GLOBAL PRIVACY NOTICE

This global privacy notice applies to any visitor or user (“you”) of the website located at www.peikko.com and any other websites (singularly and collectively “Site”) that Peikko Group Corporation or its subsidiaries and affiliates (singularly and collectively “we” or “Peikko”) own and control, except those that maintain a separate privacy policy, such as www.peikko.de.

We are committed to privacy and to transparency in our information practices. This privacy notice aims to inform you about how we collect, store, use and disclose personal information about you when you interact or use our Site.

In this privacy notice use of the term “personal information” includes other similar terms under applicable privacy laws, such as “personal data” and “personally identifiable information.” In general, personal information includes any information that identifies, relates to, describes, or is reasonably capable of being associated, linked, or linkable with a particular individual.

If we decide to make changes to this privacy notice, we will post the changes on this Site so that you will always know what personal information we collect and how we use it.

 

1. PERSONAL INFORMATION WE COLLECT AND PROCESS

We may collect and process the following personal information about you:

 

1.1 Personal information that you give us:

For example, when using our software, registering to an event or webinar, contacting us as a prospective or existing customer, supplier, employee, other cooperation partner or stakeholder.

Certain types of personal information are more sensitive than others, such as i.e., information about health, race or ethnic origin, criminal offences, political opinions, biometric information, religion, or trade union membership.

We do not generally seek to collect sensitive personal information via this Site or otherwise and request you not to send or share with us any sensitive personal information, except in limited cases, such as providing dietary requirements by reference to religion and/or health conditions, or if you provide accessibility requirements by reference to health conditions as a part of registration for an event.

 

1.2 Personal information that our Site collects about you: 

If you visit our Site we may automatically collect some information about you and your visit. We collect that information by using cookies and similar technologies. Please see our cookie policy for further details.

Our Site may contain links to websites of third parties who are not affiliated to Peikko. If you access such third-party websites by clicking on such links, we are not responsible for the way in which such third parties process your personal information that they collect.

 

2. HOW WE MAY USE YOUR PERSONAL INFORMATION

We will only use your personal information if we have a proper legal basis to do so. Most commonly, we will use your personal information to (i) provide and communicate with you about our products and services; (ii) provide our software solutions, (iii) process your job application, (iv) maintain and develop the Site and our products and services, (v) statistical and analytical purposes (vi) marketing and communication purposes such as for example conducting marketing research, direct marketing, and automated marketing.

 

3. HOW WE SHARE YOUR PERSONAL INFORMATION

We do not provide personal information to third parties for their own marketing purposes. 
Your personal information may be shared if we anonymize and/or aggregate it, as in these circumstances the information will cease to be personal information.
In addition, we might also need to share your personal information to comply with applicable law, enforce contractual rights, and respond to requests from courts, law enforcement, or regulatory agencies and government authorities as long as the request is deemed lawful.

 

4. PROTECTING YOUR PERSONAL INFORMATION

We maintain appropriate administrative, technical, and physical safeguards designed to protect the personal information you provide, or we collect via the Site against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. We use SSL encryption on a number of our Sites from which we transfer certain personal information.

 
5. YOUR RIGHTS AND CHOICES

The data protection laws in your country may entitle you to specific rights and choices in relation to your personal information. In particular, and subject to the legal requirements, you may be entitled to

  • request access to your personal information;

  • update or correct your personal information;

  • restrict or object to our use of your personal information;

  • receive your personal information in a usable electronic format and transmit it to a third party;

  • request that your personal details are deleted from our systems.

  • You may exercise these rights by contacting us. We will treat all such requests in accordance with applicable local law.

 

6. INTERNATIONAL TRANSFERS

We may transfer personal information you provide or we collect via the Site, for the processing purposes to any other companies within Peikko Group or to third parties who process data on our behalf under our instructions. Peikko Group companies and relevant data processors may operate globally across Europe, North America, the Middle East, Asia Pacific, and Africa and may also set up establishments in other regions. We therefore reserve the right to transfer and process personal data on a global and worldwide basis. Whenever your personal information is transferred internationally, we will take appropriate steps to ensure its security and confidentiality in accordance with applicable data protection laws.

