Lifetime Legal & Compliance Hub

Transparency as a Service.

At Lifetime Oy, we believe that legal clarity is the foundation of industrial trust. Our "Compliance First" architecture is designed to turn complex EU regulations—such as Fit for 55, the EU AI Act, the Digital Services Act (DSA), the EU Data Act, and GDPR—from liabilities into competitive assets for our clients.

Below you will find our complete legal framework, governing our software, services, and commercial relationships. Each policy carries an explicit effective date, last review, and named escalation channel to simplify vendor-risk assessments.

0. Compliance at a Glance

1. Investor Security (Start Here)

⭐ Why Your Investment in Lifetime Oy is Secure * For Investors: A direct guide for US and International investors on how EU compliance and Finnish stability protect your capital. * Quick Summary: * World-Class Data Security: GDPR ensures your investor data and our IP are protected by strict legal frameworks, reducing breach risks. * Transparency by Design: Finnish corporate law and CSRD alignment give you clear visibility into governance and environmental impact. * Stable Foundation: Finland ranks #1 globally for rule of law and political stability—providing predictable investment conditions. * Future-Proofed Standards: Our compliance with EU sustainability regulations positions your investment for long-term ethical growth.

(Image Suggestion: A reassuring image of a shield or a safe combined with a green leaf, symbolizing secure and sustainable investment. Located right next to this section.)

2. Privacy & Data Governance

• ⭐ Privacy Policy & GDPR Statement

  • For Everyone: How we handle data, cookies, and your rights.
  • Key Assurance: We do not use your private industrial data to train our public models. We deploy Private Cloud instances to ensure full data sovereignty.
  • Data Subject Requests: Export, correction, and deletion requests are acknowledged within 2 business days and fulfilled within 30 days (15 days for high-risk processing) in line with GDPR and the EU Data Act.

• ⭐ Data Security Policy

  • For Business Partners: How we protect confidential data with zero-knowledge encryption.
  • Key Features: Proton Mail E2EE, Proton Drive encryption, EU data residency, no US cloud for sensitive data.
  • Compliance: GDPR, EU AI Act, NIS2, EU Data Act - all technical security measures documented.

• ⭐ Data Handling Policy

  • For Team & Partners: Data classification (CONFIDENTIAL/INTERNAL/PUBLIC), AI tools usage policy, storage guidelines.
  • Key Rules: No cloud AI for confidential data, encrypted local database, Proton Drive backups, GDPR compliance.
  • Incident Response: 72-hour reporting timeline, data deletion procedures, affected party notifications.

• ⭐ Cookie Preferences

  • Manage consent for essential, analytics, and AI-personalisation cookies with granular toggles.
• Data Processing Agreement & SCCs: Our modular DPA aligns with IT2022 EHK terms, includes Standard Contractual Clauses (2021/914/EU), and defines sub-processor disclosure and audit windows. Request a copy via legal@lifetime.fi.
• Data Protection Officer: Acting DPO – Risto Rautakorpi (risto@lifetime.fi). Supervisory authority: Office of the Data Protection Ombudsman, Finland.
• AI Act Compliance: DWS IQ and Firehorse are classified as limited-risk systems. We maintain datasets statements, human oversight playbooks, CE conformity documentation, and a live change log for technical documentation expected by the EU AI Act.

(Image Suggestion: A stylized "cookie" icon with a toggle switch, or a clean, modern padlock icon. Placed near the Privacy section.)

3. Digital Services & Platform Accountability

• Digital Services Act alignment: Lifetime Oy operates below the Very Large Online Platform threshold but voluntarily complies with Articles 14–24. We maintain a trusted-flagger workflow and content moderation records for every automated agent output.
• Transparency Digest: Quarterly metrics (notices received, actions taken, automated decisions appealed) are summarised in a PDF available upon request at legal@lifetime.fi. The next update publishes in January 2026.
• Notice & action channel: Report suspected illegal content or AI misuse via legal@lifetime.fi. Include (i) URL, (ii) description, (iii) legal basis. We reply within 48 hours.
• NIS2 & incident reporting: For essential/important services, we provide a 24-hour early warning to the Finnish Transport and Communications Agency (Traficom) and deliver a final report within 72 hours. Customers receive parallel updates via their nominated incident contacts.

