Hajime Solutions Oy privacy statement
According to the General Data Protection Regulation, the personal data controller of a register is obligated to inform the register’s data subjects in a clear manner. This statement fulfills this informing obligation. This privacy statement will explain how our organization (Hajime Solutions Oy) uses the personal data we collect from you when you use our website www.hajimesolutions.fi.
1. Personal data controller
Hajime Solutions Oy
Contact information in matters related to personal data files
Hajime Solutions Oy / Iris Wrede
+358 44 984 0142
2. Data subjects
Site users, job applicants and customers.
3. Purpose of and grounds for use of personal data
We only process personal data that are necessary for our operations like customer relationship management, recruitment or responding to contact inquiries.
Purposes for keeping the register:
- To respond to your inquiry submitted voluntarily through our contact form or other contact. In this case your personal data is being processed on the grounds of the legitimate interest and necessity to process your data in order to appropriately manage the customer or potential customer relationship
- When you apply for a job with us, it is necessary for us to process your data in order to carry out the recruitment process, so your data is being processed on the grounds of legitimate interest.
- To improve the functionality and to ensure necessary and optimal performance of our website, your personal data like location, browsing behavior and device type may be used. This data is processed on the grounds of legitimate interest.
4. Personal data recorded in the register
The customer register contains the following types of personal data:
- Contact information, such as:
- Organization name
- Contact and correspondence
- Data collected via your browser’s cookies when you use our site (see section 7 for more information about cookies)
- Other information you might voluntarily provide us with for example through a job application or other activities
5. The data subject’s rights
The data subject has the following rights, and requests for their use should be sent to email@example.com.
Right to access data
The data subject may check the data we have recorded.
Right to rectification
The data subject may request the rectification of inaccurate or incomplete personal data.
Right to object
The data subject may object to the processing of personal data if the data subject feels that personal data has been processed unlawfully.
Right to forbid direct marketing
The data subject has the right to forbid the use of personal data for direct marketing.
Right to deletion
The data subject has the right to request the deletion of data if personal data processing is not necessary. We will handle the request for deletion and proceed to either delete the data or state a justified reason for not being able to delete the data.
It should be noted that the controller may have legal or other rights to not delete the requested data. The controller is obligated to preserve accounting materials for the duration (10 years) set out in the Accounting Act (Chapter 2, Section 10). For this reason, materials related to accounting cannot be deleted before that term has expired.
If the processing of personal data is only based on the data subject’s consent and not for instance on a customer relationship or membership, the data subject may withdraw consent.
The data subject may complain of the decision to the Data Protection Supervisor
The data subject has the right to demand us to restrict the processing of controversial data until the matter is solved.
Right to complain
The data subject has the right to complain to the Data Protection Supervisor if the data subject feels that we are violating the effective data protection regulation when processing personal data.
Contact information of the data protection supervisor: www.tietosuoja.fi/en/index/yhteystiedot.html
6. Regular information sources
Personal information is regularly obtained from:
- When you voluntarily complete a contact form
- Information you give us when you apply for a job with us
- Via your browser’s cookies when you use or view our site
Our Company may also receive your data indirectly from the following sources:
- Google Analytics anonymous data
- Google reCAPTCHA anonymous data
How to manage cookies
You can set your browser to not accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
On our website we use the following cookies:
- Google Analytics – Google Analytics is Google’s analytics tool that helps website and app owners to understand how their visitors engage with their properties. It may use a set of cookies to collect information and report website usage statistics without personally identifying individual visitors to Google. The main cookie used by Google Analytics is the ‘_ga’ cookie. Read more about Analytics cookies here and about opting out here.
- Google ReCAPTCHA v3 – We use the ReCAPTCHA service (“Invisible captcha”) to determine whether messages sent via our contact form are sent by a human or a spam bot. This is solely for the purpose of fighting spam. Version 3 collects and analyzes the interactions a user has with a site to create a score, as well as information about the browser. The final score indicates whether the activity is suspicious and flagged as spam.
8. Regular disclosure of data
The data is not generally disclosed for marketing purposes outside Hajime Solutions Oy. Data can be disclosed to authorities on legal grounds.
We have made sure that all our service providers are complying with data protection legislation. We are regularly using the following service providers:
- Google ReCAPTCHA v3
- Google Analytics
Read how Google uses information from sites or apps that use Google Services www.google.com/policies/privacy/partners/
9. Duration of processing
Data pertaining to job applicants is stored until the recruitment process is over or up to 6 months. The applicant can ask for erasure of their data sooner (see section 5 on data subject’s rights).
10. Personal data processors
The controller and its employees process personal data. We may also outsource the processing of personal data partly to a third party, in which case we will guarantee with contractual arrangements that personal data is processed in compliance with valid data protection legislation and also otherwise appropriately.
11. Transferring data outside the EU or ETA
12. Automatic decision-making and profiling
We are not using the data for automatic decision-making or profiling. Google ReCAPTCHA v3 is used to determine spam messages sent through our contact form, but never for other profiling purposes.