The following is the privacy notice of Rekryhaku Finland Oy in accordance with the Personal Data Act and the General Data Protection Regulation (GDPR). This notice is issued on the 6th of March 2019.
1. Data controller
Rekryhaku Finland Oy (hereafter referred to as Data controller)
Business ID: 2800951-7
Antinkatu 3C, 00100 Helsinki
CEO Henrik Haukanhovi
040 413 4909
2. Contact person responsible for the register
Henrik Haukanhovi, phone number 040 413 4909
3. The name of the register
Rekryhaku Finland Oy’s job applicant register
4. The purpose of collecting data (the purpose of the register)
The purpose of the register is a service assignment between the register holder and their client concerning recruitment or headhunting services. The register is based on an employment service between the Data controller and a natural person, and it contains information about job applicants. The register only contains such personal information that is relevant when investigating the job applicant’s aptitude for the position that the Data controller’s client offers. The data collected is based on the job applicant’s information given by the job applicant him/herself with their consent. The data collected by the Data controller are lawful and solely bound by this purpose. The purpose of processing personal data is to enable communication with the job applicants, potential presentation to the client company as well as enabling the proceeding in recruitment and executive search processes.
The Data controller maintains the personal data for the purposes for which they were collected and processed. The information will be kept for maximum two (2) years after the application information were delivered, after which the Data controller will delete all the information from the register. The applicant may ask for the deletion of their information from the Data controller’s register at any point in time.
5. The content of the register
The information that are saved in the register are:
- Basic information (name, date of birth, contact details)
- Information about education, work experience and expertise
- Possible job application, curriculum vitae and photo
- Information about job applicant’s work search
- Additionally, possible websites, links to social media sites and aptitude test results
6. Regular sources of information
The regular information that is saved in the register is acquired from the job applicant him/herself, through for example email, phone, social media services, interviews or other situations where the job applicant releases their information with their consent.
7. Disclosure of regular information and transferring of data outside the EU or the European Economic Area
The personal data of registered job applicants will not be released outside the EU or European Economic Area, neither will the information be disclosed to any third parties without the consent of the job applicant. Personal data will only be disclosed to the Data controller’s client and the person responsible for the recruitment process in recruiting and/or executive search assignments.
8. Principles of register protection
The personal information in the register is kept confidential and the Data controller is responsible for personal information not being available to irrelevant persons. The usage of the register is restricted with user rights and the Data controller is responsible for the processing of the register. Caution will be practiced when using the register and information processed through information systems are protected appropriately. The register can only be used with a personal username and password with restricted rights and only by those employees whose work tasks require it. The Data controller’s employees have signed a Non-Disclosure Agreement in relation to their work tasks. Materials that are manually kept and updated are always kept in locked spaces where irrelevant persons are not able to enter. Materials including personal data are disposed in a secure manner.
9. Right to inspect and correct inaccurate data
Everyone in the register has the right to inspect their information saved in the register. Individuals have the right to invoke the rights that are mentioned in the Personal Data Act. The requests regarding this matter must be addressed to the person in charge of the register of Rekryhaku Finland Oy and sent in writing and signed to Antinkatu 3 C, 00100 Helsinki. The information will be released in a comprehensible format and if required, in written form. The Data controller will respond to the customer within the time period imposed in the EU data protection regulation (generally within one month). Inspecting the data is free of charge once a year.
10. Other rights related to the processing of personal data
Individuals in the register have the right to ask for the deletion of their personal data from the register. Similarly, the registered individuals possess the other rights in the General Data Protection Regulation, such as limiting the processing of their data in certain situations. A written and signed request must be sent to the Data controller to Rekryhaku Finland Oy, Antinkatu 3C, 00100 Helsinki. The register holder will respond to the customer within the time period imposed in the EU data protection regulation (generally within one month).
11. Releasing the information for direct marketing or related purposes
Personal data will not be released for the purposes of direct marketing, direct advertising, distance selling, marketing or opinion surveys, or vital records.