Privacy policy

PRIVACY POLICY – Corporate clients

Joint Controllers

Otiga Finland Oy,

Aaltovoima Logistiikka Oy,

Personalhuset Staffing Group.

Folka is a brand of Otiga Finland Oy and is used for the aforementioned group companies’ marketing.

The aforementioned companies act as joint controllers regarding the below mentioned data. As joint controllers the companies jointly decide on collection of personal data relating to the corporate clients and on the use of their data. The companies also jointly decide on other matters stated in this Privacy Policy.

If you have any questions regarding data protection or wish to exercise your rights mentioned in this policy, please contact markkinointi@folka.fi.

The person responsible for data protection matters

Monia Pöllänen

Palkkatilanportti 1

00240 Helsinki, Finland

Description of the Privacy Policy

This Privacy Policy describes how the data controller processes the corporate client’s contact persons personal data relating to the client relationship.

We need your contact information in order to contact you in matters relating to the client relationship. We are committed on protecting and honoring your privacy, and we use your personal data to fulfil the services you have ordered and also to maintain the client relationship.

Sometimes we want to contact you regarding the services you use and also regarding other interesting subjects that could interest you.

Mainly we collect personal data from the data subjects themselves. In some cases, we collect our corporate clients’ contact persons personal data from public sources, such as the Finnish patent and registration office or other authorities or companies that offer such services.

The purpose and legal basis of the processing

The personal data of the corporate client’s contact person is processed to deal with matters relating to the client relationship (e.g., invoicing), to provide services of the data controller, to develop and plan the data processor’s business activities and also for marketing purposes, distance selling and polling and marketing researches. Furthermore, the personal data is being processed for customer communication purposes which is executed electronically and is targeted.

The legal basis for processing of personal data is the legitimate interest of the data controller to deal with the customer relationship and the execution of contracts relating to it. Regarding marketing, processing is based on the consent of a data subject.

Personal data being processed

Data subject’s contact information, e.g., name, contact details of his/her workplace (zip code, phone number, email) and the information of the data subject’s position (title and role)

Information relating to marketing and sales promotion, e.g., consent or ban on direct marketing, marketing actions

Possible consent on the use of cookies

Username and password

Changes to the aforementioned personal data

Transfer of personal data

The personal data is being transferred to the service providers of the data processor (e.g., customer relationship management service provider) in order for them to provide the service we require from them. Furthermore, in some cases we might transfer your personal data to other companies included in our group. In all cases the transfer of personal data is executed according to applicable data protection legislation, for example by executing a written data protection agreement, to make sure that personal data transferred to the data processor is not processed for any other purposes than to those set forth in this Privacy Policy.

Other than as stated above, the client’s personal data is not transferred further to third parties, unless in situations where the applicable law requires the transfer of the personal data.

If the data controller sells or otherwise reorganizes its business, the personal data can be transferred to potential buyers in a transaction.

The personal data is not transferred outside of European Union or European Economic Area, unless it is directly necessary for example for the technical execution of a service. If the personal data is being transferred outside of EU or EEA, the data controller complies with the applicable data protection legislation and takes into consideration the impacts of the transfer to the data subject’s rights and freedoms and executes all necessary safety measures to enable the transfer.

Protection of personal data

The databases that include the personal data are protected with technical measures, e.g., firewalls and passwords. The material that is manually processed and maintained are located in locked premises, where the access of unauthorized personnel is prohibited.

Technical solutions are up-to-date and are updated regularly either automatically or manually. We use anti-virus protection and we react to every deviation. Also, all deviations to the firewall are reacted.

The period for which the data is being stored

We keep the data subject’s personal data for as long as is necessary to deal with tasks relating to the client relationship or as the applicable law so requires, or for so long as the data subject asks to delete the data relating to him/her.

Data subject’s rights

You have the right to review what data we have collected and to affect to the processing of your personal data. According to the applicable law you have the following rights:

Right to review personal data collected – You have the right to review the personal data we have collected or receive confirmation that we do not have any of your personal data in our registers. If the personal data collected from you is inaccurate or incomplete, you have the right to rectification.

Right to object – If you believe that we do not have the right to process your personal data or that we have processed your personal data unlawfully, you have the right to object to the processing of your personal data.

Right to be forgotten – You have the right to ask for your personal data to be erased according to the applicable data protection legislation.

Right to lodge a complaint – If you believe that we do not comply with the applicable data protection legislation, you have the right to lodge a complaint to the Data Protection Ombudsman. For instructions on how to lodge the complaint you can visit the following website: https://tietosuoja.fi/en/contact-information.

Use of Cookies

We use cookies on our website in order to serve you with practical, easy and reliable services. The cookies are used to store little files to your device, for example your laptop or smart phone. The storage of the cookies on your device is dependent on the type of cookies. The cookies on our website do not include personal data and they cannot be used for identifying a user.

