Privacy Policy & Community Rules

1. Privacy Policy & GDPR Statement (Lifetime Group)

Effective Date: December 2025
Controller: Lifetime Oy (Helsinki, Finland)
Legal Basis: EU GDPR, Digital Services Act (DSA), NIS2 Directive, and EU AI Act.

1.1 Our Core Promise: Private Cloud & Data Sovereignty

Unlike traditional SaaS providers, Lifetime DWS IQ is designed as a Private Cloud solution.

  • Your Data Stays With You: We deploy the "Industrial Brain" (DWS IQ) into your Google Cloud / Azure environment.
  • No Training on Customer Data: We do not use your proprietary industrial data to train public AI models.
  • Sovereignty: You retain 100% ownership and control of your data assets.

1.2 Security & NIS2 Compliance

As a provider of digital services to essential sectors (Energy, Transport, Manufacturing), we align with the NIS2 Directive requirements:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Access Control: Strict Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA).
  • Incident Reporting: We are committed to the 24-hour early warning notification requirement for significant cyber threats.

1.3 AI Transparency (EU AI Act)

In compliance with the EU AI Act:

  • Chatbots & Agents: When interacting with our AI agents (e.g., Firehorse Coach), you will always be informed that you are interacting with an AI system.
  • Content Generation: Any content generated by our AI tools (reports, text, images) is machine-generated and should be verified by a human expert before legal use.
  • Risk Categorization: DWS IQ is designed as a support tool, not a "High-Risk AI System" under the Act (it does not perform biometric identification or critical safety components without human oversight).

1.4 International Data Transfers

Our primary deployment model keeps data within the EU/EEA. Where US infrastructure (Google/Azure) is used, transfers are protected under the EU-US Data Privacy Framework (DPF).

2. Community Rules (EU Digital Services Act)

For users participating in our community forums, comments, or shared workspaces ("Lifetime World"), we apply the following rules in compliance with the EU Digital Services Act (DSA):

  • Illegal Content: Strictly prohibited. This includes hate speech, terrorist content, child sexual abuse material, and non-consensual sharing of private images. We will remove such content immediately.
  • Respectful Conduct: Harassment, bullying, and discrimination are not tolerated.
  • AI Transparency: If you use our AI tools to generate content posted to the community, you must clearly label it as "AI-Generated".
  • Moderation & Appeals: We reserve the right to remove content that violates these terms. If your content is removed, you will receive a statement of reasons and have the right to appeal by contacting moderation@lifetime.fi.

3. Your Rights (GDPR)

You have the right to Access, Rectify, Erase, and Object to processing.

4. Google Customer Reviews & Third-Party Cookies

In connection with the Google Customer Reviews program, we use third-party technologies to collect information:

  • Third parties (including Google) may place and read cookies on your browser, or use web beacons to collect information.
  • Google may receive information about transactions conducted on this site.
  • Cookie Management: You can manage your cookie preferences through your browser settings. You may block or delete cookies, though this may affect site functionality.

5. Contact Us

Data Protection Officer
Lifetime Oy
Helsinki, Finland
Email: risto@lifetime.fi