Controller: Propria Oy
Business ID 0801155-6
Address: Konetie 25, 90630 Oulu, Finland
In our group, the controller is the parent company Propria Oy. Our group companies are Meka Pro Oy and Unipro Oy, and in Sweden Meka Pro AB.
As a registrant, you can be either our customer, a potential customer, their contact person, our employee, a potential employee or another member of our stakeholders whose contact is important or necessary for us.
In all matters relating to the processing of personal data and in situations where the data subject wishes to exercise his or her rights, he or she is invited to contact the controller at the following address.
Propria Oy stores information about the contact persons of customers, companies and organisations, as well as contact partners and contact persons of potential customers and contact partners. Personal data is used to manage customer and partner relationships. It is also used to manage contacts or similar information regarding the websites and related services of Propria Oy and its group companies.
Purposes and legal grounds for processing personal data
The processing of personal data is based on:
- Consent given by the data subject
- A contract to which the data subject is a party
- The controller’s legal obligations or the law.
- The legitimate interest of the controller
- The legitimate interest is based on the customer relationship between the data subject’s employer and the controller.
- Protecting vital interests
The purpose of processing personal data is recruitment, employment management, marketing, maintaining customer relations and partnerships, developing activities, and organising events.
The following information about data subjects is processed:
- Phone number
- A person’s relationship with their employer
- The country where the person works
Retention of personal data
We strive to keep the personal data we hold accurate and up to date by removing unnecessary information and updating outdated information.
As a registered user, you have several rights in relation to your personal data. Please contact us in writing if you wish to take any action or have any questions about your rights.
Recipients of personal data
Various service providers and other third parties, such as providers of technical solutions or server space, may also be used to process personal data. Group companies may also process personal data on behalf of another group company.
Personal data may be disclosed to third parties in situations required by law or by a public authority, or for the purpose of investigating misconduct or ensuring security. In addition, personal data may need to be disclosed in connection with legal proceedings or similar legal proceedings.
Protection of personal data
We take care of the technical security of data centres and systems, as well as the security of processes. Servers are protected against data breaches and denial of service attacks. Only the controller and those persons whose work is strictly necessary for the purposes of the controller’s duties have access to the data in the register. Registry data are backed up securely and can be restored if necessary. Appropriate technical and administrative measures shall be taken to ensure the security of the register and the confidentiality, integrity and availability of personal data.
Right to inspect and obtain information
At your request, we will provide you with all the personal data we hold about you in our records. We will provide you with the information in a structured, commonly used and machine-readable format.
Right of rectification
At your request, we will correct inaccurate and incorrect personal data collected in our register.
Right of withdrawal
At your request, we will delete all personal data concerning you from our register, unless we have a specific legal basis for retaining the data.
Right to restriction of processing
You can restrict our processing of your personal data if you have a legal ground to do so (e.g. inaccuracy).
Right to object
You have the right to object to the processing of your personal data for direct marketing purposes. If we contact you, the approach is likely to be by email. At the end of each of our direct marketing emails, there is a button that allows you to easily remove yourself from our direct marketing list.
Right of appeal
You have the right to refer your case to the supervisory authority if you believe that the processing of personal data concerning you is in breach of the relevant legislation. The national supervisory authority for personal data matters is the Data Protection Ombudsman, attached to the Ministry of Justice.