The purpose of the cookies is to improve the use of the website (when you write your username and password, these are stored so that you do not have to give the same information multiple times during one session) and the user experience (we use cookies to find out how the visitors end up on our website so that we can improve our services. For example, Google Analytics helps us to analyze how the visitors use our website and with that we can also monitor the movement on our website).

You can always amend your personal settings in your browser and deny the use of cookies.

Amendments to the Privacy Policy

We improve our data protection protocols and therefore it might be necessary to amend this Privacy Policy. The amendments might be also due to amendments in the data protection legislation. If the amendments are significant or if we want to use the personal data to any other purpose than as set forth in this policy, we will inform you of the amendments. The up-to-date Privacy Policy can be found on our website www.folka.fi

PRIVACY POLICY – Job applicants and employees

Joint Controllers

Otiga Finland Oy,

Aaltovoima Logistiikka Oy,

Personalhuset Staffing Group.

Folka is a brand of Otiga Finland Oy and is used for the aforementioned group companies’ marketing.

The aforementioned companies act as joint controllers regarding the below mentioned data. As joint controllers the companies jointly decide on collection of personal data relating to the employees and job applicants and on the use of such data. The companies also jointly decide on other matters stated in this Privacy Policy.

If you have any questions regarding data protection or wish to exercise your rights mentioned in this policy, please contact markkinointi@folka.fi

The person responsible for data protection matters

Monia Pöllänen

Palkkatilanportti 1

00240 Helsinki, Finland

Description of the Privacy Policy

This Privacy Policy describes how the data controller processes the personal data of the job applicants and employees.

The purpose and legal basis of the processing

The personal data of the job applicants is processed for the recruitment process and in matters relating to it. Furthermore, this personal data is processed to implement communication towards the applicants. The personal data of the job applicants is processed on the basis of the applicant’s request for the possible fulfillment of a contract and the communication is based on the legitimate interest of the data processor in order for the processor to inform the applicant on current matters and to offer information on work life and how to apply for a job. For the purpose of marketing, we will ask for a separate consent and the direct marketing is therefore based on consent.

The personal data of the employees is processed for matters regarding employment relationship and for the statutory employer’s obligations relating to it. Furthermore, personal data of the employees is processed to implement communication towards the employees. The legal basis for processing is the employment contract between the employee and the employer and the legislation relating to employment obligations. We ask for your consent for the processing of the membership of the trade union in order to pay your membership fee.

Where do we get the personal data we process?

The personal data of job applicants and employees is mainly collected from themselves. With the consent of the job applicant or the employee the data can be collected also from elsewhere. If the assignment requires, we might also ask for your credit history, but we always notify you beforehand.

The personal data is used:

To deal with recruitment process

To communicate with job applicants

To manage the employment relationship

To monitor working hours and absences

To communicate with employees

To pay the salary and bonuses

To manage benefits (e.g., phone, car, exercise and lunch)

For recruitment purposes

To manage the employer’s statutory obligations (e.g., taxation, insurance, Kela)

To organize occupational health service

To enforce data subject’s rights

To compile statistics and plan the data processor’s operations

The personal data being processed / Job applicants

Person’s basic information, for example name, contact details and nationality.

Information on education, for example degrees, special skills, qualifications, know-how, language skills etc.

Work experience, for example work history and recommendations, job permit.

Information regarding job applications and employment, for example the situation on job applications, wishes on assignments and location of the work place, possible information on applicability evaluations, photo and information on usability, possible points of interest relating to job application.

Other information relating to job applications, for example information on driver’s license.

Possible consent on cookies.

The personal data being processed / employees

Contact information (name, phone number, email, date of birth and social security number, gender) and other information needed for identification, for example the copy of an ID

Information relating to the job application process (job application, education, work experience, qualifications, other information given by the employee)

Employment contract and other contracts relating to the employment relationship (the start and end date of the employment relationship, the nature of the employment relationship and benefits)

Information relating to monitoring of working hours and absences (absences due to illness, annual leaves, other absences)

Information on trade union memberships

Information regarding the contents, development and performance of the assignment

Information on compensations paid (salary, benefits, bonuses, taxation, travel allowances, employer’s contributions)

Information regarding occupational health care, for example the health of the employee (only when and to the extent relevant to fulfil the employer’s statutory obligations)

Information on taxation, occupational healthcare and insurance

Information on work equipment

Information on termination of the employment contract (contracts, references)

Amendments/log data of the aforementioned information

Transfer of personal data

The personal data is being transferred to the service providers of the data processor (e.g., working hours monitoring service provider) in order for them to provide the service we require from them. Furthermore, in some cases we might transfer your personal data to other companies included in our group for example on matters relating to payroll administration. In all cases the transfer of personal data is executed according to applicable data protection legislation, for example by executing a written data protection agreement, to make sure that personal data transferred to the data processor is not processed for any other purposes than those set forth in this Privacy Policy.

Other than as stated above, the job applicant’s and employee’s personal data is not transferred further to third parties, unless in situations where the applicable law requires the transfer of the personal data.