Privacy policies

Palosaaren Yrityskeskus Oy’s privacy policies

Privacy policy for website users

Controller

Palosaaren Yrityskeskus Oy
Business ID 3255942-3
Wolffintie 36, 65200 Vaasa
https://www.pyk.fi

CONTACT PERSON IN MATTERS CONCERNING THE FILING SYSTEM

Service Coordinator Jenna Hoffrén
Vaasa Facilita Oy Ab
tel: 0400282440  
jenna.hoffren@vaasafacilita.fi

APPLICATION

This Privacy Policy describes how Palosaaren Yrityskeskus Oy collects and processes your personal data when you use the Palosaaren Yrityskeskus website at  www.pyk.fi.

COLLECTING PERSONAL DATA AND ITS USE

Palosaaren Yrityskeskus collects and processes the personal data of its customers and partners, for example for the purposes of managing the relationship between the customer and us, and for website analytics and visitor statistics.

Personal data is not used for automated decision-making or profiling.

DATA COLLECTED ON THE FORMS

Palosaaren Yrityskeskus processes the personal data that you provide to us when you fill in any of the forms on our website.

The following personal data may be collected using the forms:

  • Name, address, phone number and email address

The information submitted via the forms will be stored in the website database for no more than the next full calendar year after submission of the form.

WEBSITE COOKIES AND SIMILAR TECHNOLOGIES

Palosaaren Yrityskeskus’s website uses cookies and similar technologies. A cookie is a small text file that is stored on your device to collect and store information about the choices you make on a web browser.

Google Analytics 4: On our website, we use Google Analytics 4, a web analytics service that tracks and reports on the use of our website. The service stores your data for 24 months after your visit to the website.

Dealfront: On our website, we use the Dealfront service which collects information about visitors to the website at a company level. The service stores your data for 24 months after your visit to the website.

Our website also uses Google Tag Manager to manage cookies.

When you visit our website for the first time, we ask for your consent to use cookies. You can withdraw your consent to the use of cookies at any time by changing the cookie settings on the website. You can access the cookie settings from the gear icon at the bottom left of the page.

DISCLOSING OF PERSONAL DATA

Personal data may be processed by employees of the parent company Vaasa Facilita and its subsidiaries, as well as by employees of its affiliated company VP Facilities Oy Ab.

Personal data may also be processed by our service providers who provide us with, for example, IT and analytics services. Disclosures of personal data are always carried out in accordance with and within the scope of the currently valid data protection legislation.

Palosaaren Yrityskeskus may also disclose personal data in connection with a business reorganisation, merger or sale to a third party involved in these activities.

TRANSFERRING DATA OUTSIDE THE EU OR EEA

In principle, the data is not transferred outside the EU or EEA. Some of the products or services we use require data to be transferred outside the EU:

– Google Analytics 4
– Hubspot

These transfers are based on standard clauses approved by the European Commission.

PROTECTION OF PERSONAL DATA

The databases containing personal data are stored on a server in a locked room accessible only by designated persons authorised to access it due to the nature of their duties. The server is protected by an appropriate firewall and technical protection.

Access to the databases and systems is only possible with personal usernames and passwords, which are issued separately. The controller has limited the access rights and authorisations to information systems and other storage platforms in such a way that only persons necessary for the lawful processing of the data have access to and can process the data.

When transferring personal data, Palosaaren Yrityskeskus uses systems that are protected by separate access rights and that utilise technology to prevent the data from being viewed during the transfer. Data is transferred over encrypted connections that are protected, for example, by SSL encryption.

THE RIGHTS OF THE DATA SUBJECT

The data subject has the following rights bestowed on them by the EU General Data Protection Regulation:

Right of access: The data subject has the right to inspect the data concerning themselves and to request that any errors be corrected and incomplete data be supplemented.

Right to object: The data subject has the right to object to the processing of their personal data if the data has been processed unlawfully or without their consent.

Right of erasure: the data subject has the right to request the erasure of their personal data to the extent that the data is not necessary for the controller’s tasks.

Right to data portability: the data subject has the right to obtain the transferable personal data concerning themselves in a machine-readable form for transmission to another controller, if the data is transferable under the currently valid data protection legislation.

Right to lodge a complaint with a supervisory authority: The data subject has the right to lodge a complaint with the Data Protection Ombudsman if the data subject considers that the controller has infringed the applicable data protection legislation with regard to the processing of personal data.

PRIVACY POLICY FOR CUSTOMERS AND PARTNERS

Controller

Palosaaren Yrityskeskus Oy
Business ID 3255942-3
Wolffintie 36, 65200 Vaasa
https://www.pyk.fi

CONTACT PERSON IN MATTERS CONCERNING THE FILING SYSTEM

Service Coordinator Jenna Hoffrén
Vaasa Facilita Oy Ab
tel: 0400282440
jenna.hoffren@vaasafacilita.fi

COLLECTING PERSONAL DATA AND ITS USE

Palosaaren Yrityskeskus collects and processes the personal data of its customers and partners. The basis for keeping the filing system is the customer relationship, the consent of the individual to the processing of their personal data and/or the legitimate interest of the controller. Personal data is retained for as long as necessary for the purpose for which it is used. The retention period may also be affected by national legislation.

