Pesti Career Day Privacy Statement
|Data Contoller||Teekkarilupi Oy
Business ID: 0892027-4
|Name of the register||Company register|
|Purposes of processing personal data and the legal basis for the processing||Processing required information from the companies participating, including personal data of the contact persons of the company, is a necessary for the contact between the controller and customers.
The processing of personal data is based on performance of the rights and obligations of a service agreement between a controller and a customer, or a data controller and its partner, for a supplier agreement.
Personal data is used for maintaining the customer relationship between the controller and the customer, and the related analysing, compilation of statistics, customer communication, organizing of events, collecting customer feedback, user management and troubleshooting of electronic services, and management of relationships between the cooperation partners.
In addition, personal data is can be used for direct marketing of services provided by the controller.
|Categories of personal data involved||-Name of the company
-Complete billing address
-Name of the contact person
-Phone number of the contact person
-E-mail address of the contact person
-E-mail addresses of other people named by the company
-User details required for login
-Other information related to the order
-Information added by the companies that is publicly on view on the website
|Recipients of personal data||Personal data is processed by the personnel of the Controller and coordinator assigned for the Pesti event by University of Oulu.
Service provider, on whose server the personal data is stored, is also a processor of personal data.
|Source of the personal data||Personal data is only collected when registering for the Pesti Career Day event or when a representative of a company makes changes to data by contacting the Controller. The company information is updated yearly on the same occasion with registration for Pesti Career Day event.
The data subject can add and update company information publicly available on the website independently by logging into the system with their own user identifier or by asking the Controller to perform the changes.
Other than personal data can also be supplemented with information about the company available publicly.
|Sharing of the personal data||The controller does not disclose the registered data to third parties. Only exceptionally the personal data may also be shared with authorities or other governmental institution in statutory cases.|
|The protection of personal data||The only people who have access rights to the personal data system are those data processors mentioned in this statement.
For collecting and storing personal data the controller uses only service providers, who are committed to comply with personal data processing methods in accordance with the EU’s Personal Data Act and who process data in strictest confidence, do not use the data stored for any self-serving purposes, do not transfer data to a third party and who employ necessary data protection.
|Data Transfer Outside the EU||The service provider storing pesronal data may transfer data within the limits of applicable law outside the EU or EEA. The controller uses only service providers, who are committed to comply with personal data processing methods in accordance with the EU’s Personal Data Act.|
|The storage time of personal data||Information of the companies, including personal data, is stored in the register for the time being. The criteria for storing data is securing the controller’s rights, fluency and maintenance of the cooperation between the contracting parties, informing and marketing upcoming events.|
|Rights of the data subject||-Right to receive information on processing of personal data
-Right of access to their data
-Right to rectification of their data
-Right to erasure of their data
-Right to restrict the processing of their data
-Right to data portability
-Right to be not to be object of automated decision making without legal basis
-The data subject has right to object processing of their data for direct marketing purposes.
Please direct all requests to the E-mail address of the controller given in the beginning of this document.
|Right to lodge a complaint with a supervisory authority||GDPR Article 77 gives every data subject the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement of the GDPR.
|Information on automated decision making and profiling||Automated decision making, and profiling is not applied to personal data processing.