurate data
—Request deletion of your data
—Object to processing
—Data portability
—Lodge a complaint with the Finnish Data Protection Ombudsman (tietosuoja.fi)

7. Contact

For any privacy-related requests or questions, contact us at hello@koivulabs.com. We respond within 30 days as required by GDPR.