 

7. CHILDREN’S PRIVACY

We do not intend for our Site to be used by children. If you are a parent or guardian and believe we may have collected information about a child, please contact us as described in this privacy notice.

 

8. HOW LONG WE KEEP YOUR PERSONAL INFORMATION

We will retain your personal information for the period necessary to fulfil the purposes outlined in this privacy notice unless a longer retention period is required or permitted by law or defined in an agreement. We may retain personal information for longer where required by our regulatory obligations, or where we believe it is necessary to establish, defend or protect our legal rights.

 

9. Analytics

This Site uses Google Analytics, a web analytics service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. The legal basis for this processing is your consent pursuant to Article 6 (1) (a) of the GDPR (in conjunction with Article 5(3) of the Directive 2009/136/EC as implemented into the national laws of the Member States of the European Union).

With your consent, “cookies” (text files) are stored on your terminal device to enable an analysis of the use of the Site. A transmission of your IP address to Google servers in the USA takes place in anonymized form. For this purpose, we use a server-side tagging server (SSTS). On our behalf, Google uses the information to evaluate the use of the Site, to compile reports on Site activity and to provide us with other services related to the use of the Site and the Internet. The user data will be deleted after 14 months at the latest.

You can revoke your consent at any time with effect for the future, and prevent the use of data by Google by downloading and activating the available browser plugin: https://tools.google.com/dlpage/gaoptout
You may also refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this Site.
Further information on data protection at Google can be found at https://policies.google.com/privacy

We use Leadoo’s tracking service to follow what users are doing on the Site and combine this behavioral data with other data we can gather from e.g. chat interactions. Leadoo uses etag tracking in order to hook together the same users behavior over several sessions – in practice this works similarly to cookie based tracking. Please check out Leadoo Marketing Technologies Ltd’s Privacy Policy (https://leadoo.com/privacy-policy/) for more information on what is tracked and what your rights are. Leadoo works as the processor and we work as the controller for the data in terms of GDPR. You can stop the tracking by emptying your browser’s cache after the visit. For more on how Leadoo works as a GDPR compliant processor, see https://leadoo.com/privacy-policy-processor/ 

 

10. CONTACT INFORMATION

If you have any questions in relation to this privacy notice, please contact us at:

 

11. ADDITIONAL INFORMATION FOR RESIDENTS IN CERTAIN JURISDICTIONS

Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements. This privacy notice may be supplemented by local mandatory provisions if the legislation of your country so requires.

In this section, we set forth additional information as required under applicable privacy laws in certain jurisdictions.

 

European Union (EU) / European Economic Area (EEA)

Our processing of personal data of people who are in European Economic Area (EEA) is governed by the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”).


The data controller
Pursuant to an agreement on joint controllership Peikko Group Corporation (Business ID 0641926-7) and certain of its affiliated companies are joint controllers within the meaning of GDPR article 26. To see the list of the affiliated companies, click HERE. Contact details of the data controller is provided above in clause 10 (Contact Information).

 

Purposes of processing
See clause 2 (How we may use your personal information).

 

Legal basis
Generally, we collect and process personal data on the basis of our legitimate interest relating to the abovementioned purposes (see clause 2 (How we may use your personal information). However, we may process personal data on other basis too, for example based on your consent.

 

The recipients or categories of recipients of the personal data
See Clause 3 (How we share your personal information).

 

Transfers of personal data outside of the European Economic Area
If we transfer your personal data to a third country we will ensure that such transfer is made in compliance with Chapter 5 of GDPR.

 

Retention period of personal data
See Clause 8 (How long we keep your personal information).

 

Your right to access, rectification or erasure your personal data, object to processing, and withdraw your consent
You have the right to request access to your personal data, to have your personal data rectified or erased (“right to be forgotten”), right demand restriction of processing and to object to processing of your personal data.  You also have the right of data portability, which means that you can request that we provide you (or a third party you designate) with a transferable copy of your personal data. In case the data processing is based on your consent, you can withdraw your consent.

