Privacy Policy

1. General

Siru Mobile Oy (registered number: 2396480-6) with its registered office at Fredrikinkatu 61 00100 Helsinki, Finland (“we” or “us”) is committed to respecting your privacy and protecting your information. 

This Privacy Policy describes how any personal data we collect from you, or which you provide to us, through our website (“website”) or in connection with your mobile payment will be processed by us. This privacy policy applies to personal information we obtain anytime you interact with Siru Mobile, when you make a mobile payment, speak with our support staff or submit any details to us or using our website or by e-mail.

Any changes we make to this Privacy Policy in the future will be posted on this page. Any new Privacy Policy will be effective from the time that it is posted on the website. We reserve the right to make changes to our Privacy 
Policy at any time, without notice, where such change is required by applicable legislation.

In order to use the Service, Users must be at least eighteen (18) years of age, or of such age as required by the Merchant, with capacity to enter into legally binding contracts and must have the right to use the mobile subscription used by the User in connection with the Service. The User hereby confirms that these requirements are met.

Siru Mobile withholds the right to process the collected data within the Siru Group companies.

1. What info we collect

2.1 Website visitors:

When just browsing the website, we collect basic information that most websites collect, e.g. browser type, browser headers, cookies and IP address. By visiting the website of Siru Mobile, you consent to the collection and use of your Personal Data as described herein If you do not agree with the terms set out herein, please do not visit this website. If required by applicable law, we will seek your consent to process Personal Data collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible.

We use Google Analytics and are currently retaining data for 26 months. Any GDPR users who want to ask for their right to be forgotten or their personal information in a machine readable format should contact Google, Inc.

2.1.1 Purpose of prosessing personal data of website visitors

Siru Mobile uses the collected data to communicate with Visitors, to customize content for Visitors, and to improve its website by analyzing how Visitors navigate its website.

2.2 Mobile payment users

Following information may be collected and processed in connection to the mobile payment transaction: 

• Your mobile phone number when making a purchase using Siru Mobile payment
• Correspondence by e-mail, telephone and web forms on our website
Information collected through cookies
• Details of your visits to our website including, but not limited to, traffic data, location data, weblogs and other communication data
• Your IP-address, operating system, browser, device information and other computer or network connectionidentifiers
• Owner of the subscription used to make the mobile payment, and operator providing the subscription.

Information we collect from third parties about you: 

In order to fulfil our legal obligations to prevent fraud and money laundering, we may obtain information about you from third party agencies, at any time when we feel it is necessary to prevent fraud and minimise our financial risks.

2.2.1 Purpose of prosessing personal data of mobile payment users

We collect information for the following purposes:

• To maintain, protect and improve our mobile payment service
• To administer any problems that may arise in regards to the transaction
• For customer serviceTo prevent fraud and abuse
• To minimise our financial risk
• Derived or inferred data may be created about users, but not used for any type of automations
• For identity checksTo enhance the security of our mobile payment service
• To comply with financial service regulations
• And otherwise with consent or as permitted or required by law

If and when used for direct marketing purposes, it will only be done with your consent. We may merge personal 
information with public information or other information received from reputable vendors to update contact 
information, to enhance demographic profiles or to enhance our risk protection, as permitted by law.

If you have any inquiries or requests relating to your personal data, including requests for removing your 
information from our system, please contact us by e-mail

2.3 Cookies

We may from time to time use cookies on our website. Cookies are very small files which a website uses to identify you when you come back to the website and to store details about your use of the website and/or Services. Cookies are not malicious programs that access or damage your computer, tablet or smartphone. Your consent is requested for the use of cookies. However, this may prevent you from taking full advantage of our website and/or Services.

