SuomeksiIn English

Privacy

Suominen website privacy policy

Last updated: March 27, 2019

1. Introduction

Suominen Corporation and our subsidiaries and affiliates (hereinafter “Suominen”, "we", "us") are committed to protecting and respecting your privacy. This Privacy Policy explains the policies adopted and used by us in order to protect your privacy as you visit and use our website located at www.suominen.fi, and associated sub-domains (the “Website”) and if you otherwise communicate with us, for example by requesting information related to our goods and services. To find out how we process personal data with respect to recruiting, see “Recruiting register description” below. In this Privacy Policy, the term "personal data" means information that relates to an identified or identifiable natural person.

We know that you are concerned about how we use and disclose personal data, and we are committed to complying with the General Data Protection Regulation ((EU) 2016/679, hereinafter the “GDPR”) and other privacy laws that apply to us. This Privacy Policy tells you about the ways in which we protect your privacy and personal data we process about you. We wish to remind you that this Privacy Policy applies to personal data that we process when you use the Website and if you otherwise communicate with us. It does not apply to any links to third parties websites and/or services that you may encounter when you use the Website. We encourage you to carefully familiarize yourself with privacy policies applicable to any websites and/or services operated by third parties. Please be aware that we are not responsible for the privacy practices of any third parties.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY ACCESSING OR USING THE WEBSITE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY ALL OF THE TERMS OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THESE TERMS, DO NOT ACCESS OR USE THE WEBSITE.

2. Information we may collect from you

In this section we describe the personal data we collect.

(i) Data you provide to us

When you use the Website or otherwise communicate with us, we collect information that you provide to us directly. For example, we collect information in the following circumstances: when you send us business inquiries or comments and when you otherwise communicate with us.

The information you provide to us directly may include, without limitation, information that may, in certain circumstances, constitute personal data. If you wish to send business inquiries, comments, and questions through the Website, we may collect the following information:

    • Name;
    • Telephone number;
    • Email address;
    • A record of your correspondence with us.

(ii) Data collected automatically

The Website may automatically collect the following information from you that in certain circumstances, alone or in connection with other data, may constitute personal data:

  • Cookies. Technologies such as cookies are used by us. Cookies are text files that are saved on the hard drive of your device by means of your browser, enabling us to recognize your browser for purposes such as saving your preferences and directing relevant content to you. These technologies are used to analyze trends, administer the Website, enable features on the Website, track users’ movements around the Website and to gather demographic information about our users. We use technology created by third parties to enable such technological features. Most of the currently available browsers give you the option of managing cookies by, for example, disabling them entirely, accepting them individually, and deleting saved cookies from your hard drive. We would like to remind you that if you completely disable cookies on your browser, you might not be able to use some features of the Website.
  • Logging data. The logging technology used on the Website automatically collects the URL of the site from which you came and the site to which you are going when you leave the Website.
  • We collect information on the device you use to access the Website. This device data may include, without limitation, the Internet Protocol (IP) address from which you access the Website, information about the operating system of your device, as well as the name of your Internet service provider.
  • Google Analytics. Google Analytics is an element of the Website. By using cookies, Google Analytics collects and stores data such as time of visit, pages visited, time spent on each page of the Website, the IP address, and the type of operating system used in the devices used to access the Website. By using a browser plugin http://www.google.com/ads/preferences/plugin/ provided by Google, you can opt out of Google Analytics.

(iii) Data retention

We will store all personal data collected in connection with the Website only as long as it is necessary for the purposes of processing described in this Privacy Policy. We will regularly review the collected data in order to remove personal data where processing is no longer needed for the purposes stated in this policy.

3. The purposes for which we use the data

We use the personal data collected directly from you for the following purposes:

  • To communicate with you;
  • To prevent and investigate fraud and other misuses;
  • To protect our rights and/or our property;
  • To operate and improve our products and services;
  • To manage the Website;
  • To provide features available on the Website;
  • To develop, improve, and protect the Website;
  • To market research and electronic direct marketing, in accordance with applicable law;
  • To audit and analyze the Website; and
  • To ensure the technical functionality and security of the Website.

We use the data collected automatically for the following purposes:

  • To improve customer service;
  • To personalize user experience;
  • To manage the Website;
  • To prevent and investigate fraud and other misuses;
  • To provide features available on the Website;
  • To develop, improve, and protect the Website;
  • To operate and improve our products and services;
  • For market research;
  • To audit and analyze the Website; and
  • To ensure the technical functionality and security of the Website.

