Privacy Policy

1. Data Controller

The data controller for the purposes of data protection legislation is ALM Group Oy or its subsidiaries (hereinafter referred to as “we” or “ALM Partners”). We are responsible for ensuring that personal data is processed and protected in accordance with the EU General Data Protection Regulation (679/2016), the Data Protection Act (1050/2018), the Act on Privacy and Electronic Communications (516/2004), the Information Society Code (917/2014) and other applicable EU and national legislation.

1.1. Contact details of the controller

ALM Group Oy (business ID 3018110-5) and its group companies
Address: Mechelininkatu 1 A, 00180 Helsinki
Phone number: +358 (0) 102796800
Email: tietosuojavastaava@almpartners.fi

2. Collection of personal data and processing 

We collect your personal data for the purposes of managing our customer relationship and partners, providing, implementing, maintaining services and ensuring their data security, developing customer service and business, recruitment, accounting, marketing for statistical purposes communications and the implementation of event arrangements.

You are not obliged to provide us with your personal data, but doing so may impair or limit the service we provide.

For example, we collect and process the following personal data:

– Basic information, such as name, job title, and contact information.
– Job seeker information, such as education, work experience, skills, resume, and photo.
– Referee information, such as contact information, role, relationship with the job applicant, references.
– Information related to the customer relationship, such as information about services and orders, payment information, billing information, marketing permissions.
– Customer contacts and related correspondence.
– In connection with customer reference information: name, title, company, photos and reference texts.
– Personal data generated in connection with the use of our service or website, such as information collected from the website through cookies or similar technologies
– Other information specified on a case-by-case basis.

3. Purpose, legal basis and storage of personal data

Personal data is collected and processed for the following purposes:

3.1. Recruitment 

The register is intended for ALM Partners’ job advertisements and the processing of applications and applicant information for open positions. The applicant may have applied for a specific position or sent an open application. By submitting your application to us, you consent to our processing of your personal data.

Personal data will be stored for six (6) months after the receipt of your application, unless you have given your consent for a longer storage period or separately ask us to delete your data before that.

3.2. Provision of the Service and Customer Relationship Management

To provide and deliver services to our customers, we need to maintain the information of the customer company or contact person. For example, we may store information related to your access rights and use of our services, access control information when you visit our office, or feedback you provide. The processing of personal data in this case is based on a contract between us and the customer and on our legitimate interest.

Personal data is stored for the duration of the customer relationship and after the end of the customer relationship for the purpose of settling possible damages or fulfilling contractual obligations, or if required by law.

4. Recipients or categories of recipients of the data

Third parties may be used to process the data to the extent permitted by law. Any other processing of data requires your consent or is based on an explicit provision of law.

4.1. Processors

When ALM Partners processes personal data, it is sometimes shared with other parties. These other parties are then the processors of personal data, which means the companies with which ALM Partners has a binding legal agreement. The service providers we use will only process your personal data in accordance with our instructions, contractual and legal obligations, and only for the purposes we have specified.

These may only use other third parties permitted by ALM Partners for that processing.

ALM Partners may use third-party service providers who provide us with services such as:
– Recruitment services
– Customer relationship management and customer information system
– To manage the services we provide
– Sales and marketing as well as campaign and analytics services
– Development of products and services
– Information security services and IT services
– Accounting services
– Cookie management tools, website user tracking and content
– Access control and control
– Software and system services and cloud services
– Payment and invoicing services
– Consulting services
– Device management services
– Communication services

Personal information may be shared with such service providers and third parties to the extent necessary to maintain, develop, and provide ALM Partners’ services. ALM Partners has the right to share your personal data to the extent necessary to provide these services.

5. Transfer of data outside the EU/EEA

In some cases, data may be transferred outside the European Union (EU) and the European Economic Area (EEA) if it is necessary, for example, for the implementation of the service or technical support.

We always transfer your personal data outside the EU and EEA in compliance with applicable legislation. Personal data may be transferred outside the EU and the EEA, for example, if the European Commission has issued a decision on the adequacy of the protection of personal data in the countries to which the data is transferred (the so-called “Adequacy Decision”, Article 45 of the GDPR). The transfer of personal data outside the EU and EEA may also be carried out using standard contractual clauses (SCCs) or “Standard Contractual Clauses” approved by the Commission.

6. Your rights

You have a number of rights related to the processing of your personal data, which you can read more about below. Please note, however, that not all rights are available in all situations. The rights available depend, among other things, on the legal basis for the processing.

Exercising rights is usually always free of charge. However, if you make requests on an ongoing basis, or if your request is otherwise considered unfounded or excessive, we may refuse to comply with your request or charge you a reasonable processing fee. However, in such a situation, we will always notify you in advance of the charge.

If you have any questions regarding the processing of your personal data or wish to exercise your data protection rights, please contact the data controller. Our contact details can be found at the beginning of this policy.

You have the following rights in relation to your personal data:

1. Right of access to your data and right to rectification and/or updating of data:
You have the right to check what personal information about you we are processing, or to obtain assurance that we are not processing your personal information. If you believe that your personaldata is incorrect, inaccurate or incomplete, you have the right to ask us to rectify your data.

2. Right to erasure:
You have the right to ask us to delete your personal data. We will also delete the data if the processing of personal data has been based on consent and you withdraw your consent or if the processing has been based on our legitimate interest and you object to the processing of your personal data and there are no other grounds for the processing. However, we are unable to delete personal data that is necessary to comply with binding legal obligations or that is required to be retained under applicable law.

3. Right to object to or restrict processing:
You have the right to object to the use of your personal data for direct marketing purposes, to send promotional materials, profiling or to conduct market research. In addition, you may object, on grounds relating to your particular situation, to the processing of personal data based on our legitimate interest.

In certain situations, you have the right to demand the temporary restriction of processing. Temporary restriction means that we will retain your data, but we will not delete or otherwise process it. For example, if you need the information we process to make a legal claim, you can ask us to restrict the processing of your information.
You can contact ALM Partners to request a restriction on data processing or to object to any other form of processing.

4. Right to data portability:
You have the right to request and receive the personal data we have collected about you in a commonly used and machine-readable format. If we believe that the request is unreasonable, we may charge a reasonable fee for the transfer.

The right to portability only applies to situations where we process your personal data on the basis of your consent or on the basis of a contract, and only applies to data that you yourself have provided to us and the processing of which is carried out by automated means.

5. Right to withdraw your consent:
You have the right to withdraw your consent at any time. If you withdraw your consent, we will stop processing your personal data to the extent that it has been based on your consent. However, in special situations, for example, we may be required by law to continue to retain some personal data, even if it was originally collected on the basis of your consent. The withdrawal of your consent will not affect the lawfulness of the processing of personal data carried out by us prior to the withdrawal of your consent.

6. Right not to be subject to automated decision-making:
We do not use your personal data or profiling to make automated decisions that affect you or otherwise affect you in a significant way.

If you wish to exercise your rights, you can send a request to tietosuojavastaava@almpartners.fi.