Kaito collects, stores and uses personal data of a user of the www.kaito.fi website and other services provided by the Service Provider (the “Services”). Personal data is collected and used in order to provide and develop the Services as well as the Service Provider’s other products and services in accordance with the terms of this Privacy Policy (the “Policy”). We also process personal data when we receive and handle recruitment applications.
We respect and protect the privacy of visitors to our Websites and users of our Services. This Policy explains the what, how and why of the personal information that we collect when you visit our Websites or when you use our Services.
To register as a user of the Services, you must accept and agree to this Policy. By using the Services, you acknowledge that you have read and understood this Policy.
Personal data is collected when a user registers as a user of the Services. Personal data may include, but is not limited to:
Personal data is further collected in connection with the use of the Services, included but not limited to messages or recruitment applications sent by the user on the Services.
Personal data is collected from the user itself, other users of the Services or a third party. The Service Provider may further collect information which cannot be linked to any natural person, such as identification and profiling data (“anonymous data”). The Service Provider may combine personal data and/or anonymous data with data collected from other services of the Service Provider, or from third parties in connection with advertisement and marketing services.
The failure to provide personal data required by a contract may prevent entering into one or may prevent the Service Provider for further delivery of the Service.
We also obtain other information, including personal information, from third parties and combine that with information we collect through our Websites and Services. For example, we may have access to certain information from a third party social media or authentication service if you log into our Services through the service or otherwise provide us with access to information from the service. Any access that we may have to such information from a third party social or authentication service is in accordance with the authorization procedures determined by that service. By authorizing us to connect with a third party service, you authorize us to access and store your name, email address(es), current city, profile picture URL, and other personal information that the third party service makes available to us, and to use and disclose it in accordance with this Policy. You should check your privacy settings on these third party services to understand and change the information sent to us through these services. For example, you can log in to our Websites and Service using sign-in services such as Facebook Connect or an Open ID provider. These third-party services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form.
The Service Provider may use and process personal data and/or anonymous data collected from the Services and/or other services provided by the Service Provider for the provision, maintenance and development of the Services and the Service Provider’s other products and services as well as sales, customer service and other similar marketing and business purposes. The Service Provider may use collected data for direct marketing purposes, unless the user has prohibited such use. The Service Provider may further use personal data and/or anonymous data for profiling purposes, e.g. targeted marketing to the users of the Services, or for performing its own analytics or any other services.
The legal basis for processing user’s personal data are:
Any data, whether personal or other data, from Third Party Services such as Facebook or other similar social media services is managed according to the platform policy of that specific service.
The Service Provider does not use automated decision-making when processing the personal data.
The Service Provider does not disclose or transfer personal data to any third parties. The Service Provider may however disclose and/or transfer personal data to service providers used by the Service Provider. The service providers used by The Service Provider includes Providers of contact (such as Giosg), analytics (such as Google) and marketing (such as Facebook) solutions. The Service Provider may further disclose and/or transfer personal data to third parties in connection with a corporate merger, an asset purchase transaction or a similar corporate transaction. The Service Provider may transfer data to public authorities when legally required to.
Personal data is not transferred to third parties located outside the European Union or the European Economic Area unless the recipient has implemented relevant safeguards required by the transfer.
The Service Provider may use cookies in connection with the Services to collect data of users. A cookie is a small file stored on the user’s web browser. The user may disable the use of cookies, but this may lead to inability to use the Services properly.
The Service Provider follows generally accepted industry standards and maintains reasonable safeguards to attempt to ensure the security and privacy of any personal data in the possession of the Service Provider.
The Service Provider stores personal data for the period necessary for fulfilling the purposes set forth in this Policy. However, The Service Provider limits the storage period of the data based on following criteria:
The storage period may be extended if the storage of the data is required by legal obligations, such as the ones imposed by The Accounting Act.
The user has the rights to:
The user also has the right to withdraw consent at any time and the right to lodge a complaint with a supervisory authority.
In order to use the said rights, the user shall contact the Service Provider in accordance with Section 8 (Contact Information). The use of rights requires the Service Provider to identify the user. Information required for identification must be provided in the request to use rights. The Service Provider retains data related to use of the user’s rights for 2 years to comply with regulation.
Helsinki
Fredrikinkatu 47 5th floor, 00100 Helsinki
Tampere
Hämeenkatu 14C 27, 33100 Tampere