LAITEKOODIT - PRIVACY STATEMENT
(General Data Protection Regulation (EU) 2016/679, articles 12 – 14)
This privacy statement explains how Fingrid Oyj processes personal data concerning within the Laitekoodit application.
1. Contact information for the Registrar
Fingrid Oyj, Data Protection Officer
PO Box 530, 00101 Helsinki
Fingrid Oyj - telephone switchboard +358 (0)30 395 5000
2. Person in charge of register matters
Data Protection Officer Antti Kivipuro
3. The purpose of and grounds for personal data processing
The processing of personal data and data from users' devices is based on the legitimate interest of Fingrid or a third party.
During the use of the application user’s personal data is collected to Fingrid’s asset management systems to keep track of actions performed to its assets. In addition, personal data is processed to ensure smooth operation and security of systems.
4. Personal data to be processed
Personal data processed is:
-Timestamps for logins
-User’s location data (with users’ consent)
In addition, application collects data of user’s devices unique identifiers and its location.
5. Regular data sources
Personal data is obtained from Fingrid's internal user management system, and from the partners who use the application and from the registered self.
6. Regular assignments of data
The information collected by the application is handled by the Fingrid’s partners providing application development and maintenance.
7. The transfer of data outside the EU or EEA
Data in a register may be transferred outside the area of member states of the European Union or the European Economic Area, if this is necessary in terms of the purposes of processing the above-mentioned personal data or of the technical execution of the data processing. In that case, the transfer of the data complies with the requirements stipulated in the EU Data Protection Regulation.
8. Data protection
Data is protected by appropriate technical and organizational measures. The paper material is stored in a locked state. Electronic material is protected by technical measures and access to the systems is granted only to those persons for whom it is necessary for their work or function. Fingrid's personnel are bound by professional secrecy. Staff are trained and instructed in the lawful processing of personal data.
External data processors are also required to have adequate technical and organizational protection measures as well as a commitment to confidentiality.
9. Time for storing data
Data is processed and stored for the period of time necessary for accomplishing the original purpose or legal obligations.
10. Rights of the data subject
The data subject has the right to request access from the Registrar to personal data concerning him/herself, the right to request correction of his/her personal data, a limitation on processing and, in certain situations, also to receive the data he/she has given in machine-readable form.
The data subject has the right to have his/her data removed, insofar as the processing of the data is based on the consent of the data subject, or if the personal data is not required for the purposes described in Section 3. There is no right to the removal of data if Fingrid has a statutory obligation to keep the data, or if Fingrid needs the data to prepare, present or defend a legal claim.
A data subject may use his/her rights by contacting:
Fingrid Oyj / Antti Kivipuro
PO Box 530, 00101 Helsinki
11. Automatic decision-making and profiling
The Registrar does not make decisions based on automatic processing.
12. Making a complaint to the supervisory data protection authority
If a data subject considers that the processing of his/her personal data breaches applicable legislation, or his/her statutory rights have been infringed, he/she may make a complaint about the matter to the Data Protection Ombudsman whose contact information can be found at the following address: http://www.tietosuoja.fi/en/.