Privacy policy

  1. Definitions
  2. The controller
  3. For what purposes can personal data be processed and what is the basis for processing the data
  4. What personal information can be collected and where is the data collected from
  5. Who has access to your personal information and who we may disclose it to
  6. How is personal information protected
  7. Privacy rights
  8. How long will your data be stored for
  9. Data transfer outside the EU or the EEA/Notification of international transfers
  10. Collecting customer feedback
  11. Website monitoring
  12. Use of cookies
  13. Contact forms on the website
  14. Using the email system
  15. How to contact
  16. Automatic profiling
  17. Changes to our Privacy policy

1. Definitions

”The controller” means Checkfin Oy, who determines the purposes and means of processing Personal Data. 

“Registered User” means a natural person whose Personal Data is processed by Checkfin.

“Legislation” means any national data protection laws, the European Union Data Protection Regulation (2016/679, “GDPR”) from the date of its application (25 May 2018), and any future data protection legislation in force at any given time.

“Model contract clauses” refer to the standard contract terms adopted by the European Commission for the transfer of personal data from EU controllers to third-country processors (Decision 2002/16 EC).

“Personal data” means any information relating to an identified or identifiable natural person; identifiable means a natural person who can be identified, directly or indirectly, in particular by reference to identification, such as name, identity number, location, online identification or one or more specific physical, physiological, genetic, mental, economic, cultural or social factors.

“Processing” means any activity or activities in which Personal Data is processed.

“Subcontractor” means a processor who performs processing in accordance with this Privacy policy on behalf of Checkfin.

2. The controller

Checkfin Oy

3194118-8

Nummenkatu 15

28120 Pori

Finland

3. For what purposes can personal data be processed and what is the basis for processing the data

Checkfin collects and processes your information in connection with the registration and completion of training, as well as in connection with document review requests and assignments received from Checkfin’s partners. Personal information is used to ensure the operation of the online training platform used by Checkfin and to enable Checkfin to provide advice and service related to its operation.

In addition, customer information can be used for training communication and marketing. If personal data is to be used for marketing, a marketing permit will be requested separately in connection with the collection of personal data.

Consent to marketing

If we intend to carry out customer marketing, we will ask for separate marketing authorization in connection with the collection of personal data. The maintenance of marketing bans is automated and it is easy for the customer to leave our marketing list. We do not use the mass mailing features of email programs in e-marketing, but each message is sent individually and individually to a person. This way, the recipient’s email address will not be visible to anyone other than the recipient.

4. What personal information can be collected and where is the data collected from

4.1 Training services

Checkfin collects information either from you, your employer, or from Checkfin Oy’s partners or authorities. Your information may also be collected from other reliable sources such as Digital and population data services agency.

We may collect the following personal information:

  • First name
  • Surname
  • Email address
  • Employer company
  • Company name
  • Country/Area
  • Address
  • Postcode
  • City
  • Telephone number

4.2 Consulting and expert services

From an assignment, Checkfin can collect the following personal data regarding the customer’s personnel and the personnel of the customer’s partners:

  • First and last name (as well as former names), gender
  • Date of birth, social security number and tax number
  • Citizenship
  • Address in Finland and at home
  • Documentation proving the right of residence, such as passport or residence permit card
  • Salary information

Collaborators include the customer’s direct contractual partners, subcontractors, temporary work agencies and private entrepreneurs.

The information will not be disclosed to third parties, excluding the customer’s designated contact persons and supervisory authorities.

The information can be used in the construction and shipyard industry for statutory reporting to the Tax Administration (Act on taxation procedure 1558/1995, Act on tax number and tax number register 473/2021). The information can also be used to verify the right to work in Finland (Aliens Act 301/2004) and to report the posted employees (Act on Posting Workers 447/2016).

Information is stored in accordance with the time limits determined by current legislation.

4.3 Representative service for posted workers

Information for providing the service is collected directly from the client, who acts as the employer of the persons or the client of the work. Regarding posted workers, the information can be disclosed to the supervisory authority upon request. The collection of data when providing the service is based on the Act on Posting Workers 447/2016.

The following information can be collected about individuals:

  • First and last name
  • Date of birth, social security number and tax number
  • Citizenship
  • Address in Finland and at home
  • Salary information
  • Work to be done
  • Salary slips
  • The principal terms and conditions of employment

The information will not be disclosed to third parties, excluding the customer’s designated contact persons and supervisory authorities. Information is stored in accordance with the time limits determined by current legislation.

5. Who has access to personal data and to whom we disclose data

Checkfin does not sell or share personal data with third parties. When redeeming an online training course from the online store, using a coupon code paid by another party, the name and performance data of the person completing the training can be shared with the party paying for the training.

Checkfin may transfer personal information to its service partners or these partners may be granted access to Checkfin’s systems that contain personal information. In such a case, that partner will process personal data on behalf of Checkfin in accordance with its instructions and has contractually agreed to, among other things, keep the data confidential. In addition, within Checkfin, access is only granted to persons who need personal data to perform their duties.

