PRIVACY NOTICE FP-PIGMENTS OY
Ahventie 4 A 21-22
Business ID: FI1094135-7
- Contact person
Tel. +358 40 513 4784
- Name of the data file
Recruitment data file
- The purpose and the legal basis for processing personal data
The personal data are used for executing all the actions related to job applications and recruiting.
Personal data is processed based on a consent (where data subject gives their approval for the processing of their personal data for a predefined, specific purpose).
- The contents of the data file
The register may contain the following information about the data subject and their organisation:
- Basic personal data such as name, address, email, telephone number
- Data related to former employment history and competence such as finished and ongoing training and studies and their dates, former employers, job descriptions, titles and dates
- Additional data related to the application process such as taken suitability tests and their results
- Other information given by the applicant such as date of birth, social security number, sex, nationality, hobbies, photo
- The data sources
The personal data are always collected directly from the data subject.
We do not conduct automated decision-making and profiling with the personal data processing activities included in this privacy notice.
- Disclosures and transfers of personal data
Personal data is not regularly disclosed outside the controller.
However, we may disclose data within our group companies, meaning that another company within our group of enterprises may process the data on our behalf. That processing is based on our legitimate interest for transfer personal data for the administrative purposes within our group, such as reporting and effective operations.
We may also disclose some essential data to those third parties who act as our service providers or subcontractors e.g. for ensuring deliveries, organising events. or for billing, marketing and customer management. We used trusted partners on the basis of a mutual partnership agreement. These transfers will be carried out securely in accordance with EU GDPR and other legislative requirements.
Data is not transferred outside the EU or ETA by the controller except when our subcompany located in the USA is processing personal data on our behalf. In those cases, the adequacy of data protection is ensured by the Binding Corporate Rules (BCR) within our group of enterprises.
- Storage and protection of personal data
The personal data are stored only as long as necessary for the purposes stated in this privacy notice, no longer than one (1) year from the last active transaction between the data subject and the controller. The data will be erased once storing them is not anymore necessary according to legislation or to ensure the rights or responsibilities of either party.
We take all appropriate measures (including physical, technical and administrative measures) to protect personal data from being lost, destroyed, misused, unlawfully accessed or disclosed to third parties. Only the personnel, who need the data in their work, have access to the personal data stored in the data file. Data is mainly stored only in electronic form and personal usernames and passwords are required for accessing the systems containing personal data. Any physical material is stored in locked premises.
- Rights of the data subject
All data subjects have the right to review all data on them in the data file and request to change possible inaccurate, incomplete or outdated data. Recipients of marketing messages may anytime leave the mailing list by acting as advised in the message. The data subject has at any time the right to withdraw previously given specific consent for processing the data. The data subject also has the right to request the erasure of their personal data from the data file providing that they are no more needed for the purpose they were collected for or that there are no legal obligations in effect concerning the controller regarding the processing or storing them. Furthermore, the data subject may request the controller to transmit their data to another controller when the personal data was provided by them. The data subject has in certain cases the right to request the controller to restrict the processing of personal data concerning them or to object to the processing of their personal data. The data subject can at any time make a complaint to authorities regarding the processing of their personal data.
Any requests related to these rights must be sent in writing to the controller’s contact person, who can then request the data subject to visit the controller’s premises to provide personal identification and possible mandate or other documentation confirming the rightful access to the request. The access request can be made free of charge once a year.
If you wish, you can disable or remove other than strictly necessary cookies modifying the settings within the cookie notification. You can also change or disable the usage of cookies on your browser settings. If you use several browsers, cookies need to be removed from each of them separately. The exact location of the setting depends on the type of the browser you are using. Some cookies are relevant for the functioning of the website, enable easy navigation from a webpage to another and operate certain functions. If you do not accept all the cookies, you may not be able to use all functions and services on the website.
This document has been reviewed / updated 12 September 2023.