Privacy Policy
1 Controller
Nordic Healthcare Group Oy, business ID 2629495-9
Keilaniementie 1, FI-02150 Espoo
2 Contact Person for Matters Concerning the Data File
Virpi Kronström +358 50 5911593
3 Person Responsible for Data Protection
The Data Protection Officer is Minna Willman, Opsec Oy, dataprotection@nhg.fi.
4 Name of the Data File
Nordic Healthcare Group Oy’s Client Register
5 Purpose of Processing Personal Data
The data are used for sales, client meetings and other management of the client relationship, client communication and the improvement of the user experience in the nhg.fi online service. In addition, the data are used for marketing purposes.
Our grounds for processing in terms of marketing is our legitimate interest and, in terms of the management of the client relationship, the implementation of the agreement between us and the client. We also send electronic direct marketing messages based on consent.
6 Data Contents of the Data File
We collect name, phone, e-mail and address information. Cookies provide us with measurable data on our visitors, which we utilize e.g. when planning our marketing. This allows us to target our communication efforts as precisely as possible. We do not disclose data to third parties for marketing purposes.
7 Sources of the Data in the Data File
The collection of name and other contact information is based on a customer relationship or other connection to Nordic Healthcare Group Oy. We collect data in connection with the registering of meetings or the establishment of a contract. We also track cookies and your visit to the nhg.fi site will leave a trace, the IP address.
8 Regular Disclosures of Data
Data shall not be disclosed to third parties for marketing purposes.
9 Transfer of Data to a Third Country (Outside the EEA) or to an International Organization
Data shall not be transferred outside the EU/EEA.
10 Principles of Data File Protection
We respect the confidentiality of your personal data. The data file has been saved in a databased secured using firewalls, passwords and other technical safeguards and to which only individuals authorized by Nordic Healthcare Group Oy have access.
We destroy obsolete and unnecessary data appropriately. We store personal data only for as long as is necessary to fulfil the purposes of processing personal data defined in this Privacy Policy. Due to the obligations under the Accounting Act or other applicable law, data may have to be stored longer than the above-mentioned period.
11 Right of Access
The data subject shall be entitled to access his/her data that have been saved in the data file. In addition, after submitting an adequately detailed and specified request for inspection, he/she shall be entitled to access the data relating to him/her and contained in recordings. A written and signed request for inspection must be submitted to the following address: Nordic Healthcare Group Oy, Keilaniementie 1, FI-02150 Espoo.
12 Right to Demand the Rectification and Erasure of Data
The controller must rectify incorrect data indicated by the party concerned in the personal data file. The controller shall also be under the obligation to use its own initiative to verify the appropriateness and timeliness of data in the data file. The data subject may also demand the controller to erase data concerning him or her from the data file. The person responsible for data protection shall manage the processing of the procedure.
13 Other Rights Relating to the Processing of Personal Data
The data subject shall have the right to demand restriction of processing of personal data. The data subject shall also have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller. In addition, the data subject shall have the right to object to processing of data, automatic decision-making and profiling.
14 Approval of the Privacy Policy
The Privacy Policy has been approved as continuous and revised on 25 May 2018.
Job Applicant’s Data Protection: This is how we process personal data during recruitment
1 Controller
Nordic Healthcare Group Oy, business ID 2629495-9
Keilaniementie 1, FI-02150 Espoo
2 Contact Person for Matters Concerning the Data File
Elina Seppänen, hr@nhg.fi, +35850500765
3 Person Responsible for Data Protection
The Data Protection Officer is Minna Willman, Opsec Oy, dataprotection@nhg.fi.
4 Name of the Data File
Nordic Healthcare Group Oy’s job applicants
5 Purpose of Processing Personal Data
Processing of applicant’s data related to the recruitment process. Data processing is based on the data subject’s consent.
6 Data Contents of the Data File
Data related to applications: name, phone, e-mail, address information and a CV and possible education and work certificates and transcripts of studies.
7 Sources of the Data in the Data File
We only process data provided to us by the job applicants.
8 Regular Disclosures of Data
Data shall not be disclosed to third parties.
9 Transfer of Data to a Third Country (Outside the EEA) or to an International Organization
Data shall not be transferred outside the EU/EEA.
10 Principles of Data File Protection
We respect the confidentiality of your personal data. The data file has been saved in a databased secured using firewalls, passwords and other technical safeguards and to which only individuals authorized by Nordic Healthcare Group Oy have access.
We destroy obsolete and unnecessary data appropriately. We store personal data only for as long as is necessary to fulfil the purposes of processing personal data defined in this Privacy Policy. Due to the obligations under the Accounting Act or other applicable law, data may have to be stored longer than the above-mentioned period.
11 Right of Access
The data subject shall be entitled to access his/her data that have been saved in the data file. In addition, after submitting an adequately detailed and specified request for inspection, he/she shall be entitled to access the data relating to him/her and contained in recordings. A written and signed request for inspection must be submitted to the following address: Nordic Healthcare Group Oy, VKeilaniementie 1, FI-02150 Espoo.
12 Right to Demand the Rectification and Erasure of Data
The controller must rectify incorrect data indicated by the party concerned in the personal data file. The controller shall also be under the obligation to use its own initiative to verify the appropriateness and timeliness of data in the data file. The data subject may also demand the controller to erase data concerning him or her from the data file. The person responsible for data protection shall manage the processing of the procedure.
13 Other Rights Relating to the Processing of Personal Data
The data subject shall have the right to demand restriction of processing of personal data. The data subject shall also have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller. In addition, the data subject shall have the right to object to processing of data, automatic decision-making and profiling.
14 Approval of the Privacy Policy
The Privacy Policy has been approved as continuous and revised on 25 May 2018.