 

Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data by us infringes GDPR.

 

Absence of statutory or contractual requirement or other obligation to provide any personal data
You have no obligation to provide personal data to us via the Site.

 

Use of automated decision making and profiling
We do not use automated decision making.

 

Privacy Notice for job applicants and employees:

Pursuant to articles 13 and 14 of the GDPR we hereby inform the job applicants and employees about the direct and indirect collection of their personal information.

 

Name and contact details of the data controller
For the purposes of this privacy notice the data controller is the Peikko company to which you have submitted your job application or in which you already are employed. You can find information about the different European Peikko companies and their contact details via European Peikko Group Companies.

 

Purposes of personal information processing
Managing the entire lifecycle of the employees in the organization before and after hiring, such as: personnel file management, payroll accounting, working time recording, travel planning, vacation planning, health checks, trainings, competence, performance management, etc.

 

Categories of personal information
Job applicants: name, contact information (phone number, e-mail address), education, working experience and other information provided by the applicants, which is needed for assessment of applicants’ suitability for the roles.
Employees: all personal ID data and/or copy of ID card or passport, education data and copies of diplomas/certifications, health checks, documents, visa/working permit (if applicable), all competence, performance, disciplinary and other employment related documentation.

 

Legal basis for personal information processing

1) Article 6 (1) (b) of the GDPR, which permits processing for the purposes of preparing and entering into contracts; and
2) Article 6 (1) (f) of the GDPR, which permits processing for the protection of our legitimate interests as an employer.

In addition, personal information is also processed by us on the basis of the consent given by you. You can revoke your consent at any time. This has no retroactive effect. However, due to your revoked consent we are then no longer allowed to process your personal information. The other regulations permitting data processing (Article 6 (1) (f) of the GDPR remain unaffected.

 

Recipients or categories of recipients of the personal information
External processors: those processors who process personal information on behalf of the data controller, for example, recruiters, expense and/or payroll management systems, external HR-business partners, etc. In each case, a data processing contract has been concluded with the processor in accordance with Article 28 of the GDPR.

Personal information is not disclosed to another controller for independent use, unless required by law, such as disclosure to authorities. 

 

Regular sources of personal information
Personal information is provided by the job applicants / employees themselves,
To the extent legal and permitted pursuant to local law personal information may also be collected from external resources supporting Peikko business processes (e.g., recruiters).

 

Transfer of personal information to third countries
If personal information is transferred outside of the European Union – either to other Peikko units or to external processors – that is done either in reliance of adequacy decisions by the EU commission and/or appropriate contractual arrangements (including EU Commission standard contractual clauses, as applicable) are executed. Copies of the standard contractual clauses are available through the contact details mentioned above.

See also clause 6 (International Transfers).

 

Retention period of personal information
See Clause 8 (How long we keep your personal information).

 

Your rights
See above “Your right to access, rectification or erasure your personal data, object to processing, and withdraw your consent” and “Right to lodge a complaint”.

Necessity of providing personal information
The provision of personal information is necessary for the conclusion of employment contract and/or assessment of employee candidate with the data controller. Without the personal information provided, the data controller cannot start the application process and/or cannot perform its obligations as an employer.

 

Automated decision making
See above “Use of automated decision making and profiling”.

 

Further processing of personal information
If we intend to process personal information for purposes other than those for which they were originally collected, you will be informed in advance of such processing, the purpose of which it was collected and other relevant information.

 

Third-party content

Our Site uses the content (“Content”) provided by third parties (“Third-Party Provider”). This always requires that Third-Party Provider of the Content can see your IP address. Without the IP address Third-Party Provider could not send the Content to your device. We aim to publish only Content of Third-Party Providers who use your IP address solely to provide the Content to you. However, we have no influence should a Third-Party Provider store your IP address for statistical or other purposes.

The programming language JavaScript is used regularly to integrate Content. You can deactivate JavaScript in your browser or install JavaScript blocker. Please note, however, that this may result in functional restrictions on the Site.


