This Privacy notice describes the processing of personal data at Hydroll Oy.
Tel. +358 (0)20 765 7900
Fax +358 (0)20 765 7901
Personal data we process and the purposes of processing
Personal data we process about you will always depend on your relationship with us. Usually you are either an employee or a job seeker, our customer or partners, or visiting our website. Of course, you may be in more than just one of the mentioned roles. You will always find relevant information about the processing of your data from the chapter that deals with the role for which you are looking for information.
The roles are:
- Job seekers and employees
- Our customers’ and partners’ or suppliers’ representatives and contacts
- Website visitors
Job seekers and employees
- Information on job applications and recruitment, such as name, address, other contact information, date of birth, CVs, salary information, interviews and tests or any other information provided by the jobseeker himself, as well as information about the application and the status of application.
Information is collected from you. We may be in contact with the referrals, educational institutions or previous employers mentioned in the application to ensure the accuracy of the information you have provided.
There are also statutory obligations how to deal with your personal data. These obligations include, for example those mentioned in labor law, law about occupational health care, law of annual holidays and law on privacy in the employment relationship.
The purpose of processing your data is preparing a potential contract of employment. If the contract is not signed, we retain information for six months or for your permission, the lenght of the consent you have given us for potential future job opportunities. Personal data related to certain job positions may be retained for two years but you will be informed about this.
For more information on the processing of our employees' personal data, see the company's Operations Manual.
Our customers’ and partners’ or suppliers’ representatives and contacts
- Personal data for identifying and communicating, including at least your email address and your name. In addition, we may have an address, phone number, your company’s information, your job description and any other information you may have provided us
The information is mainly collected directly from you in a customer service situation or you can provide them yourself through a conversation, web form or or email. Information is also collected from public sources such as corporate websites and business registers. These registers are for example the Business Information System of Finland (YTJ) and Finnish Patent and Registration Office.
This information is used for communication either to provide or provide services to our customers. Therefore, the purpose of personal data processing is always either contract or preparation of contract.
Additionally, there are statutory obligations to process personal data. Examples of these obligations include accounting legislation and tax authorities’ instructions.
Personal data will be retained for a contract period and for two years from the end of the contract for handling any complaints or corrections. Some information we have to retain longer for warranty purposes and statutory obligations but all other data will be deleted.
- Website access information: cookie, ip address, device identifier, and customer identifier
- For visitor statistics (Google Analytics, etc.)
- To save user settings (such as language options)
We will not disclose any other information you submit to us through the site to any third party.
For visitor statistics, information is collected about the user device, the network address (IP address), the software used, and their versions. With this information, we can identify and calculate the number of users visiting our site, the type of information users search for, and how the site services are used. The purpose is to record anonymously the number of visitors to the page, for example, in the effectiveness of marketing campaigns. At the same time, we learn what information about our site is most often searched for, and we can use it to help build the site's structure so that users can easily find what they are looking for.
We retain statistical information for 26 months.
For user-selected settings, the information is stored in cookies. Such as in which language the user wants to use the site. The same cookie can be used to save other choices available on the site. This is done because when a user comes next time to the site, all settings are as user has wished.
More information about marketing through websites can be found through Your Online Choices -website.
Rights of the data subjects
In normal customer service situations, such as changes in contact and billing information and billing inquiries, you can contact Hydroll Oy's customer support. For broader information requests, contact firstname.lastname@example.org. It is generally possible to use the rights free of charge once a calendar year. If requests come from one person more than once a year, requests will be carried out with the administrative cost, depending on the extent of the request. You will have the cost evaluated in advance.
You have the following rights:
Right to access
You have the right to access personal data held by Hydroll Oy about you. You will also receive a copy of them if necessary. However, access to information may be restricted by the legislation and to protect the privacy of other persons. For example, the disclosure of e-mails always requires the consent of both parties.
Right to rectify
You have the right to request correction for incorrect or incomplete information. An exception to this may be a situation where the information previously provided is in some way relevant to, for example, contract or delivery. In that case, we do not necessarily replace old information, but we will add new information to the changed information.
Right to erasure (“right to be forgotten”)
You have the right to request the removal of your information. Deleting information can be done, for example, in the following cases:
- You revoke the consent of your personal data processing (for example, a newsletter subscription), and there is no other reason for processing
- You object the processing of your information and there is no other reason for continuing to process it, for example in the case of marketing communications
Personal information that we do not have the right to process or the need for processing has ended will be erased without your request.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal information, for example, in situations where you suspect the legality of processing of your personal data or you have objected to the processing of your personal information, but the request is still pending.
If you have any reasons to suspect that our processing would endanger your rights or freedoms, you will also have the right to request the restriction of processing. In these cases you should immediately make an announcement to our Data Protection Officer.
Right to object
You have the right to object to the processing of your personal data in a situation where your information is processed by consent (such as a newsletter or a job application -situations) or when the processing is carried out based on our legitimate interest (eg direct marketing).
Right to data portability
The right to transfer data from one system to another does not apply to the information of professionals in business relations where the processing is not carried out based on the consent of the data subject or when you are a party of a contract. We will not automatically transfer your personal information anywhere - not even on request. Cases are always individual and transfer always requires manual transmission to ensure the security of all parties.
However, you have the right to receive your personal data in a machine-readable form. This right applies to personal data that has been automatically processed based on agreement or consent.
Right to withdraw your consent
You have the right to withdraw consent at any time, without it affecting to the lawfulness of the processing before withdrawal. The withdrawal of consent will not place you in an unequal position with others in any way regarding the use of our services and you will not lose any of your rights compared to others.
Right to make a complaint to Data Protection Authority
You also have the right to file a complaint to our supervisory authority if you suspect that your personal information is being used improperly or unlawfully. We hope that you will always contact us first and we’ll do our best to fix the situation. Contact details of our DPA are:
Finnish Data Protection Authority
Street address: Ratapihantie 9, 6. krs, 00520 Helsinki
Postal address: PL 800, 00521 Helsinki
Phone: 029 56 66700
Fax: 029 56 66735
Transfers of personal data
Personal data we process is not merged with other registers and will not be disclosed to third parties unless required by law.
Risks of processing personal data and the protection of data
The most important risk associated with the processing of your data is the information you have provided us. Hydroll does not collect personal information from other sources, but based on previous risk analyses, data subjects may provide us personal information too broadly, such as personal phone numbers, home addresses, travel plans and holiday travel information. So be careful to provide only the the information that is absolutely necessary for us to process.
In all situations, it is important to note that we can not control the content of the information provided to us and thus perform additional or special security measures. This does not pose any risks to the rights or freedoms because of our very good level of security and protection. However, according to our estimates, you should be aware of this risk.
In the case of data leaks or security incidents the information is always provided to the contractor (contact person), regardless of whether or not the the incident is subject to the notification obligations by legislation.
The target of Hydroll security measures is to ensure the availability of information and information systems, to ensure the confidentiality of information, ensure data integrity and minimize any damage caused by possible deviations. Safeguards are based on a risk assessment and controls are proportioned to the potential consequences of the risk. The processing of personal data and the protection measures are in line with the requirements of current data protection legislation.
Changes in Privacy Notice
All changes to this privacy notice will be published on this website.
In case you have any questions left unanswered, please contact us!