Privacy Policy – Job Applicant Register

Controller

Fira Oy
Address: c/o Fira Oy, Teknobulevardi 3-5, 001530 Vantaa, Finland
Business ID:  FI32430013
Contact person: [Sylvia Hyry, sylvia.hyry@fira.fi]

Name of register

Job Applicant Register (“Register”)

Introduction

Fira Oy and its subsidiaries (hereinafter “Fira” or “we”) collect personal data in the Job Applicant Register for the purposes of recruitment measures.

This Privacy Policy discusses the principles according to which we store and process personal data saved in the Register. This Privacy Policy details the personal data we collect, how we process said personal data, and how you can exercise your rights related to your personal data.

We may update this Privacy Policy if the way in which we process the data changes or if updating it otherwise becomes necessary. The up-to-date version is available on our website. [www.fira.fi/en/privacy-policy/job-applicant-register/ ]. The Register may include elements provided by a third party. This Privacy Policy does not cover a third party’s principles applicable to data processing or to the protection of privacy, nor are we responsible for data processing carried out by any third parties. Please refer to their own policies to check their data protection principles.

Purpose of processing

We use your personal data to fill vacancies with suitable applicants. The database consists of job applicant data collected through targeted recruitment as well as open recruitment processes. Job applicants can, with their own consent, submit an application through the recruitment system.

Grounds for and limitation of processing

  • Fira processes personal data to the extent required by the recruitment measures and to fulfil the requirements of the legislation.
  • Personal data is only processed by Fira employees whose duties require them to do so and access to the data is restricted through access rights.

Data storage period

The employer representatives registered in the system are responsible for processing the application and job applicant data and for storing the applications submitted by the applicants with regard to open, targeted and substitute recruitment processes. Any physical material from the job applicant database obtained by Fira Group Oy as the controller will be disposed of once it is no longer necessary for the purposes of recruitment. Electronic material is stored for a maximum of two years, after which it will be disposed of. The disposal of all applications is carried out by the representatives of Fira Group Oy’s recruitment services using methods complying with the Archives Act.

The processed data and its sources

We collect data in the Job Applicant Register from the applicants themselves with their consent. The job applicant data recorded in the Register depends on what data the employer requests on the application form and what personal data the applicant enters into the system. It is possible for a job applicant to submit the following information through the open or targeted application form: name, contact details and possible attachment (for example a CV).

Cookies

We use numerous technologies, including cookies, to collect and store data when you use our service and website. The cookies help us to count the total number of visitors to our pages and to monitor the use of our service and website. This helps us to improve our service. We also use cookies that make the use of our service and website easier for you by remembering user IDs, passwords or (language) choices, for instance. We also use monitoring and analytical cookies to follow our users’ attitudes towards the service we provide.

You can prevent the use of cookies in your browser and set your browser to alert you whenever there is an attempt to install cookies. Please note that if you decide to prevent the use of cookies, some functionalities of the service may not work in the intended way. For further information about cookies and their removal, go to www.allaboutcookies.org.

Our systems may use analytics tools to create reports on the use of the systems so that we can improve the user experience.

Transfer and disclosure of personal data

We can transfer or disclose personal data to our partners if it is necessary for the purposes pursuant to this Privacy Policy. Such partners may include:

– system providers

– partners (e.g. companies providing aptitude testing services)

In such cases, personal data is processed in accordance with valid legislation.

We may also use third party service providers, for example providers of analytics services, to carry out certain tasks that include processing personal data on our behalf.

We can furthermore transfer or disclose personal data to our group companies and any party continuing our business operations as a result of corporate arrangements or the disposal, merger, demerger, bankruptcy or liquidation of business operations.

Otherwise we will not sell or disclose your data to third parties. We also do not transfer data outside of the EEA. Should applicable laws so require, personal data can also be transferred or disclosed to the authorities.

Your rights

Right of access

Fira offers you right of access to your personal data processed by us. You can contact us to request access to the personal data we process with regard to you and the grounds for such processing. If less than 12 months have passed since your previous request for access, we can charge a fee for carrying out the measures related to the request.

Right to request rectification of data

You are also entitled to have erroneous, incomplete, outdated or unnecessary data rectified or supplemented by contacting us.

Right to request removal of data

You can also ask us to remove your personal data from our systems. We will carry out the measures in accordance with your request unless we have a justified reason for not removing your data, for example to fulfil our statutory obligations. The data may not necessarily be removed immediately from all backup copies or other equivalent systems in our use.

Right to oppose

You can also request restrictions to the processing of your personal data if the data is processed for purposes other than the performance of our services or for the fulfilment of a statutory obligation. You can also state your opposition to any further processing of your personal data, even if the processing were based on previous consent from you. Opposition to the processing of personal data may lead to more limited possibilities to use our website and services.

Right to restrict processing of data

You can ask us to restrict the processing of certain personal data. A request concerning the restriction of the processing of your personal data may lead to more limited possibilities to use our website and services.

Right to transfer data from one system to another

You are entitled to receive your personal data from us in an analysed and commonly employed format so that you can pass the data on to another controller.

Exercising your rights

You can exercise your above-mentioned rights by sending a message using the above-mentioned contact details. We have to be able to identify you in order to respond to your request. We may request additional information necessary to verify your identity. We may reject requests that are repeated unreasonably often or that are excessive or groundless. If you believe that the processing of your personal data conflicts with the applicable legislation, you can submit a complaint to the local authority that supervises data protection, especially in the member state where you have permanent residence or workplace or where the alleged breach of the personal data regulation took place. In Finland, the supervisory authority is the Data Protection Ombudsman. http://www.tietosuoja.fi/fi/index/yhteystiedot/nainkysytneuvoa.html

Information security

We have protected our register of personal data from unauthorised access with a variety of technical and organisational means and arrangements. The personal data is saved on servers and systems protected with a firewall and passwords. The servers are protected from third parties. Personal data is processed only by people committed to non-disclosure who have a justified reason for processing the data based on their job. We nevertheless wish to emphasise that no service provided through the internet is perfectly secure.

Updating of the Privacy Policy

We may update this Privacy Policy if changes occur in our operations or data protection policy. Updates may also take place if there are changes in legislation. The changes will take effect once we have published the updated privacy policy.

Therefore, we ask you to regularly examine the contents of this Privacy Policy.