Personal data is processed pursuant to our legitimate interest as stipulated in Article 6(1)f of the General Data Protection Regulation. The legitimate interests are the abovementioned purposes i.e. our business activities, customer service, direct marketing purposes, aim to prevent fraud in addition to ensuring the network and information security of our IT-systems. Suominen considers that with respect to the aforementioned purposes, there are no such fundamental rights or freedoms of data subjects that would override the legitimate interest of the data controller.

4. How we disclose data

We do not sell, lease, rent or otherwise disclose the personal data collected from the Website to third parties unless otherwise stated below.

The personal data collected may be disclosed in the following manner:

(i) Personal data you provide to us directly

We may disclose personal data you provide to us on the Website with the following categories of third parties:

  • Service providers, such as IT-service providers, which are only allowed to process personal data for purposes of providing the service and not for their own purposes;
  • Public authorities, such as law enforcement, if we are legally required to do so or if we need to protect our rights or the rights of third parties; and
  • Our subsidiaries and affiliates;
  • a subsequent owner, co-owner or operator of the Website and/or our products and services and their advisors in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our stock and/or assets, or in connection with bankruptcy proceedings, or other corporate reorganization, in accordance with this Privacy Policy.

(ii) Data collected automatically

The data collected automatically on the Website may be disclosed to the following categories of third parties:

  • To service providers, such as data analysis companies;
  • To public authorities, such as law enforcement, if we are legally required to do so or if we need to protect our rights or the rights of third parties; and 
  • To our subsidiaries and affiliates; or a subsequent owner, co-owner or operator of the Website and/or our products and services and their advisors in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our stock and/or assets, or in connection with bankruptcy proceedings, or other corporate reorganization, in accordance with this Privacy Policy.

5. Your rights

According to the General Data Protection Regulation, you have the following rights regarding your personal data:

  • Right of access to your personal data
  • Right to request us to rectify incomplete or incorrect personal data
  • Right to object to or restrict the processing of personal data and to object to automated decision-making
  • Right to request us to erase personal data
  • Right to transfer personal data to another controller
  • The right to opt out of receiving electronic direct marketing communications from us: All electronic direct marketing communications that you may receive from us, such as e-mail messages and SMS-messages, give you an option of not receiving such communications from us in the future. If you have any additional questions about electronic direct marketing received from us, please contact us at data.protection@suominencorp.com.

According to GDPR article 77, you are entitled to lodge a complaint with the supervisory authority concerning the processing activities carried out by us. Such complaint may be lodged in particular, in the member state of your habitual residence or place of work or where the alleged infringement took place.

If you wish to exercise your rights, contact us via email to data.protection@suominencorp.com. We will use all reasonably available resources to respond to any such request without undue delay.

6. Data Security

The security of personal data is important to us. We take reasonable technical and organizational measures to protect personal data about you from unauthorized access or against loss, misuse or alteration by third parties. Despite these efforts to store personal data collected on and through the Website and otherwise by us in a secure operating environment that is not available to the public, we cannot guarantee the security of personal data during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of personal data, we cannot guarantee that our security measures will prevent third-parties such as so-called hackers from illegally obtaining access to personal data. We do not warrant or represent that personal data about you will be protected against, loss, misuse, or alteration by third parties.

7. International transfers of personal data

Some elements of the Website and/or our products and services may be hosted on servers located in countries outside your own country. If you are located outside the EU/EEA area, the laws applicable to the protection of personal data in such countries may be different from those applicable in your home country. In particular, if you are located within the European Union, please note that personal data collected by us may in some instances be transferred outside the European Union/European Economic Area. To the extent personal data is transferred outside the EU/EEA area, Suominen has appropriate security measures in place in order to protect the personal data, such as internal processing agreements and standard contractual clauses of the European Commission. You consent to personal data about you being transferred outside your own country and, where applicable, outside the European Union.

8. Children’s privacy

The Website is not directed to children younger than thirteen (13) years of age. We do not intend to collect personal data from children under 13. If you are under 13, please do not use the Website and do not send any information about yourself to us.

9. Changes to the Privacy policy

From time to time we may change this Privacy Policy. You can tell when changes have been made to the Privacy Policy by referring to the “Last Updated” legend on top of this page. Please review this Privacy Policy regularly to ensure that you are aware of any changes. If we materially change the ways in which we use and disclose personal data, we will post a notice on the Website. Your continued use of the Website and/or our products and services following any changes to this Privacy Policy constitutes your acceptance of any such changes made.

