Privacy Policy

Privacy Statement

Privacy Statement in Accordance with the EU General Data Protection Regulation and Finnish Personal Data Act (523/1999), Sections 10 and 24

Data Controller

Fintoil Hamina Oy
Itämerenkatu 5
00180 Helsinki

Contact Person Responsible for the Register

Juha Laitinen

+358 40 660 3966

Name of the Register

Applicant Register

Basis for Maintaining the Register

The individual has voluntarily applied for a job at the company through the website in the manner instructed on the company website.

Purpose of Processing Personal Data

The purpose of processing the personal data collected in the register is to handle the applications and resumes of individuals applying for jobs at Fintoil Hamina Oy as part of the recruitment process.

Information Contained in the Register and Sources of Data

The applicant personnel register contains the following information:

  • First and last name
  • Email address
  • Postal address
  • Phone number
  • Other personal information provided by the individual

The information stored in the register is obtained from individuals through files sent via a job application link on the website or via email.

Disclosure and Transfer of Data

The personal data in the applicant register is exclusively for the use of Fintoil Hamina Oy. The information is not disclosed to other parties. Data is not transferred outside the European Union unless it is necessary to ensure the technical implementation of data processing and storage by Fintoil Hamina Oy.

The personal data collected in the register is destroyed six (6) months after the receipt of the data.

Register Protection

The applicant register is protected by passwords and multi-factor authentication. Additionally, the register is internally protected by access level permissions and individualized access rights. Fintoil Hamina Oy ensures that all stored data, access rights, and other information critical to the security of personal data are handled confidentially and only by employees whose job description includes such tasks.

Right of Access, Right to Rectification, and Other Rights Related to Personal Data Processing

Each person in the register has the right to check their data stored in the register and request the correction or completion of their data. Inspection and correction requests must be sent in writing to the data controller. The data controller may ask the requester to prove their identity if necessary. The data controller will respond to the customer within one month of the request.

Individuals in the register have the right to request the deletion of their personal data from the register, the “right to be forgotten”.