General Information
Data protection safeguards your (“You”; “Data Subject”) rights and freedoms when personal data is processed. The purpose of data protection is to define when and on what conditions personal data can be processed. This privacy Notice (“Privacy Notice”) explains in detail how we collect, use and disclose your personal data. Please read this document carefully before submitting any personal data to us.
WHAT PERSONAL DATA DO WE COLLECT AND FOR WHAT PURPOSES AND WHICH LEGAL BASES DO WE USE IT?
1.1 About this Privacy Notice. This Privacy Notice (the “Privacy Notice”) governs the processing of personal data by Haltian Oy (“Us”; “Haltian”). The Privacy Notice does not cover any third-party websites, applications, software, products, or services that integrate with Haltian or are linked to Haltian.
1.2 Our role as a data controller and data processor: We may act either as a data controller or a data processor. Our role depends on the specific situation in which personal data is handled by us, as explained in detail below:
- Data controller. When we are data controller, we determine the purposes and means of the processing of personal data. Hence, we are controller when you send us an inquiry or conclude a service or employment contract with us. Situations when we are controller of personal data are further explained on this document. We comply with data controller’s obligations set forth in the applicable laws.
- Data processor. We area data processor when we process personal data on behalf of controller, for example regarding Empathic Building Service. As a processor we process your data only in accordance with the instructions issued by a respective data controller. Such instructions can be seen from our service agreement with customers.
1.3 Amendments. The Privacy Notice may be updated from time to time. We encourage you to review our Privacy Notice to stay informed.
Categories of personal data and data subjects
2.1 As a part of our business we shall collect and use your personal data only for the purposes stated in this Privacy Notice.
2.2 You can find more detailed information on processing of personal data from each description of the personal data processing:
- Description of the processing regarding company customers and stakeholders
- Description of the processing regarding shareholders
- Description of the processing regarding candidates
- Description of the processing regarding staff members
2.3 You can find more information on the processing on personal data in Empathic Building Service here.
HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
We will only retain your data as long as is necessary for the performance of the contract and as long as required by the provisions laid down by laws and regulations concerning the retention of the data. If we retain your data for purposes other than the performance of a contract, such as accounting and the fulfilment of the mandatory legal requirements, we will retain the data only if it is necessary for that purpose and/or provided for by law and regulations.
WHAT RIGHTS DO YOU HAVE WITH REGARD TO YOUR PERSONAL DATA?
4.1 Data Subject Rights. You have the right to control how your personal data is processed by us by exercising the rights listed below:
- Right of access: you can get a copy of your personal data that we store in our systems;
- Right to rectification: you can rectify inaccurate personal data that we process about you;
- Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data;
- Right to restriction: you can ask us to restrict the processing of your personal data if;
- Your data is unlawfully processed, but you do not want to erase it.
- You have a legal claim that you need to establish, exercise, or defend, and you requested us to keep your data when we would not keep it otherwise.
- You have contested the accuracy of your personal data and the accuracy of your data is pending our verification.
- Your request for objection is pending our verification process
- Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format
- Right to object: you can ask us to stop processing your personal data;
- Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
- Right to complaint: you can submit your complaint regarding our processing of your personal data to local data protection authority. For more information, please see https://tietosuoja.fi/en/ home.
4.2 How to exercise your rights? If you would like to exercise any of your rights, please contact us by email at privacy@haltian.com and explain your request in detail. The scope of your right depends on the nature of processing and legal basis. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information that allows us to identify you in our system. We will answer your request within a reasonable time frame but no later than 1 month.
CONTACT
If you have any questions about this Privacy Notice or our data protection practices, please contact us by:
Email: privacy@haltian.com
Postal address:
Yrttipellontie 1D
90230 Oulu
Finland