2.4 Hotjar

Some of our webpages use services provided by Hotjar Ltd. Hotjar provides services including Heatmaps, Visitor recordings, Funnels and Form Analysis, Feedback Polls, Surveys and Recruiters. The information generated by the tracking code and cookie about your use of the website will be transmitted to and stored by Hotjar on servers in Ireland. Through the Hotjar tracking code the information collected includes:

Device-specific data

The following information may be collected through your device and browser:

• your device’s IP address (collected and stored in an anonymized format);
• your email address including first name and surname;
• device screen size;
• device type (unique device identifiers) and browser information;
• geographic location (country only);
• preferred language used to display the webpage.

Log data

Our servers automatically record information which is created upon using Hotjar. Data includes:

• referring domain;
• pages visited;
• geographic location (country only);
• preferred language used to display the webpage;
• date and time when website pages were accessed;

Hotjar will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Hotjar uses a variety of services hosted by third parties, such as Google Analytics and Optimizely. These services may collect information sent by your browser as part of a web page request, such as cookies or your IP 
request. For information on how Google Analytics and Optimizely collect and use your information, please refer to their privacy policies. By continuing to use this website, you consent to the processing of the above data by Hotjar and by the third parties used by Hotjar in accordance with their respective privacy policies. The cookies used by Hotjar have differing durations; some persist for the session only, others will persist for a longer period, with a maximum of 365 days.

To opt out please go to the following 

2.4 lawful basis for processing

Data is collected, stored and processed based on users consent and contractual necessity.

3. Controller

Siru Mobile processes Personal Data both as a Processor and as a Controller, as defined in the Directive and the GDPR.

Siru Mobile adheres to the Directive of 1995 and the GDPR from May 25th, 2018. Consequently, Siru Mobile processes all data provided by its mobile payment Users and website visitors in the European Economic Area (EEA) only.

All data collected by Siru Mobile will be stored exclusively in secure hosting facilities provided by Microsoft Azure. Siru Mobile has a data processing agreement in place with its providers, ensuring compliance with the Directive. All hosting is performed in accordance with the highest security regulations. All transfers of data internally in the EEA is done in accordance with this data processing agreement.

4. Sharing personal data

Siru Mobile controls the collected data and is responsible for ensuring that it will be treated in accordance with applicable privacy laws and will be used only for the purposes as set forth herein.

By accepting this privacy policy the User consents that information may be forwarded by Siru Mobile to the Supplier when necessary. Siru Mobile may further forward information on the User to police authorities and other relevant authorities in connection with investigations of payment transactions for the purposes of preventing,
investigating and disclosing breaches against anti-money laundering legislation, fraud and other criminal acts.

Siru Mobile is responsible to protect the disclosed data from otherwise being passed on to third parties and undertakes not to pass on any such data for commercial, advertising or similar purposes.

All personal data collected (both from merchants and end-users) will be treated with confidentiality and will be transmitted and handled by applying SSL (Secure socket layer) and managed, stored and treated with secure encryption procedures.


5. Access to your personal information

You may request details of personal information that we hold about you. This will be free of charge. If you would 
like a copy of the information which we hold about you or believe that any information we hold on you is 
inaccurate, out of date, incomplete, irrelevant or misleading, please email us at

We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances 
set out in our Privacy Policy.


6. Retention and deletion

Siru Mobile will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. We reserve the right to refuse to delete data that we hold about you, when obliged by law to retain that info. E.g. transaction history or financial records we have a statutory obligation to retain, can not be deleted.

7. Consent

We assume that all Visitors of our website, and users of our mobile payment service have carefully read this document and agree to its contents. A consent is also requested through an active opt-in consent when making a payment or visiting our website. If someone does not agree with this privacy policy, they should refrain from 
using our website and service. We reserve the right to change our privacy policy as necessity dictates. Continued use of Siru Mobile’s website and service after having been informed of any such changes to these conditions implies acceptance of the revised privacy policy. This privacy policy is an integral part of Siru Mobile’s terms and conditions.

8. Data protection officer

Please direct your requests to:

Data protection Officer
Siru Mobile OY
Fredrikinkatu 61
00100 Helsinki

9. Changes to the privacy policy

Please be aware that we may change this Privacy Policy in the future. We may modify this Privacy Policy at any time. In our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy.