1. Data Controller
URA Group Ltd, Ansatie 4, 01740 Vantaa
2. Contact Person Responsible for the Register
Timo Honkavaara, timo.honkavaara(at)uragroup.fi
3. Register Name
Register of Job Applicants: URA Group Ltd recruits new employees through a contact form and may contact individuals who have submitted an open job application via the form.
4. Legal Basis and Purpose of Personal Data Processing
The legal basis for processing personal data under the General Data Protection Regulation is the data controller’s legitimate interest and relies on the sender’s consent. The purpose of processing personal data is to communicate with individuals who have submitted the form. The information is not used for automated decision-making or profiling.
5. Register Data Content
The following information is stored in the register: person’s name, email address, phone number, age, and optionally work experience or any other self-disclosed information.
6. Regular Data Sources
The information stored in the register is obtained from the customer through messages sent via web forms, email, or phone contact.
7. Regular Disclosures of Data and Transfer of Data outside the EU or EEA
Data is not regularly disclosed to other parties. Data may be transferred by the data controller outside the EU or EEA. Data will not be transferred to the United States without explicit consent from the registered individuals.
8. Principles of Register Protection
The register is processed with due care, and the information handled by information systems is appropriately protected. We have outsourced IT administration to external service providers who manage and secure the servers where personal data is stored. We have ensured data protection with our subcontractors by drafting data processing agreements and verifying that our subcontractors have similar agreements with their subcontractors.
9. Right of Inspection and Right to Request Correction of Information
Every individual in the register has the right to inspect the information stored about them and to request correction of any incorrect information or supplementation of incomplete information. If a person wants to inspect the information stored about them or request corrections, the request should be sent in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within the time frame specified in the EU Data Protection Regulation (usually within one month).
10. Other Rights Related to the Processing of Personal Data
Individuals in the register have the right to request the erasure of their personal data from the register (“right to be forgotten”). Registered individuals also have other rights under the General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests should be sent in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within the time frame specified in the EU Data Protection Regulation (usually within one month).