Last modified: 2026-04-29 Last reviewed: 2026-04-29 by Aatu Kemppäinen

Version: 2026-04-28 — Elda Solutions Oy

TERMS OF SERVICE

1. Purpose and Target Audience

ELDA is a mobile application designed to reduce loneliness and increase activity, particularly among adults aged 60 and older. The app helps users find like-minded people and local activities.

The service is provided by Elda Solutions Oy (hereinafter "Elda"). By using the app, you accept these Terms of Service and the Privacy Policy below.

2. Creating an Account

Creating an account requires that you:

• Are at least 60 years of age.

• Provide accurate and truthful information during registration.

• Keep your login credentials secure and do not share your account with others.

• Notify Elda immediately if you suspect unauthorised use of your account.

  
  

3. User Obligations

By using ELDA, you agree to:

• Use the app only for its intended purpose: finding new acquaintances and participating in activities.

• Treat other users with respect and courtesy.

• Provide truthful information in your profile.

• Comply with Finnish law and good conduct in all communications.

  
  

4. Prohibited Use

The following activities are strictly prohibited:

• Harassment, threats, defamatory or discriminatory communication.

• Providing false or misleading information in your profile.

• Collecting or sharing other users' personal data without their consent.

• Commercial advertising, marketing, or spam.

• Attempted fraud, identity theft, or deception.

• Use of automated programs within the app.

• Technically overloading or hacking the app.

  
  

Elda Solutions Oy reserves the right to close accounts that violate these rules without prior notice

5. Activities and Meetings Between Users

ELDA provides a platform through which users can arrange meetings and activities. Elda Solutions Oy is not a party to agreements between users and is not responsible for events or meetings between users.

We recommend exercising general caution with new acquaintances: meet for the first time in a public place and inform someone close to you of your plans.

6. Content Moderation and Safety

The app uses automated content filtering to detect inappropriate messages and profile information. Users can report disturbing or inappropriate content through the app's reporting feature.

Elda reserves the right to remove inappropriate content and accounts and to prevent repeated misuse.

7. Changes to the Service and Termination

Elda Solutions Oy may modify these Terms of Service or the features of the service. Users will be notified of material changes through the app before they take effect. By continuing to use the app after a change, you accept the new terms.

You may stop using the service and delete your account at any time via Settings > Delete Account.

8. Limitation of Liability

Elda Solutions Oy is not liable for:

• Events between users outside of the app.

• Damages caused by communication outages or technical disruptions.

• The content or quality of activities provided by third parties.

Elda's liability is limited in accordance with Finnish consumer protection and tort law.

9. Applicable Law

These Terms of Service are governed by Finnish law. Any disputes will be resolved primarily through amicable settlement. If no settlement is reached, disputes will be resolved in the Pirkanmaa District Court.

PRIVACY POLICY

This policy fulfils the information obligations under Articles 13 and 14 of the EU General Data Protection Regulation (GDPR). It describes what personal data is collected, why, how long it is retained, and what your rights are.

10. Data Controller

• Elda Solutions Oy

• Business ID: 3583944-7

• Kuntokatu 3 C 2, 33520 Tampere

• Email: info@eldasolutions.fi

  
  

11. Data Protection Officer

• Data Protection Officer: Aatu Kemppainen

• Contact: info@eldasolutions.fi

  
  

You may contact the Data Protection Officer regarding any matter relating to the processing of your personal data.

12. Personal Data Collected

Data collected during registration:

• First name

• Date of birth (used only to calculate age group)

• Postal code (converted to a city name space and location point for distance calculation; exact address is not stored)

• Phone number (login and account security; not shown to other users)

• Email address (optional for recovering account)

• Interests (selected from a predefined list)

  
  

Optional data:

• Profile photo or illustrated avatar (EXIF metadata from images, such as location data, is automatically removed before storage)

• Introduction text (maximum 250 characters)

  
  

Data generated during use of the service:

• Messages and activity suggestions with other users

• Meeting plans

• Notifications

• IP address in connection with profile updates to ensure security (anonymised within 30 days)

  
  

13. Purposes of Processing and Legal Bases

Performance of a contract (GDPR Art. 6(1)(b)) required to provide the service:

• Creating, logging in to, and maintaining your account

• Building your profile and matching users based on interests and location

• Communicating with other users

• Managing activity suggestions and meeting plans

• Sending in-app notifications

  
  

Legitimate interest (GDPR Art. 6(1)(f)), balanced against the rights of the data subject:

• Retention of phone number: bot protection and account security

• Safety features: blocks, user reports, and limited records to maintain community safety

• Anonymous usage statistics for activity recommendations. No user identifier is stored (can be turned off in Settings)

• Security logs to ensure the safe operation of the service

  
  

Legal obligation (GDPR Art. 6(1)(c)):

• Cooperation with authorities in situations required by applicable legislation

Data concerning special categories (GDPR Art. 9) is not collected. No automated legal decisions (GDPR Art. 22) are made.