The following illustration provides an overview of Third-Party Providers and their Content, along with links to their privacy policies, which contain further information on the processing of personal data and, in some cases, options for objection (so-called opt-out):

 

Addsearch
Addsearch is a service provided by Addsearch Oy, Espoo, Finland, to add the search form in the top right of the Site. 

Privacy policy: https://www.addsearch.com/privacy

The legal basis for this processing is your consent according to Article 6 (1) (a) of the GDPR.

 

Cloudfront
Cloudfront, a service provided by Amazon, distributes the Site across multiple platforms across the globe to ensure the speed of the Site is maintained no matter where it is being viewed from.

Privacy policy: https://aws.amazon.com/privacy/?nc1=f_pr

The legal basis for this processing is your consent according to Article 6 (1) (a) of the GDPR.

 

Google Fonts
We use Google Web Fonts API of Google LLC, Mountain View California, to ensure the uniform use of fonts on our Site.

Privacy policy: https://www.google.com/policies/privacy/

Opt-Out: https://www.google.com/settings/ads/ 

The legal basis for this processing is your consent according to Article 6 (1) (a) of the GDPR.

 

Google Maps
This Site uses Google Maps, a service of Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. The legal basis for this processing is your consent according to Article 6 (1) (a) of GDPR in conjunction with Article 49 (1) (a) of the GDPR.

At least the IP address, URL (internet address) of our Site and date/time of use are transmitted to Google. It is not excluded that this information is transmitted to a Google server in the USA. The transmission of personal data to the USA was judged by the European Court of Justice to be fundamentally unsafe without further security measures, as it cannot be ruled out that US security authorities will gain access to this data. In particular, there is a risk that your personal data may be processed by US authorities for control and monitoring purposes, possibly without any legal remedy.

You as a visitor enter into a direct user relationship with Google when using Google Maps.

You can find more information on this in Google’s detailed privacy policy https://policies.google.com/privacy

 

Youtube
We use YouTube, a service of Google Ireland Ltd, Gordon House, 4 Barrow St, Dublin, Ireland, for embedding videos. The legal basis for the data processing is your consent according to Article 6 (1) (a) of the GDPR (in conjunction with Article 5(3) of the Directive 2009/136/EC as implemented into the national laws of the Member States of the European Union).

In doing so, it is not excluded that this information is transferred to a Google server in the USA. The transmission of personal data to the USA was judged by the European Court of Justice to be fundamentally unsafe without further security measures, as it cannot be ruled out that US security authorities will gain access to this data. A data transfer to the USA only takes place if the requirements of Article 44 of the GDPR et seq. are fulfilled.

When using the service, YouTube's terms of use apply: https://www.youtube.com/terms

Google's detailed privacy policy can be found in: https://policies.google.com/privacy

 
 
Google reCAPTCHA
We use reCAPTCHA service of Google LLC in some forms on our Site to protect against misuse and spam. 

Privacy policy: https://www.google.com/policies/privacy/

The legal basis for this processing is your consent according to Article 6 (1) (a) of the GDPR.

 
LinkedIn / Taeggie
LinkedIn’s Content Delivery Network is used by Taeggie Oy, Helsinki, Finland, to display information on the websites front pages in a grid fashion, including images and text taken from LinkedIn posts made by Peikko personnel.

LinkedIn Privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=content_footer-privacy-policy

Taeggie Privacy policy: https://taeggie.com/fi/privacy 

The legal basis for this processing is your consent according to Article 6 (1) (a) of the GDPR.

 

Cookieinformation
On our Site, we use the cookie management platform of Cookieinformation A/S, Copenhagen, Denmark. Cookieinformation is used to obtain and manage the legally required consent for the use of cookies.

Privacy policy: https://cookieinformation.com/cookie-and-privacy-policy/

The processing of your data in this way is based on compliance on legal obligation according to Article 6 (1)(c) of the GDPR.

 
 
[Last updated on 27.09.2023]