Examples of uses of personal data:

  • Customer relationship management (e.g. billing, customer service)
  • Provision and production of services, as well as marketing them and communicating about them
  • Ensuring customers’ legal protection and security, protecting property at the sites and preventing crime (key management, camera surveillance and access control)
  • Developing operations, data analysis and statistics

Personal data can be collected in several different ways. We collect and process, for example, personal data that:

  • You have revealed to us when dealing and communicating with us
  • Your employer has disclosed to us
  • Is generated when you visit our website
  • Is obtained from other data sources, such as public records

We collect and process, for example, the following personal data:

  • Name, contact information, title, employer, vehicle registration number
  • Communications and related correspondence
  • Access key identifiers, access rights and access events
  • Data collected through cookies

Personal data is not used for automated decision-making or profiling.

DISCLOSING OF PERSONAL DATA

Personal data may be processed by employees of the parent company Vaasa Facilita and its subsidiaries, as well as by employees of its affiliated company VP Facilities Oy Ab.

Personal data may also be processed by our service providers who provide us with, for example, IT and analytics services. Disclosures of personal data are always carried out in accordance with and within the scope of the currently valid data protection legislation.

Palosaaren Yrityskeskus may also disclose personal data in connection with a business reorganisation, merger or sale to a third party involved in these activities.

Palosaaren Yrityskeskus may be required by law to disclose personal data, either in connection with legal proceedings or at the request of public authorities.

TRANSFERRING DATA OUTSIDE THE EU OR EEA

In principle, the data is not transferred outside the EU or EEA. Some of the products or services we use require data to be transferred outside the EU:

– Google Analytics 4
– Hubspot

These transfers are based on standard clauses approved by the European Commission.

PROTECTION OF PERSONAL DATA

The databases containing personal data are stored on a server in a locked room accessible only by designated persons authorised to access it due to the nature of their duties. The server is protected by an appropriate firewall and technical protection.

Access to the databases and systems is only possible with personal usernames and passwords, which are issued separately. The controller has limited the access rights and authorisations to information systems and other storage platforms in such a way that only persons necessary for the lawful processing of the data have access to and can process the data.

When transferring personal data, Palosaaren Yrityskeskus uses systems that are protected by separate access rights and that utilise technology to prevent the data from being viewed during the transfer. Data is transferred over encrypted connections that are protected, for example, by SSL encryption.

Manually processed material is located in premises that are protected by physical security measures.

THE RIGHTS OF THE DATA SUBJECT

The data subject has the following rights bestowed on them by the EU General Data Protection Regulation:

Right of access: The data subject has the right to inspect the data concerning themselves and to request that any errors be corrected and incomplete data be supplemented.

Right to object: The data subject has the right to object to the processing of their personal data if the data has been processed unlawfully or without their consent.

Right of erasure: the data subject has the right to request the erasure of their personal data to the extent that the data is not necessary for the controller’s tasks.

Right to data portability: the data subject has the right to obtain the transferable personal data concerning themselves in a machine-readable form for transmission to another controller, if the data is transferable under the currently valid data protection legislation.

Right to lodge a complaint with a supervisory authority: The data subject has the right to lodge a complaint with the Data Protection Ombudsman if the data subject considers that the controller has infringed the applicable data protection legislation with regard to the processing of personal data.

PRIVACY POLICY FOR CAMERA SURVEILLANCE

CONTROLLER

Palosaaren Yrityskeskus Oy
Business ID 3255942-3
Wolffintie 36, 65200 Vaasa

CONTACT PERSON IN MATTERS CONCERNING THE FILING SYSTEM

Property Manager Pekka Volama
tel:  050 538 0609
pekka.volama@pyk.fi

THE PURPOSE OF PROCESSING PERSONAL DATA

Recording camera footage is collected in the area surrounding Palosaaren Yrityskeskus Oy’s property on Wolffintie.

Camera footage is collected to protect the company’s own property and that of its tenants in the area, and to prevent, detect and analyse potential dangerous situations.

DATA CONTENT OF THE FILING SYSTEM

The data content of the filing system consists of images (video) transmitted by several recording cameras. The average data storage time is 1 month. If a report of vandalism or some other crime is received during the data storage period, the recording will be stored for the time required to solve the crime.

REGULAR SOURCES OF INFORMATION

The data is obtained from several company-owned cameras in the area. There are signs at the site informing people about the camera surveillance.

REGULAR DISCLOSURE OF DATA

The footage is not regularly disclosed to third parties. Data in the filing system may be disclosed within the same group when necessary for the processing purposes described in this Privacy Policy. Camera surveillance data may also be disclosed to the authorities.

The data is not transferred outside the EU or EEA.

PRINCIPLES OF FILING SYSTEM PROTECTION

The filing system of camera surveillance recordings is password-protected. Only persons designated by the company have access to the data.

THE RIGHTS OF THE DATA SUBJECT

The data subject has the right to check the data concerning themselves in the filing system and to request that inaccurate personal data about them be corrected and that their personal data be erased from the filing system.

Requests to check, correct and erase personal data can only be made in person and should be addressed to the contact person of the filing system. The right to check the data can be exercised free of charge once a year.