This privacy statement describes how Younite AI Oy (“[Younite AI or the “data controller”) processes personal data. The data protection statement applies to our website, marketing, and customer relationship management, the processing of personal data related to the products and services we offer, and the recruitment of new employees.
We comply with applicable data protection legislation in all processing of personal data. Data protection legislation refers to valid data protection legislation, such as the European Union's General Data Protection Regulation (2016/679) and the Finnish Data Protection Act (December 5, 2018/1050). The concepts related to data protection, which are not defined in this data protection statement, are interpreted in accordance with the data protection legislation.
Our services and website may also contain links to external websites and services operated by other organizations. This Privacy Statement is not suitable for their use, so we recommend that you read the privacy statements that apply to them separately.
"Personal data" means all data concerning natural persons ("data subject") from which the person can be directly or indirectly identified, as defined in more detail in the data protection regulation.
The purposes of use (and legal grounds in parentheses) for processing personal data are:
When we process personal data based on a legitimate interest, we evaluate the benefits and possible harms of the processing to the data subject and have assessed that the rights and interests of the data subjects do not override the legitimate interest. Upon request, we provide more information about the processing of personal data based on a legitimate interest.
If we process personal data in order to comply with the requirements of legislation or to fulfill certain part of our reporting obligations, the legal basis for the processing is primarily to comply with a statutory obligation.
Personal and contact information*
Name, telephone number, address, and email address of the customer and/or representative or subcontractor.
Information about products and services (including orders within) and customer communications*
Information about processed orders, order delivery time, invoicing information, and information related to contracts, customer communication, and complaints.
Information related to marketing (including direct marketing) and events, as well as consents and prohibitions given by the data subject
Contact information for marketing, as well as information collected in connection with events and occasions. Consents and prohibitions regarding direct marketing.
Information regarding the use of websites and other electronic services
IP address, electronic communication identification data, search and browsing data, browser and operating system data and registration data
Information related to the recruitment process
Name, date of birth, address, telephone number, e-mail address, basic education and degrees with date of completion, other completed education, skills, current position and previous positions (employer, position title and position description), possible referees and other information provided by the job seeker to the registrar
* Marked information is necessary
We collect personal data directly from the data subject, for example in connection with a transaction, or when the data subject buys or orders our products or services either himself or on behalf of the organization he represents, or in connection with registration, when the data subject visits our website or our other electronic services, subscribes to our newsletter, responds to a customer satisfaction survey or otherwise communicates with us.
We also receive personal data from other external sources, such as private registry services and registries maintained by authorities, such as the Patent and Registration Board.
In a recruitment situation, information is primarily collected from the registered person himself. In addition, with the data subject's consent, personal data can also be collected from other sources, such as from the service provider carrying out the suitability assessment. Personal data can also be collected from referrers notified by the data subject.
Contracts and related customer contact information are kept for the duration of the customership and for 6 years after the end of the customership due to the long-term life cycle of business products.
Personal data collected for marketing purposes based on consent will be stored until the given consent is revoked. Information collected for marketing purposes on another legal basis is stored for two years from the active contact of the customer/potential customer with the controller.
Information about the use of the website is stored for one year from the date of data collection.
The data controller keeps the personal data of the job seeker after the end of the recruitment process for as long as is necessary to fulfill the data controller's rights and obligations and to respond to possible demands, however no more than two years after the recruitment decision is made.
After the end of the purpose of use, the personal data will be deleted or made anonymous within a reasonable time.
Upon request, we will provide more information about personal data storage practices.
Various service providers and other third parties may also be used in the processing of personal data, such as providers of technical solutions or server space or accounting and financial administration service providers. We take care of the agreements required by data protection legislation with the entities we use in processing personal data.
Personal data can be handed over to third parties in situations required by legislation or authorities, or to investigate abuses, and to ensure security. In addition, personal data may have to be disclosed in connection with legal proceedings or similar legal procedures.
If the controller is involved in a merger, business transaction or other business arrangement, personal data may be disclosed to the parties to the arrangement or to parties assisting in the arrangement.
Upon request, we will provide additional information about recipients of personal data.
When data is transferred outside the European Union or the European Economic Area, the company takes care of the adequate level of protection of personal data, for example by agreeing on personal data processing in the manner required by data protection legislation, such as using standard contract clauses approved by the European Commission.
Upon request, we will provide additional information regarding the transfer of personal data and the protection mechanisms used.
Data security and the protection of personal data are of the utmost importance to us. We use appropriate technical and organizational safeguards to protect personal data. We also ensure the fault tolerance of our systems and data recovery possibilities. The right of access to personal data is limited only to separately authorized entities. Entities processing personal data have a duty of confidentiality regarding matters related to the processing of personal data.
Registrants have rights to their own personal data in accordance with data protection legislation. However, the application of rights in each individual situation depends on the purpose and situation of use of personal data.
We hope that you will contact us if you have any questions regarding the processing of your personal data.
You can send a request regarding the registered person's rights by letter or e-mail using the contact information mentioned in this privacy statement.
The identity of the person making the request can be checked before the request is processed. The request will be answered within a reasonable time and, as a rule, within one month from the time the request is submitted and the identity is verified. If the request cannot be agreed to, the refusal will be notified separately.
The data subject has the right to file a complaint with the competent data protection authority if the data subject considers that his personal data has been processed in violation of data protection legislation.
You can find the contact information of the Finnish Data Protection Authority from here.
This Privacy Statement has been published on July 1, 2023.
We don’t mean to be aggressive. We’re just enthusiastic about solving problems. Challenges fuel us.