This is the Valjas Services Oy’s register and data protection policy in accordance with the Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Prepared on 18.5.2018. Last modified on 28.8.2024.

1. The controller

Contact details of the controller:
Valjas Services Oy
Business ID: 2665783-6
Kaivokatu 10 B, 5krs
00100 Helsinki

2. Contact person responsible for the register

Pasi Tasanen, Managing Director
customer service @ valjas.fi (without spaces)
046 923 0449

3. Collection of personal data

We collect personal data about you mainly from you when you contact us or later when you use our services. In addition, we may collect information from public sources and registers, such as various social media channels. We also collect visitor data from our website through HubSpot and Google Analytics to help us analyse and improve our website and target relevant marketing to visitors.

Typically, we may receive the following information directly from you:

• Employer’s name, first name, surname, email address, telephone number, address, person’s position
• Information collected through HubSpot and Google Analytics, such as IP addresses and cookie data.
• service and order information, payment information and billing information
• other information relating to the customer relationship and the services ordered

For example, we may collect the following information from various public sources:

• Use of social media
• More detailed indicators for the employer enterprise

With your consent, we may collect other information, such as consent to various marketing communications.

4. Legal basis and purpose of the processing of personal data

The legal basis for processing personal data under the EU General Data Protection Regulation is:

Providing a service:

We process personal data to provide and deliver the service. In this case, the processing of personal data is based on a contract between you and Valjas Services Oy.

Marketing

We process information to inform you about new services and to send you newsletters and sales material. We may also process your information for marketing research and customer surveys.

Law

Personal data is processed for the fulfilment of legal obligations and obligations related to the processing by public authorities (e.g. tax authorities).

The purpose of processing personal data is to contact customers, maintain customer relations and carry out appropriate commercial and marketing activities.

5. Regular sources of information

The information stored in the register is obtained from the customer through, for example, messages sent via web forms, email, telephone, social media services, contracts, customer meetings and other situations where the customer discloses their information.

In addition, personal data are collected from tax authorities, the National Social Insurance Institution, accident insurance companies, trade union dues offices, bailiffs and other bodies whose data must be processed for payroll purposes.

6. Regular disclosures and transfers of data outside the EU or EEA

Valjas may disclose personal data to other parties for advertising measurement purposes and market research in accordance with applicable regulations.

Information may be published to the extent agreed with the customer.

Valjas does not sell or rent personal data to other parties.

Valjas may be required to disclose personal data if required to do so by applicable law or regulation or at the request of a judicial or administrative authority.

Data may also be transferred by the controller outside the EU or EEA when our contracting partner is located outside these areas. In such cases, we will ensure appropriate safeguards to ensure the rights and freedoms of data subjects in accordance with applicable data protection legislation, such as the EU General Data Protection Regulation (679/2016).

For example, our marketing service provider may transfer personal data outside the EU or EEA in connection with the provision of a service. In this case, appropriate safeguards for personal data are in place through the provider’s adherence to the US-EU Data Privacy Framework or through the use of standard contractual clauses for data protection approved by the EU Commission.

Read about the Privacy Shield scheme here:

https://www.dataprivacyframework.gov

7. Cookies

Information about visitors to the Valjas.fi website may be collected and cookies may be used on the website. Cookies are small text files that are stored on the visitor’s terminal device. We use cookies to improve the user experience of our website, to evaluate the content used and to support marketing. Cookies may be used to collect information such as the following:

• User’s IP address
• Time of visit
• Pages visited and length of visit
• Browser type or operating system used on the terminal
• Where the user came from and where the user goes after using the site

The information collected through cookies can be used, for example, for targeted advertising on Google’s partner network.

You can block the setting of cookies, restrict the use of cookies or delete cookies from your browser. As cookies enable our website to function, restricting the use of cookies may affect the usability of the website.

8. Principles of register protection

The register is processed with due care and the data processed by the information systems are adequately protected. Where the data are stored on Internet servers, the physical and digital security of their hardware shall be adequately ensured. We will ensure that stored data, server access rights and other information critical to the security of personal data are treated confidentially and only by those employees whose job description is relevant.

9. Your rights

Every person in the register has the right to inspect the data recorded in the register and to request that any inaccurate or incomplete data be corrected or completed. If a person wishes to check or request a correction to the data stored about him or her, the request should be sent in writing to customer service @ valjas.fi. The controller may, if necessary, ask the person making the request to prove his or her identity. The controller will reply to the customer within the time limit laid down in the EU General Data Protection Regulation (as a general rule, within one month).

A person in the register has the right to request the erasure of personal data concerning him or her from the register (“right to be forgotten”). Data subjects also have other rights under the EU General Data Protection Regulation, such as the restriction of processing of personal data in certain circumstances. Requests should be sent in writing to customer service @ valjas.fi. The controller may, if necessary, ask the applicant to prove his or her identity. The controller will respond to the customer within the time limits set by the EU General Data Protection Regulation (as a general rule, within one month).