Privacy Policy
We (Sakeus Oy) are committed to protecting your rights and keeping your personal data safe.
In this privacy policty, we refer to "You" as employee, customers, potential customers, employees of our clients, and other representatives of the forementioned parties. In this privacy policy, we explain for what reasons and how we collect, use, store and protect your personal data.
1. What personal data do we collect and for what purpose
Personal data is mostly collected directly from you or we receive it when you use our services. We sometimes need additional information to ensure that the information is up-to-date and correct.
The personal data we collect and their purpose of use can be divided as follows:
- Identification data related to recognising personnel to ensure work hours are reported correctly: social security number, date of birth and name.
- Contact information related to managing personnel and customer information: address, business identification number, phone number and email address.
Personal information we may collect from you:
- We collect name, social security number, address, e-mail address and the information required by our reporting obligation from new customers so that we can offer you services and products.
- We may also collect information from you about the messages you send us digitally.
2. On what legal grounds and how can we collect, use and store your personal data
We use your personal data in order to to provide services.
Legal grounds:
- Making, managing and implementing our contracts with our customers.
- Legitimate interest for marketing purposes and business development.
- Consent to data processing for marketing purposes, e.g. for sending a newsletter. The consent request describes the processing of the data in question and the right to withdraw your consent.
3. To whom we can disclose your personal data
Providing services and complying with contracts requires the disclosure of your personal data. We may disclose your personal data to other parties, such as authorities, service providers and business partners. Before handing over information, we always ensure that the relevant confidentiality obligations are complied with.
Third parties
- We hand over the information necessary to implement the contract to the companies we cooperate with (e.g. the customer company, your employer).
- We hand over your personal data to contractual partners who process personal data on our behalf (e.g. suppliers providing software development, maintenance, server and IT support services).
Data transfer to third countries
As a rule, we do not transfer your personal data outside the EU/EEA area. We can hand over and transfer your personal data to organizations operating outside the European Economic Area, i.e. in so-called third countries, only if one of the following conditions is met:
- According to the decision of the EU Commission, the level of data protection of the country in question is sufficient.
- Other necessary security measures have been implemented, for example by following the model contract clauses approved by the EU Commission.
- An exception applies to special situations (e.g. the implementation of the contract requires or you have given your consent to the transfer of data).
4. How we protect your personal data
The technical, administrative and physical protection of data is important to us. We use appropriate technical, organizational and administrative security procedures to protect information against loss, unauthorized access, disclosure, alteration and destruction.
- The information contained in the register processed electronically is protected by generally acceptable technical means in the field of information security (e.g. firewalls, passwords).
- Only those persons (e.g. our employees, agents and employees of our contractual partners) who need register information to perform their duties have access to the information contained in the register based on separately granted access rights.
- Any manual (paper) material is stored in locked cabinets.
- The personnel has a contractual duty of confidentiality regarding all our customer and personal information.
5. Your rights related to privacy protection
As a registered user, you have rights in relation to the personal data we hold. If you wish to use these rights, requests will be evaluated on a case-by-case basis. You have the following rights:
- The right to request access to your personal data. You have the right to access your personal data in our possession. However, the right to access can be restricted based on legislation and other people's privacy protection practices.
- The right to request correction of incorrect or incomplete information. If the information is incorrect or incomplete, you have the right to request that the information be corrected, unless restricted by legislation.
- The right to request data deletion.
You have the right to request the deletion of your data, e.g. in the following cases:
- Personal data are no longer needed for the purposes for which they were collected.
- You withdraw your consent to data processing and there is no other justified reason for the processing.
- You object to data processing and there is no acceptable reason for continuing the processing.
- You object to data processing for direct marketing purposes.
- Data processing is against the law.
Please note that we are, however, obliged to keep your personal data when this is necessary to comply with statutory obligations or to process legal claims.
- The right to limit the processing of personal data. If you dispute the correctness of the data we have registered or the legality of the processing, or if you have objected to the processing of the data in accordance with your rights, you can request that the processing of your personal data be limited to data retention only. In this case, data processing is limited to only storing the data until the correctness of the data has been verified or it has been possible to check whether our legitimate interests take precedence over your interests. If you do not have the right to request the deletion of information from our records, you can instead request that we limit the processing of this information to data retention only. If the processing of registered data about you is necessary only to present a legal claim, you can also demand that the other processing of the data is limited to the storage of the data. We may process your data for other purposes if the presentation of a legal claim requires it or if you have given your consent.
- The right to object to data processing based on our legitimate interest. You always have the right to object to the processing of your personal data for direct marketing purposes.
- The right to data portability. You have the right to receive the personal data you have given us in a machine-readable format when the personal data has only been processed automatically and on the basis of consent or the execution of a contract. The data can also be transferred to another data controller if it is safe and technically possible.
- The right to file a complaint with the supervisory authority. You have the right to file a complaint with the supervisory authority (Data Protection Commissioner) if you believe that the data protection regulation has been violated in the processing of your personal data.
- The right to withdraw consent. You have the right to withdraw your consent to the processing of your personal data at any time. Withdrawal of consent does not affect the legality of our processing based on your consent prior to its withdrawal.
6. Cookies
We collect, process and analyze information related to the use of our websites (information related to website visitors and processed in telecommunications networks for sending, distributing and making available messages) and we use cookies, e.g. to be able to supply you with products and services, to provide a secure online environment or to carry out marketing activities
7. How long do we keep your personal data
We keep your data as long as it is needed for the purpose for which it was collected and processed, or as long as required by law and regulations.
- We will keep your data as long as it is needed to implement the contract and as required by the data retention requirements according to laws and regulations.
- When we store your data for purposes other than the execution of the contract, we store the data for as long as it is necessary for the purpose in question and/or prescribed by law and regulations.
8. Changes to the privacy policy
We are constantly developing our services, products and websites, so changes may be made to the privacy statements from time to time. We will notify you of all significant changes if required by law.
9. Registrar
If you have any questions about matters related to personal data, you can contact us (contact details below).
Sakeus Oy (data controller)
Address: Päivärinnankatu 5a A 18, 00250 Helsinki
Business ID: 3264358-8
Email: [email protected]