4. Commercial Agreements

• ⭐ Agreement & Project Terms

  • For Clients: The master service agreement framework. We generally follow IT2022 terms or negotiate specific project contracts.
  • Scope: Confidentiality (NDA), IPR transfer, and general liability.

• ⭐ Professional Services Terms

  • For Consulting Clients: Specific terms for advisory, implementation, and "Kickoff" packages.
  • Key Point: Defines the scope of expert hours vs. software deliverables.
• Service Levels & Incident Credits: Baseline SLA provides 99.5% monthly uptime for DWS IQ and 2-hour response for P1 tickets (24/7). Enterprise tiers can contractually extend to 99.9% uptime with financial credits. Incident notifications follow the NIS2 cadence noted above.
• Procurement shortcut: Downloadable one-page compliance summary (ISO/IEC 27001 control mapping + insurance certificates) is included in each proposal pack. Request expedited vendor questionnaires via compliance@lifetime.fi.

(Image Suggestion: Two hands shaking or a pen signing a document on a digital tablet. Placed near Commercial Agreements.)

5. Product Terms of Service

• ⭐ DWS IQ Terms of Service

  • For SaaS Users: Governs the use of the DWS IQ "Industrial Brain" platform.
  • Focus: SLA, uptime, and permissible use of AI agents.
  • Autonomous Guardrails: AI agents cannot trigger safety-critical actions, initiate unsolicited outreach, or retrain themselves without human validation. Violations may suspend access.

• ⭐ Firehorse Terms of Service

  • For Automation Users: Specific terms for Firehorse reporting and marketing automation tools.
  • Focus: Output accuracy and marketing compliance.
  • Marketing Compliance: Firehorse embeds unsubscribe, consent, and auditable templates for EU and US outreach requirements.

• ⭐ Lifetime Fleet Terms

  • For Logistics Partners: Terms for physical robotics, drone, and vehicle operations.
  • Focus: Operational safety, liability, and hardware handling.
  • Regulatory Alignment: Compliance with the EU Machinery Regulation, EASA drone operator requirements, and local road permits is documented per deployment.

• Change Management: Every product terms page now lists the previous revision ID and timestamp so you can assess contractual drift before accepting updates.

(Image Suggestion: Icons representing software (a cloud), automation (a gear), and fleet (a truck/drone). Placed next to the corresponding product terms.)

6. Investor Relations

• ⭐ Regulatory Notice for Investors
  • For Investors: Details on our €150k SAFE offering, compliance strategy, and risk factors.
  • Why Read: Understand how we use EU regulation as a moat to build a defensive, scalable business.

(Image Suggestion: A rising graph chart or a euro sign symbol. Placed near Investor Relations.)

7. Return & Performance Policy

• ⭐ Return Policy
  • Digital services: SaaS subscriptions may be cancelled within 14 days of purchase (before delivery of custom models) for a full refund. After activation, pro-rata credits are applied if uptime SLAs are missed.
  • Physical hardware & robotics: 14-day statutory withdrawal right plus a 60-day performance guarantee covering manufacturing defects. Hardware RMAs are acknowledged within 2 business days; inbound freight labels are provided for EU customers.
  • Professional services: Kickoff deposits are refundable until the first milestone workshop. Thereafter, unused hours can be reallocated to other initiatives within 90 days.

The 60-day performance guarantee applies to documented KPIs agreed in writing (e.g., lead-flow increases or logistics cycle-time reductions). If objectives are not met, we co-design a remediation sprint at no extra cost.

(Image Suggestion: A "satisfaction guaranteed" badge or a simple return arrow icon. Placed near Return Policy.)

8. Contact & Escalation