10. Questions or concerns?

Should you have any questions regarding this Privacy Policy, your privacy as it relates to the use of the Website, or the protection of the personal data we hold about you, please contact us via e-mail at data.protection@suominencorp.com or by mail at Itämerentori 2, 8th floor. FI-00180 Helsinki, Finland. We seek to promptly resolve any concerns you may have.

Recruiting register description

 

1. DATA CONTROLLER

Suominen Oyj, (”Suominen”)

Itämerentori 2,

00180 Helsinki

010-214 300

2. CONTACT PERSON:

Päivi Reiman

Suomisentie 11, PL 25

29251 Nakkila

paivi.reiman@suominencorp.com

3. NAME OF THE REGISTER:

Recruiting register

4. PURPOSE OF PROCESSING:

Suominen processes personal data pursuant to data controller’s legitimate interest as determined in article 6(1)f of the General Data Protection Regulation (EU 2016/679 “GDPR”).  The legitimate interest of Suominen is the necessity of processing personal data of potential employees as well as to maintain a register of data subjects who have applied to Suominen. The application may be open or intended to a specific position.

5. PERSONAL DATA COLLECTEDD AND RETENTION:

Personal data is collected from application forms and open applications in addition to personal data acquired from interviews. The register includes:

  • Basic information
  • Requests of the applicant
  • Nature of the applied position
  • Details of the supervisor who will make the ultimate decision, evaluations of HR and supervisor as well as comments
  • Education
  • Language skills
  • IT-skills
  • Special knowledge or traits
  • References
  • Salary request
  • Date when the entry to the recruiting register was made and fingerprint of the query
  • Picture, application and CV, if the applicant has provided them and
  • Any additional information provided by the applicant.

Suominen will store all personal data collected in connection with the recruiting for up to 6 months from receiving the application. Suominen regularly review its registers in order to remove personal data where processing is no longer needed for the abovementioned purposes.

6. SOURCE OF PERSONAL DATA:

Personal data is collected directly from the applicants, their school, employment or other certificates in addition to their references, job interview, human resources department of Suominen and the supervisor making the recruiting decision.

7. DISCLOSURE OF PERSONAL DATA:

Personal data may also be disclosed to affiliates of Suominen in other countries.

Suominen may outsource any services (or parts thereof) regarding the register to a third party. Further, Suominen may disclose personal data to relevant authorities pursuant to applicable laws.

Otherwise personal data is not disclosed to third parties.

8. TRANSFERS OUTSIDE EU/EEA REGION:

Suominen has affiliates outside the EU/EEA region and the personal data in this register may be disclosed to such affiliates of Suominen. Other transfers outside the EU/EEA will be undertaken only within the limits permitted under the applicable data protection laws.

9. DATA SECURITY:

With respect to electronic data:

All electronically stored data is stored on servers provided by third parties. Suominen has appropriate data security measures in place in order to protect all electronic personal data. Suominen will ensure that the registers will not be subject to access by unauthorized persons or unlawful processing or other damage.

With respect to personal data on paper:

Suominen ensures that all papers containing personal data are protected in an appropriate manner and Suominen has sufficient measures in place to monitor any unauthorized access.

In case Suominen is subject to damage, destruction or other similar event that Suominen could not possibly have prevented, Suominen will notify the data subject immediately in accordance with the obligations of the applicable laws. Suominen is not, however, liable for such unpredictable events.

10. INDIVIDUAL RIGHTS:

According to the General Data Protection Regulation, data subjects have the following rights regarding their personal data:

 

  • Right of access to their personal data
  • Right to request the controller to rectify incomplete or incorrect personal data
  • Right to object to or restrict the processing of personal data and to object to automated decision-making
  • Right to request the controller to erase personal data
  • Right to transfer personal data to another controller

According to GDPR article 77, the data subject is entitled to lodge a complaint with the supervisory authority concerning the processing activities carried out by Suominen. Such complaint may be lodged in particular, in the member state of his or her habitual residence or place of work or the alleged infringement took place.

If the data subject wishes to exercise his or her rights, he or she should contact the Controller via email to paivi.reiman@suominencorp.com. Suominen will use all reasonably available resources to respond to any such request without undue delay.