Privacy policy

Updated May 24th, 2018.

CONTROLLER AND CONTROL INFORMATION

TactoTek Oy, Automaatiotie 1, 90460 Oulu, Finland

CONTACT PERSON

Perttu Korhonen, dataprotection@tactotek.com

NAME OF PERSONAL DATA FILE

Customer, Marketing, Supplier, Job Applicant, Employee and Invention Data Registers.

WHY DO WE COLLECT AND STORE THE DATA

We store the data in order to create, maintain and develop our customer relations, to market our technology, products and services and to gain better understanding about the needs of our present and potential customers, business partners and suppliers, whether they are in cooperation with TactoTek Oy or any of its subsidiaries. We also store personal data to fulfil business relations, such as invoicing or contractual matters.

We collect and store also data of job applicants for evaluation and employment purposes. Please see separate section in the end of the document.

WHAT INFORMATION IS STORED

The business data register may contain personal information such as first and last names, phone numbers and email addresses. We may also store your employers name, address and other contact information as well as details about your position in your company. Among the information stored may also be summaries of our conversations and meetings with you together with the relevant dates and times.

SOURCES OF DATA

We gather the data directly from you during personal meetings, phone calls and email conversations or any similar encounters. We may also store data gathered from the internet; such as business website and social media services.

We may also collect the data using contact forms or forms for downloading additional material on our websites and using internet cookies or similar techniques.

We may store your data with the help of the following services/systems: CRM system(s), Survey tool(s), Mailing list service(s), Marketing and sales tool(s), Chat tool(s), ERP system.

These services/systems may be run internally on our servers or hosted by 3rd party service providers, also called data processors.

We do collect anonymous usage data with the help of following services: Google Analytics, Leadfeeder and Facebook pixel.

WHO HAS ACCESS TO YOUR DATA AND HOW DATA MAY BE DISTRIBUTED

A limited number of our staff have access to your data. All staff having access to such data are bound by confidentiality obligations.

3rd party services that work as data processors are processing the data according to the GDPR rules.

Your data is not shared to any other internal or external personnel or parties without your permission.

Please note that there can be exceptions based on your country due to local laws or authorities and that we may be obligated to disclose your data to authorities or third parties pursuant to applicable law or an order of a regulatory or statutory authority.

We may sell, transfer or otherwise share some or all of our assets, including your personal data, in connection with a merger, acquisition, reorganization or sale of assets.

WHERE IS YOUR DATA HOSTED

We host your data on a cloud based customer relationship management service primarily in the European Union. The cloud service may replicate the data to servers outside the European Union. In these cases the required means, defined by the applicable data protection laws and regulations including the General Data Protection Regulation 2016/679, are carried out to protect the data.

WHAT ARE THE SECURITY METHODS TO PROTECT YOUR DATA

We undertake to use, and to have our business partners and service providers use, commercially reasonable measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure.

Only the personnel with work related needs have access to your data. The office premises have controlled access.

WHAT ARE YOUR RIGHTS

Right to review: You have a right to review your personal data collected to our register.

Right to prohibition: You have a right to prohibit the use of your personal data for direct advertising, remote sale or other direct marketing as well as for marketing and attitude surveys.

Right to correct incorrect data: If the data registered about you is incorrect, you have the right to correct the information.

Right to be forgotten: You have a right to request for us to erase all your personal data from all our systems unless it is needed for completing legal or contractual obligations.

Written request to execute any of these rights, shall be submitted to dataprotection@tactotek.com.

CHANGES TO THIS PRIVACY POLICY

We may modify or update this Privacy Policy from time to time, therefore you should review our website periodically for the up-to-date version. When we change the Privacy Policy, we will update the ‘updated’ date at the top of this page.

JOB APPLICANT DATA COLLECTION AND STORAGE

WHY DO WE COLLECT AND STORE THE DATA

We need to collect and process the job applicant data in our recruitment process in order to be able to evaluate the applicant’s suitability for the applied position and later on in order to enter into a contract with the applicant. You are under no obligation to provide data to us during the recruitment process. However, if you do not provide the information, we may not be able to process your application properly or at all.

WHAT INFORMATION IS STORED

The job applicant register can include name, phone number, address, email address, photo, curriculum vitae and recruitment process status. Due to the continuous growth of our organization and similarity of our open positions we will store this information for a period of 12 months if you give your consent. CVs that are sent speculatively are also kept on file for future recruitment purposes for a period of 12 months. At the end of the recruitment cycle your data will be deleted or destroyed. If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment.

SOURCES OF DATA

We collect the job applicant data only from the applicant him/herself and from the referees supplied by the applicant. The information can be collected in a variety of ways, for example, through application forms, CVs or resumes, or collected through interviews.

WHO HAS ACCESS TO YOUR DATA AND HOW DATA MAY BE DISTRIBUTED

We take the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties. Data is stored in our HRM system and and may be shared internally for the recruitment purposes. This includes members of the HR and recruitment team and interviewers involved in the recruitment process. We will not share your data with third parties, unless your application for employment is successful and we enter in the employment contract.

We host your data on a cloud based HRM system primarily in the European Union. The cloud service may replicate the data to servers outside the European Union. In these cases the required means, defined by the applicable data protection laws and regulations including the General Data Protection Regulation 2016/679, are carried out to protect the data. By submitting your personal data, you’re agreeing to this transfer, storing or processing.

WHAT ARE YOUR RIGHTS

Right to review: You have a right to review your personal data collected to our register.

Right to correct incorrect data: If the data registered about you is incorrect, you have the right to correct the information.

Right to be forgotten: You have a right to request for us to erase all your personal data from all our systems unless it is needed for completing legal or contractual obligations.

Written request to execute any of these rights, shall be submitted to dataprotection@tactotek.com.