Privacy & Data Protection
Privacy Policy
Selvia is built for freelancers, entrepreneurs, and companies operating in Finland. Because we handle financial records, invoices, VAT data, accounting documents, and business information, privacy and security are fundamental to everything we build.
Effective date: May 2026selvia.fiinfo@selvia.fiFinland
EU & Finland aligned
Designed around GDPR and Finnish data protection expectations.
Secure by design
Encrypted connections, access controls, monitoring, and EU-hosted infrastructure.
No data sales
Selvia does not sell client or user data to advertisers or third parties.
Accounting focused
Built for sensitive invoices, receipts, VAT data, and business records.
Section 1
Who we are
Selvia provides accounting-related software, bookkeeping support tools, automation systems, invoicing solutions, VAT workflows, and business management services for businesses in Finland.
| Company | Selvia |
| Website | selvia.fi |
| info@selvia.fi | |
| Country | Finland |
Depending on the situation, Selvia may act as either a Data Controller under GDPR or a Data Processor acting on behalf of clients.
Section 2
What this policy covers
This Privacy Policy applies to:
- selvia.fi
- Selvia mobile applications
- Selvia accounting platform
- invoicing and bookkeeping tools
- receipt and expense uploads
- customer support communications
- onboarding and compliance processes
- integrations connected to Selvia
This policy does not apply to third-party services that operate independently from Selvia.
Section 3
What data we collect
Depending on how you use Selvia, we may process the following categories of data.
Account and identity data
- Full name
- Email address
- Phone number
- Company information
- Finnish Business ID, known as Y-tunnus
- Billing information
- Login credentials
Accounting and financial data
- Invoices
- Receipts
- Expense records
- VAT information
- Tax-related information
- Uploaded accounting documents
- Payment references
- Banking-related metadata
- Transaction history
- Mileage or travel records, where enabled
Technical and platform data
- IP address
- Device information
- Browser type
- App version
- Authentication logs
- Security events
- Error and crash logs
- Usage analytics
Communication data
- Support requests
- Email conversations
- Notifications
- Feedback submissions
Section 4
How we collect information
We collect information:
- directly from you,
- from documents you upload,
- from activity inside the platform,
- through cookies and analytics technologies,
- through integrations you authorise,
- from payment or authentication providers,
- and from legally required verification processes.
Section 5
Why we process personal data
Selvia processes personal data to:
- provide accounting and bookkeeping services
- operate the Selvia platform
- generate invoices and financial reports
- manage VAT and tax workflows
- provide customer support
- improve platform reliability and usability
- prevent fraud and unauthorised access
- comply with Finnish and EU legal obligations
- maintain backups, audit logs, and security systems
- develop automation and AI-assisted accounting features
Section 6
Legal bases under GDPR
Under the EU General Data Protection Regulation, Selvia processes personal data using one or more lawful bases.
Contractual necessity
Processing necessary to provide agreed services, including bookkeeping, invoicing, account access, subscriptions, support, and financial workflows.
Legal obligation
Processing required under Finnish or EU law, including accounting obligations, tax reporting, anti-fraud obligations, bookkeeping retention rules, and regulatory compliance.
Legitimate interests
Including securing the platform, improving reliability, monitoring abuse, developing features, and maintaining service quality.
Consent
Where required, such as optional marketing communications, analytics consent, or optional integrations. You may withdraw consent at any time where processing relies on consent.
Section 7
How we handle accounting and financial data
Selvia processes accounting and financial information only for the purposes necessary to provide services requested by clients.
Client financial records remain the property of the client.
Selvia does not:
- sell accounting data
- use financial records for advertising
- profile users for third-party marketing
- share accounting materials outside authorised service operations
Accounting records may be retained where required under Finnish accounting legislation and related tax obligations.
Section 8
AI, automation, and smart features
Selvia may offer automation or AI-assisted features, including:
- OCR receipt scanning
- automated categorisation suggestions
- invoice parsing
- smart bookkeeping assistance
- anomaly detection
- workflow automation
These features are designed to assist users and reduce manual work. Automated outputs should always be reviewed by the user where required under applicable accounting or tax obligations.
Section 10
International data transfers
Selvia aims to keep client data within the European Economic Area.
Where international transfers are necessary, we use safeguards such as:
- EU adequacy decisions
- Standard Contractual Clauses
- GDPR-compliant providers
Section 11
Data retention
We retain information only as long as necessary for:
- providing services
- maintaining legal compliance
- resolving disputes
- enforcing agreements
- maintaining security records
| Accounting records | 6–10 years |
| Tax and VAT records | Based on Finnish legal requirements |
| Access and security logs | Limited retention periods |
| Support communications | Operational retention only |
When information is no longer required, it is securely deleted, anonymised, or archived.
Section 12
Security and protection measures
Selvia uses commercially reasonable technical and organisational safeguards to protect data, including:
- encrypted HTTPS/TLS connections
- encryption at rest
- role-based access control
- secure EU-hosted infrastructure
- authentication and permission systems
- monitoring and logging
- backups and disaster recovery systems
- restricted production access
- multi-factor authentication for internal systems
No online service can guarantee absolute security, but protecting business and accounting data is one of Selvia's highest priorities.
For more details, see our Security & Data page.
Section 13
Your GDPR rights
Under GDPR, you may have rights to:
- access your personal data
- correct inaccurate information
- request deletion
- restrict processing
- object to certain processing
- receive portable copies of data
- withdraw consent
- lodge complaints with a supervisory authority
To exercise your rights, contact info@selvia.fi. We may request identity verification before processing certain requests.
Section 15
Third-party services and integrations
Selvia may integrate with third-party services including:
- payment providers
- banking systems
- OCR providers
- cloud infrastructure providers
- accounting tools
- communication services
These services may have their own privacy policies and terms.
Section 16
Children's privacy
Selvia services are intended for businesses and adults operating legally within Finland and the EU.
We do not knowingly collect personal data from children without appropriate legal authorisation.
Section 17
Changes to this policy
We may update this Privacy Policy as Selvia evolves, new features are released, or legal requirements change.
Material updates may be communicated through:
- the Selvia platform
- email notifications
- notices on selvia.fi
Continued use of the Services after updates become effective constitutes acceptance of the revised policy.
Section 18
Contact information
| Company | Selvia |
| Website | selvia.fi |
| info@selvia.fi | |
| Country | Finland |
Related pages:
© 2026 Selvia · All rights reserved.