PRIVACY POLICY

Last updated: April 2026

1. Controller

Yardscape Oy (trading as Jard)
Business ID (Y-tunnus): 3579881-7
Mikael Lybeckin tie 4 B, 02700 Kauniainen, Finland
Email: info@jard.fi · Phone: +358 44 972 0836

Yardscape Oy is the data controller responsible for the processing of your personal data as described in this policy.

2. What Data We Collect

  • Account data: Email address, password (stored as hash by Firebase Auth)
  • Profile data: Business name, description, tagline, service category, years of experience
  • Contact data: Phone number, VAT/business ID
  • Location data: Service area, service location coordinates
  • Media: Profile photo
  • Activity data: Bids submitted, jobs accepted, messages sent
  • Financial data: Lead transaction history, Stripe payment references

3. Why We Collect It

  • Account management: To create and maintain your account
  • Service delivery: To connect customers with matching service providers
  • Marketplace matching: To show relevant jobs based on category and location
  • Payment processing: To process credit purchases via Stripe
  • Communication: To facilitate messaging between customers and providers
  • Legal compliance: To meet Finnish business record-keeping requirements

4. Legal Basis

We process your data based on:
  • Contract performance (Art. 6(1)(b) GDPR): Processing necessary to provide the JARD service
  • Legitimate interest (Art. 6(1)(f) GDPR): Platform security, fraud prevention, service improvement
  • Consent: Where explicitly requested (e.g., marketing communications)

5. Data Processors

We use the following third-party processors:
  • Firebase (Google): Authentication, database (Firestore), file storage — servers in EU (europe-west1)
  • Stripe: Payment processing for credit purchases
  • Google Maps Platform: Location services for service area matching

6. Data Transfers

Firebase data is stored in EU servers (europe-west1). Stripe may process payment data in the United States under the EU-US Data Privacy Framework. All transfers comply with GDPR Chapter V requirements.

7. Data Retention

  • Account data: Kept while your account is active. Deleted within 30 days of account deletion request.
  • Financial records: Kept for 6 years after the transaction as required by Finnish accounting law (Kirjanpitolaki).
  • Messages: Deleted with account deletion.

8. Your Rights

Under GDPR, you have the right to:
  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to processing based on legitimate interest
To exercise these rights, contact info@jard.fi. You may also contact the Finnish Data Protection Ombudsman (tietosuojavaltuutettu) at tietosuoja.fi.

9. Cookies

JARD uses only essential session cookies for authentication. We do not use tracking cookies, advertising cookies, or analytics cookies.

10. Changes

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify registered users of material changes via email. Continued use of the platform constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or to exercise your data rights, contact: info@jard.fi.