Privacy Policy

April 13, 2017

We at Dooap are committed to protecting the privacy of the users of our products. This Privacy Policy applies to use of our Dooap product (“Dooap Product”) by customers ("you" or “Customer”) and processing of data we receive through the use of Dooap Product or Dooap websites, and explains and governs our data collection, processing and usage practices.

By using the Dooap Product or the Dooap website, you consent to the data practices described in this Privacy Policy. If you do not agree with the data practices described herein, you should not use the Dooap Product. Dooap may modify this Privacy Policy from time to time and will update the date appearing at the beginning of this Privacy Policy when modifications take place. The most current Privacy Policy will be available in the Microsoft AppSource and on the Dooap website. You accept such modified Privacy Policy by continuing to use of the Dooap Product. We recommend that you visit our website occasionally to review any changes.

The terms "Dooap", "we", "us" or "our" refer to Efima Oy, a Finnish corporation that is doing business under the name Dooap and is the developer and owner of the Dooap Product.

1. The Dooap Product

The Dooap Product is an invoice management tool designed to be utilized by our Customers for their internal invoice management purposes. Dooap processes information provided by its Customers, and does not control the content on the websites or services of its Customers, or the information collected and processed by our Customers. These are governed exclusively according to their own privacy policies. Our permitted use of information is set out in this Privacy Policy.

2. The Information We Collect

2.1. Customer Information

When using the Dooap Product, we ask you to provide certain personal information related to your use of the Dooap Product. We collect this information directly from you, and store it to our Customer Register for purposes described in this Privacy Policy. This Customer information includes, for example, your name, contact details (such as address, billing address, e-mail and phone number), company name and occupation, gender, language and other information that personally identifies you (such as IP-address), submitted or made available by you later in the course of your use of the Dooap Product (“Personal Information”).

2.2. Website usage, log files and cookies

You are free to explore the Dooap websites without providing any information about yourself. However, we collect certain information received automatically through the use of the Dooap Product and websites. Such information refers to your computer (or other device) and your use of the Dooap Product, and includes (i) information about your use of and your interactions with the Dooap Product, including advertising, products and services which are displayed, offered or otherwise made available on the Dooap Product; (ii) details pertaining to your use of the Dooap Product features and other contributions to the Dooap Product; (iii) technical data, such as the referring website address, access times, your IP address, device identifier, network and computer performance, browser type, language, operating system, and the Dooap Product version; and (iv) location information. We may use cookies and similar technologies to collect this information (see Section 7 below). We may store and use this information in accordance with this Privacy Policy.

2.3. Payment information

When you order the Dooap Product through Microsoft webpages, we do not store and process your credit card information and other invoicing data provided by you. All processing of credit card information is performed by trusted third parties for the sole purpose of verifying your financial qualifications and collect payment from you. The use of your data by our invoicing service provider is subject to its privacy policies. Trial use of the Dooap Product is provided free of charge for customers.

2.4. Information Collected by Our Customers

Our Customers can use the tools we provide, as well as tools provided by third parties, to collect information similar to that referred to on Section 2.2 above when you use their information by using the Dooap Product. Dooap does not control its Customers’ use of these tools, nor do we control the information they collect or how they use it. These are always subject to our Customers’ own privacy policies.

2.5 Children

The Dooap Product is a business-to-business product and not intended for children under the age of 18 who are not legally capable of forming binding contracts in most jurisdictions. We do not knowingly collect personal information from children under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information.

3. How We Use the Information We Collect

3.1. Compliance with Privacy Policy

We use the information collected only to the extent provided for in this Privacy Policy. Our Customers are obligated to comply with this Privacy Policy, and we recommend that as our Customer you refer to this Privacy Policy in your own terms and conditions applicable between you and your client.

3.2. Use of Personal Information

We may use your Personal Information and other data we collect to: (i) provide, personalize and improve the Dooap Product, for example by providing customized or localized content and advertising (see Section 7 below) ; (ii) ensure technical functioning of the Dooap Product, develop new features or services and provide support; (iii) perform research, analyze and compile statistical information about your use of the Dooap Product, including your interaction with content made available therein; (iv) communicate with you for purposes related to the management of Customer or user relationship (including billing, surveys, newsletters etc.); and (v) send you promotional material and other marketing communications relating to our or our Customers’ products or services (see Section 8 below).

However, we may share the data (whether Personal Information or non-personally identifiable) with our subcontractors partners for the above purposes. In case we share the data, we will ensure that Personal Information is shared and processed only to the extent necessary and only for the intended purpose. Such third parties are also required to maintain the confidentiality of your Personal Information.

We may sell, transfer or otherwise share some or all of our assets, including your personal information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.

We may disclose aggregated anonymous and not personally identifiable information about our users without restriction.

Other than as provided in this Privacy Policy, we will not share your Personal Information or potential Personal information with any third party. Please note that there can be exceptions based on your country due to local laws or authorities and that we may be obligated to disclose your personal information to authorities or third parties pursuant to mandatory applicable law or an order of a regulatory or statutory authority.