6. How is personal information protected

Information will be treated with the highest standards of security and confidentiality. The register is stored in a database that is protected by firewalls, passwords, and other technical means and can only be accessed by persons authorized by Checkfin.

Registered users log in to the system using an email address as a username and select the password themself. Administrators see the email addresses of registered users but not the password.

7. Privacy rights

The registered users have rights in relation to the personal data held by Checkfin. These rights are:

  • The right to request access to the personal information in Checkfin’s possession.
  • The right to request correction of incorrect or incomplete information.
  • In certain situations, the right to request a restriction on the processing of personal data or to object to the processing
  • The right to request the deletion of data from the registers.
  • The right to prohibit the collection of personal data for direct marketing purposes as well as direct marketing.
  • The right to receive personal data in our registers in electronic form.

Notwithstanding the above rights, the information provided by the customer may still be processed in order to fulfill legal obligations.

8. How long will your data be stored for

We will dispose of outdated and unnecessary information in an appropriate manner. We will only retain personal information for as long as is necessary to fulfill the purposes for which the personal information is processed as defined in this Privacy policy.

Checkfin will retain your personal information for at least the duration of the contractual relationship between Checkfin and its contracting partner, after which Checkfin will review the need to retain your personal information.

In any case, your personal data will be deleted no later than 10 years after the end of the contractual relationship between Checkfin and the service subscriber.

9. Data transfer outside the EU or the EEA/Notification of international transfers

As a general rule, your personal information will not be transferred outside the EU or the EEA.

We may however use subcontractors who may have access to your personal information from outside the EU / EEA, such as the United States, to process your personal information related to the completion of online courses provided by Checkfin. We ensure the proper and lawful execution of transfers in accordance with the legislation on the processing of personal data.

We would only ever transfer your personal data outside the EU / EEA area on any of the following legitimate grounds:

  • The European Commission has decided that an adequate level of data protection has been ensured in that recipient country;
  • We have taken appropriate safeguards to the transfer of your personal data using standard data protection clauses approved by the European Commission. In that case, you have the right to obtain a copy of those standard expressions by contacting us; or
  • You have given your explicit consent to the transfer of your personal data, or the transfer of your personal data outside the EU / EEA area, there is another legal basis, such as the Privacy Shield Arrangement approved by the European Commission for the United States.

10. Collecting customer feedback

Checkfin collects customer feedback on its services. Giving feedback is voluntary. No personal information will be collected in connection with the provision of feedback that could identify an individual registered user. Statistically collected data cannot be linked.

11. Website monitoring

Checkfin’s website is open to everyone and no registration is required to browse the pages. The site collects statistics on the use of the online service to support the development of the site. Website tracking is performed using Google Analytics and the statistical data it enables.

No personal information is collected about the use of the online service that could identify an individual visitor. Statistically collected data cannot be linked.

12. Use of cookies

The website uses cookies. In addition to statistics, cookies are used to ensure that the service is secure, efficient, and user-friendly. 

13. Contact forms on the website

The website may have contact forms that allow visitors to submit a contact or quote request. The following information may be asked on the contact form:

  • Name
  • Email address
  • Telephone number
  • Company name
  • Free text

The information on the contact form is automatically transferred to Checkfin’s email address.

14. Using the email system

Inquiries sent to Checkfin’s email address [email protected]  and other emails requiring Checkfin’s actions will be sent to a shared email inbox. Emails are readable by Checkfin staff only and require staff members to log in to a computer or email program with a username and password. The username and password are stored behind locked doors or lockers or in electronic systems that require login.

The provisions of the Electronic Communications Data Protection Act on the confidentiality of communications apply to emails and identification data stored in the email system. A person who has received or otherwise gained information about a confidential message or identification information not intended for him or her may not disclose or use the content of the message, identification information, or information about the content of the message without the consent of the party to the communication unless otherwise provided by law.

Personal emails are subject to the provisions on the confidentiality of communications, which means that neither the employer/employer’s representative nor other third parties can view or open the messages without the consent of the person concerned. The Act on the Protection of Privacy in Working Life (759/2004) specifies the exceptional situations and ways in which a message received in a personal email may be opened without the consent of the person concerned.

15. How to contact

If you have any questions or concerns regarding your privacy, please contact Checkfin Oy by sending an email to [email protected] 

You also always have the right to make a complaint with the relevant supervisory authority or the supervisory authority of the EU Member State where you reside or work if you consider that we have not processed your personal data in accordance with the applicable data protection law. More information can be found at: http://tietosuoja.fi 

16. Automatic profiling

The customer is not subject to automatic profiling on ​​the basis of the personal information provided.

17. Changes to our Privacy policy 

We may occasionally update this Privacy policy. We encourage you to periodically review this Privacy policy to stay informed about how we are protecting your information.