1. Data Controller

Oy Kati Ab Kalajoki
Sievintie 286, 85160 Rautio
Y-tunnus 2934648-6
tietosuoja@oykatiab.com

2. Name of the Register

Job Applicant Register

3. Legal Basis and Purpose of Personal Data Processing

Oy Kati Ab collects personal data from job applicants for the purpose of contacting them regarding employment relationships.

4. Data Content of the Registerö

The information collected about job applicants includes: the position applied for, name, phone number, email address, education, driving license class, professional qualifications, previous work experience, language skills, validity periods of any certificates, potential start date, and a free-form description by the applicant. The data is retained for 12 months, after which it is securely destroyed.

5. Data Collection and Protection

The data stored in the register is obtained from the employee https://www.oykatiab.com/tyonhakijalomake page. Please do not enter sensitive data on the form.

Data will not be disclosed to parties outside Oy Kati Ab, nor outside the EU or EEA.

The personal data provided by the form users is kept confidential. The use of the register is instructed within the data controller’s organization, and access to the register is restricted so that only those employees who have the right and need to use the data for their duties can access it. Personnel handling personal data are bound by confidentiality.

6. Right of Access and Right to Request Correction

Every person in the register has the right to inspect their stored data and to request the correction of any incorrect or incomplete data. If a person wishes to inspect their stored data or request correction, the request must be sent in writing to the data controller. The data controller may request proof of identity if necessary. The data controller will respond within the timeframe set by the EU General Data Protection Regulation (usually within one month).

7. Other Rights Related to Personal Data Processing

A person in the register has the right to request the erasure of their data from the register (“right to be forgotten”). Registered persons also have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may request proof of identity if necessary. The data controller will respond within the timeframe set by the EU General Data Protection Regulation (usually within one month).