3.3. Access to Personal Information

Dooap’s personnel have no general access to Personal Information included in the Dooap Product. Access to such Personal Information is given exclusively to authorized persons on Dooap’s side or its subcontractors, for instance, in connection with the supply of support services relating to the Dooap Product. We have ensured that our employees do not process Personal Information on a wider basis than required for providing the Dooap Product. Our personnel have received training on the restrictions relating to the processing of personal data.

4. Third Party Services and External Websites

The Dooap Product enables you to promote and share your content with other services (such as network and invoicing services etc.). The use of your content and related information (including Personal Information, if any) on these services is subject to the terms and conditions and privacy policies of the relevant service providers, and we do not have access or control over nor do this Privacy Policy apply to these third party services.

Our websites may include links to third party websites. Please note that we do not control, and are not responsible for, the content or practices of such websites, which are also subject to their own terms and privacy policies.

5. Transfers to Other Countries

In order to ensure proper functioning of the Dooap Product, and to facilitate our global operations, we may need to share and transfer your Personal Information with companies operating outside Finland (for example if our servers are located in another country) and the EU/EEA. You expressly consent that Dooap Inc. has the right to share and transfer your Personal Information freely within the EU/EEA for the purposes described in this Privacy Policy, and outside the EU/EEA on grounds referred to in Chapter 5 of the Finnish Data Protection Act. Further, as we use a subcontractor established in the United States to facilitate the distribution of the Dooap Product, by using the Dooap Product you agree and consent that some of your Personal Information (email address or other similar identification data needed to transmit emails) may be transferred to the said subcontractor, but solely for the said purpose.

6. Security

We employ several security technologies and measures to protect and prevent your Personal Information stored on our servers from unauthorized access, use and disclosure. Our servers are located in a controlled and secure environment and user credentials are required to access the environment and Personal Information.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information as set orth in this Privacy Policy, we cannot guarantee the security of your personal information transmitted to our website or via the Dooap Product.

7. Information about Cookies and Similar Technologies

A “cookie” is a small text file that is placed on your computer or other terminal device by a web server when you visit a website. Cookies are used to personalize your browsing experience by helping a website recognize your device when you return to that website. Each cookie is individually assigned to your terminal device and only the server that has placed the cookie is able to read it later on. A cookie does not run programs and it cannot be used to deliver viruses or other malware, or harm your terminal device or data files. An individual user is not identifiable merely through the use of cookies or similar technologies.

We use cookies and other similar technologies to operate, analyze and improve the Dooap Product and websites to better serve our Customers and users, and to provide you with personalized information in accordance with this Privacy Policy. The information we collect by these means is described in Section 2.2 above. If you have provided Personal Information about yourself, we may combine the information we receive with the help of these techniques with your personal information.

You have the option to manage your cookie preferences through your web browser. You can set your browser to accept, block or delete all or certain cookies. Please note that if you choose to block cookies, this may prevent the proper functioning of the Dooap Product or websites. For more information about cookies and how to block them, please visit for example or

8. Your Rights With Respect to Personal Information

8.1. Right to Prohibit Processing

You have the right to prohibit us from processing your Personal Information for purposes of direct advertising, distance selling and other marketing communications, market research and opinion polls (opt-out) by informing us thereof. We may send you marketing communication using electronic means (e-mail, SMS etc.) only in the event you have given your consent to such communication (opt-in), and you have the option to unsubscribe at any time.

8.2. Right of Access and Rectification

You have the right to access your Personal Information stored in our data file by making a request to this effect to us by a personally signed or otherwise comparably verified document or by appearing personally in the premises of Dooap Inc.

9.  Governing Law and Dispute Resolution

This Privacy Policy shall be interpreted and construed in accordance with the laws of Finland, without regard to the principles governing conflicts of law of any jurisdiction. Dooap strives to comply with the Finnish Data Protection Act (523/1999), Act on the Protection of Privacy in Electronic Communications (516/2004) as well as other Finnish and EU privacy legislation while processing any personally identifiable or other similar user data in the course of providing our products and services.

Both parties shall use their best efforts to settle by amicable negotiations any disputes which may occur between them arising out of or relating to this Privacy Policy or the existence, validity, termination, interpretation of any term hereof or either party's performance obligations hereunder.

If the arties fail to reach an amicable settlement of their dispute within 60 days of its initiation, and subject to the limited right to seek an injunction as set forth below, either party may refer such dispute to binding arbitration to the International Chamber of Commerce in Helsinki, Finland in accordance with its rules. The arbitration shall be conducted in the English language by a single arbitrator who shall be a professional, legal or otherwise, but shall not be, or have previously been associated with any party to this Privacy Policy. The arbitral award shall be final, binding and non-appealable.  


Should you have any questions or comments about this Privacy Policy, please contact:


Mannerheimintie 3 B
00100 Helsinki, Finland