14. Recipients of Your Data

Your data is not sold or disclosed for advertising or profiling purposes. Recipients are limited to:

• Amazon Web Services EMEA SARL (Luxembourg, EU): All personal data; infrastructure service provider, AWS GDPR Data Processing Agreement in place

• AWS Cognito (eu-north-1, Stockholm): email address, phone number, and password; for user authentication

• AWS CloudFront: distribution of profile images (see Section 15 regarding transfers)

• OpenCage GmbH (Bad Nauheim, Germany, EU): postal codes without user identifier, for location conversion; the "no_record=1" parameter prevents OpenCage from storing queries

• Other ELDA users: can only see the profile information you have shared (first name, age group, distance, interests, profile photo, introduction text)

• Finnish or EU authorities: only on the basis of a legally valid decision or order from a competent authority

  
  

15. Transfers of Data Outside the EU

All your primary personal data is stored within the EU (AWS eu-north-1, Stockholm, Sweden).

Your profile photo may be cached on AWS CloudFront edge servers located in the EU and the United States (PriceClass_100). This transfer is based on the Data Processing Agreement with Amazon Web Services EMEA SARL and the Standard Contractual Clauses approved by the European Commission (SCCs, Decision 2021/914, Module 3: Processor to sub-processor transfer). Regions outside the EU/USA are excluded.

16. Data Retention Periods

• Account data and profile: for the duration of your account; deleted immediately upon account deletion

• Messages: 365 days from sending (automatic TTL deletion)

• Notifications: 30 days (automatic TTL deletion)

• Meeting plans: 24 hours after the meeting ends

• User reports of inappropriate conduct: 365 days

• IP addresses in the profile update log: automatically anonymised within 30 days

• Application logs (CloudWatch): 90 days

• Security audit logs (CloudTrail): 365 days, moved to cold storage after 90 days

• Backup snapshot (RDS): 7 days

  
  

Your account and all associated data can be deleted at any time via Settings > Delete Account. Deletion is permanent and covers all data categories listed above.

17. Your Rights

You have the following rights under the GDPR. You may exercise them through the app or by contacting info@eldasolutions.fi.

• Right of access (Art. 15): View and download all your data (Settings > Download Your Data).

• Right to rectification (Art. 16): Edit your profile information directly in the app.

• Right to erasure (Art. 17): Permanently delete your account and all your data (Settings > Delete Account).

• Right to data portability (Art. 20): Download your data in machine-readable JSON format (Settings > Download Your Data).

• Right to object (Art. 21): Opt out of anonymous usage statistics (Settings > Statistics).

• Right to restriction of processing (Art. 18): Contact info@eldasolutions.fi.

• Consent is not the legal basis for processing: Accepting the Terms of Service constitutes entering into a contract (Art. 6(1)(b)), not consent (Art. 6(1)(a)). Therefore, withdrawing consent does not remove processing related to the service. Deleting your account does.

You also have the right to lodge a complaint with the Data Protection Ombudsman

if you consider that the processing of your personal data violates the GDPR:

• Office of the Data Protection Ombudsman

• P.O. Box 800, 00531 Helsinki

• tietosuoja.fi

• Tel: 029 566 6700

  
  

18. Automated Decision-Making and Profiling

The app orders other users' profiles on your screen based on your search filters (age group, distance, interests). This is a search ranking, not an automated decision. You decide who to send a message to.

No automated decisions with legal or similarly significant effects are made about you (GDPR Art. 22).

19. Data Security

• Messages are encrypted both in transit (TLS/WSS) and at rest (AWS KMS customer-managed key)

• The app uses SSL certificate pinning to protect network traffic

• Authentication is handled via AWS Cognito. Elda never sees your password in plain text

• Login tokens are stored in your device's encrypted key store (iOS Keychain / Android EncryptedSharedPreferences)

• All data is stored within the EU (AWS Stockholm)

• Access to personal data is controlled through role-based access control (IAM)

• Security logs are stored in an immutable audit archive (CloudTrail)

  
  

20. Anonymous Usage Statistics

The app collects fully anonymous statistics on how much traffic each activity receives through the app. This information helps us display and retain the activities that users benefit from most.

The statistics are fully anonymous: no user identifier is stored or sent to the statistics service. The data is not used for profiling, advertising, or automated decision-making.

You can turn off statistics collection at any time via Settings > Statistics.

21. Changes to This Policy

When material changes are made to this policy, you will be asked to accept the new version before continuing to use the app. You can always review the current policy in the Settings menu.