Description of the personal data file
Updated: May 31, 2013
Personal Data Act (523/1999) section 10 and 24
(Translation of the original document in the Finnish language. In case of discrepancy, the Finnish language version shall prevail.)
ASPOCOMP GROUP PLC
Business ID: 1547801-5
Keilaranta 1, 02150 Espoo, FINLAND
Tel: +358 20 775 6860
Fax: +358 20 775 6868
2. Contact person
Aspocomp Group Plc
Ms. Marian Ärväs
Keilaranta 1, 02150 Espoo, Finland
Tel: +358 20 775 6860
Fax: +358 20 775 6868
3. Name of the register
Aspocomp Group Plc’s (hereinafter referred to as Aspocomp) register for contact details and job applications.
4. Purpose of the register
The purpose of the register is to enable the handling and maintenance of the client or other business relationship between Aspocomp and the data subject and the processing of feedback and job applications submitted to the company.
5. Content of the register
The register consists of the following sub-registers, the contents of which are described below:
Feedback and contact register
The feedback and contact register contains data that the data subject has sent to Aspocomp either via e-mail or using general inquiries forms and other similar forms available on the company’s website. This data may include, among other things, the name and contact details of the data subject and the submitted feedback, inquiries and registrations (such as for the AGM).
Electronic mailing lists
The electronic mailing lists contain the e-mail addresses of those data subjects that have registered on mailing lists as subscribers of Aspocomp’s publications (such as annual and interim reports and stock exchange releases).
Job applicant database
The job applicant database contains data that the data subject has sent to the company when applying for a specific job or in a so-called open application. This data may include, among other things, the name and contact details, job application and possible appendixes. Aspocomp stores the application data provided by the applicant in the applicant register until the end of the selection process (application for a specific job). The storage time for open applications is six months or a shorter time if the applicant has so specified.
6. Regular sources of information
The source of the information included in the register is the data subject himself/herself.
7. Regular handovers of information
No regular handovers.
8. Transfers of information to countries outside the European Union or the European Economic Area
No transfers to countries outside the EU or the EEA.
9. Principles of safeguarding the register
A. Hardcopy materials
Printouts of applications are stored in locked and guarded premises. Only certain designated employees of Aspocomp have access to and the right to process this data.
B. Data stored electronically
The users register for Aspocomp’s webpage and the information therein is stored on the controller’s system, which is protected by the operating system’s protection methods. Access to the system requires the use of a username and password. The system is also protected with a firewall and other technical measures. Only certain designated employees of Aspocomp have access to and the right to process the register data stored in the system.
10. Right of access and realization of the right of access
The data subject has the right to inspect the data in the register relating to him/her. The subject has the right to inspect said data free of charge. The inspection request shall be made in writing by a personally signed letter. The contact details of Aspocomp are set forth above in Section 1 of this description.
11. Rectification and realization of the rectification
Aspocomp shall, on its own initiative or at the request of the data subject, without undue delay, rectify, erase or supplement personal data contained in the register if it is erroneous, unnecessary, incomplete or obsolete as regards the purpose of the processing.
Aspocomp shall also prevent the dissemination of such data, if this could compromise the protection of the privacy of the data subject or his/her rights. If Aspocomp cannot accept the request of the data subject to rectify the error, a written statement to this effect shall be issued. The statement shall also mention the reasons for the refusal. In such case, the data subject may bring the matter to the attention of the Data Protection Ombudsman.
Aspocomp shall notify the recipients to whom the data have been disclosed and to the source of the erroneous personal data of the rectification. However, the company shall not be obligated to notify these parties if this is impossible or unreasonably difficult.
Aspocomp’s contact details are set forth above in Section 1 of this description.