Compliance and policies.
Everything that governs how Cloop processes data, agreements with customers, and the trust framework Roffi Oy operates under.
- Privacy
Privacy policy
How Roffi Oy collects, processes, and protects personal data. The full GDPR-aligned policy for Cloop visitors and customers.
Read privacy policy - Terms
Terms of service
The agreement between you and Roffi Oy when you use Cloop, service obligations, payment, liability, and termination.
Read terms of service - DPA
Data processing agreement
GDPR Article 28 DPA covering Cloop processing customer personal data on your behalf, purpose, security, sub-processors, audit rights.
Read data processing agreement - Cookies
Cookie policy
Which cookies Cloop uses, why, and how you control them. Compliant with EU ePrivacy and GDPR consent requirements.
Read cookie policy - AUP
Acceptable use policy
What you can and cannot do with Cloop, prohibited use cases, content restrictions, abuse prevention, and enforcement.
Read acceptable use policy - Sub-processors
Sub-processor list
The vendors Cloop uses to process customer data, purpose, location, and the safeguards in place. Updated whenever the list changes.
Read sub-processor list - Security
Security overview
How Cloop secures data and infrastructure, EU-only processing in Helsinki, encryption, access control, the trust framework end-to-end.
Read security overview - End-user notice
End-user privacy notice
For website visitors who interact with Cloop on a customer site, what data is collected, why, and how they can exercise their rights.
Read end-user privacy notice
Procurement question?
Talk to our compliance lead.
DPIA reviews, security questionnaires, custom DPA edits, we run procurement calls weekly. Bring your form, we'll fill it together.