1. Data controller

Precedo Consulting Oy​

Business ID 1739637-1​

Kampinkuja 2, 00100 Helsinki, Finland

Including the companies belonging to the group at the time of writing:​

Precedo Performance Oy​

Business ID 2474545-3​

Kampinkuja 2, 00100 Helsinki, Finland.

2. Contact person responsible for the register

Marko Hänninen
Marko.hanninen@precedo.fi

3. Name of the register

Company customer, marketing, and personal register.

4. Legal basis and purpose of processing personal data

In connection with the assignments received by the company, we collect and process personal data in accordance with the privacy policy and applicable legislation. By using our services, website, or contacting us, the individual agrees to our processing of personal data in accordance with this privacy policy.​

We process personal data for the purpose of providing our services and conducting and developing our business, ensuring that we always have a legal basis for processing personal data. Personal data is processed by our employees who have signed a confidentiality agreement in the course of their duties.​

We collect, store, and process personal data only for predefined purposes. We always value people's privacy and are committed to protecting it. We only collect information that is necessary and relevant. The main purposes for which we use the information are: developing our business, communicating with customers, maintaining customer relationships, marketing to customers, recruiting and providing direct search services, helping our corporate customers find suitable candidates for open positions, helping job seekers find jobs that match their profiles, fulfilling our contractual obligations, complying with legal obligations and requirements, and targeting our services.​

The data is not used for automated decision-making or profiling.

5. Data content of the register

The data stored in the register includes: the person's name, position, company/organization, contact details (phone number, email address, address), website addresses, social media accounts/profiles, information about services ordered and changes to them, billing information, information obtained from the person themselves during personal assessments, and other information related to the customer relationship and services ordered.​

Test data related to the persons being assessed is stored for six months, after which it is destroyed.

6. Regular sources of information

The information stored in the register is obtained from the customer, for example, from messages sent via web forms, by email, by telephone, through social media services, from agreements, customer meetings, and other situations in which the customer provides their information.​

We collect personal data mainly from the person themselves in connection with the use of our services or when the person submits their CV to us on their own initiative, for example. In addition, we obtain information from public sources such as press releases, appointment announcements, and LinkedIn. With the person's consent, we may collect information about the person from references.​

Typically, the information we collect from individuals includes: contact details, job application, resume, work history, education, work experience, names of references, information provided in interviews, and results of personality tests and questionnaires used in personal assessments.​

Information collected from public sources: Information mentioned in LinkedIn profiles, such as work history, degrees, language skills, and areas of expertise, information from appointment announcements, press releases, and other information available on public websites.

7. Regular disclosure of data and transfer of data outside the EU or EEA

In our client relationships, we may disclose personal data with the consent of the individual to our client companies' contact persons to the extent necessary for the implementation of recruitment projects or personal assessments. Personal data will not be transferred outside the EU unless the person has given their consent.

8. Principles of register protection

The register is processed with care and the data processed using information systems is protected appropriately. When register data is stored on Internet servers, the physical and digital security of the equipment is ensured in an appropriate manner. The controller shall ensure that stored data, server access rights, and other information critical to the security of personal data are treated confidentially and only by employees and service providers whose job description includes such tasks. Personal data is stored on our service provider's servers located in the EU, which are protected in accordance with industry standards. We take care of data security. Access to personal data is protected by user-specific IDs, passwords, and access rights.