Version 1.0.0
Last updated: 3 May 2026
Helppa is a community service for local help requests. Through the service, residents can ask for and offer help in their local community. Helppa does not process payments and does not collect users' payment information.
This privacy policy describes how Keikahduspiste Oy collects, uses, shares, and protects personal data in the Helppa service. This policy applies to all users of the Helppa mobile application.
The Helppa service is operated by Keikahduspiste Oy ("Helppa", "the service", "we").
Finnish law applies to this privacy policy.
Keikahduspiste Oy
Business ID: 3372644-9
Roihuvuorentie 24, 00820 Helsinki, Finland
Contact:
privacy@helppa.app
support@helppa.app
legal@helppa.app
The data controller has not appointed a Data Protection Officer (DPO), as the company's activities do not require one under GDPR Article 37. For data protection inquiries, please contact privacy@helppa.app.
Helppa is intended only for users aged 18 or older.
We collect data when a user:
Helppa supports:
Helppa does not store passwords.
Identity is verified via Finnish bank identification (Finnish Trust Network) through the Signicat service.
Data collected:
Helppa does not store the national identity number in plain text.
Legal basis: performance of a contract
Helppa does not store precise GPS location.
We store:
Geohash anonymizes location to approximately 153 meters of precision.
The legal basis for processing location data is legitimate interest: it is necessary for the service to connect users with nearby help requests. Users benefit from local matches. We have assessed that the processing of location data does not unreasonably infringe on users' rights or interests.
Help requests may include:
This data may be visible to other users.
User-uploaded images are automatically checked using the Google Cloud Vision API to ensure content safety.
We store:
Chat messages are deleted when the associated help request is deleted. Help requests older than 3 months are automatically deleted.
Users can submit feedback and suggestions through the app. Feedback can be submitted anonymously. If the user wishes to be contacted regarding their feedback, their email address is attached to the submission.
Legal basis: consent (attaching email address to feedback)
Helppa collects app usage statistics to improve the service. Analytics are first-party analytics and data is not shared with third parties for marketing purposes.
Legal basis: consent
You can withdraw your consent at any time in the app settings under Privacy → Analytics. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.
Analytics data is retained for a maximum of 2 years.
Helppa may use Sentry for error reporting.
Collected data may include:
Legal basis: consent
You can withdraw your consent at any time in the app settings under Privacy → Error Reporting. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.
We store:
Legal basis: consent. Push notifications are only sent if the user has granted permission for notifications in their device settings.
| Processing | Legal Basis |
|---|---|
| User account | Performance of a contract |
| Chat | Performance of a contract |
| Location data | Legitimate interest |
| Analytics | Consent |
| Error reporting | Consent |
| Push notifications | Consent |
| Identity verification | Performance of a contract |
| Image content moderation | Legitimate interest |
| Feedback (email address) | Consent |
Helppa does not use automated decision-making or profiling that would have legal or similarly significant effects on the user (GDPR Art. 22).
| Data Type | Retention Period |
|---|---|
| User account | Active account. After account deletion, data is retained for 30 days (to allow account recovery), after which it is permanently deleted. |
| Chat messages | Deleted when the associated help request is deleted (help requests are automatically deleted after 3 months) |
| Analytics | 2 years |
| Activity logs | 90 days |
| Error reports | 90 days |
| Push tokens | Deleted upon account closure |
| Identity verification data | Active account. Deleted upon account deletion (30-day account recovery period). |
Helppa uses:
Data breaches likely to result in a risk to users' rights will be reported to the Data Protection Ombudsman within 72 hours (GDPR Art. 33). If a breach is likely to result in a high risk to users' rights, we will also notify the affected users without undue delay (GDPR Art. 34).
Helppa uses the following data processors:
Data Processing Agreements (DPA) are in place with all service providers: Firebase, Google Maps API, and Google Cloud Vision API are covered by Google's Cloud Data Processing Addendum (CDPA). Sentry's DPA has been executed via the Sentry console. OpenCage's DPA is included in the paid service agreement. Signicat's DPA is part of the service agreement (Appendix 6).
Some of our data processors are located outside the European Economic Area (EEA). Data transfers are protected as follows:
We may disclose personal data to authorities if required by law or official order. Such disclosure is based on a legal obligation.
The Helppa mobile application does not use cookies. If Helppa offers a web service, a separate cookie policy will apply.
Your rights under the GDPR:
We respond to data requests within 30 days.
Office of the Data Protection Ombudsman
https://tietosuoja.fi/en
You have the right to file a complaint with the Data Protection Ombudsman if you believe your personal data has been processed in violation of data protection legislation.
We reserve the right to amend this privacy policy. The updated privacy policy will be presented to the user in the app, and continued use of the service requires acceptance of the updated policy. The current privacy policy is always available in the app.