Huld’s Privacy Statement

Privacy Statement according to the European Union General Data Protection Regulation (GDPR)

Published: May 15, 2018

Updated: October 23, 2020

1. Data Protection Principles in General

For Huld Oy, it is important to act responsibly and make sure that all personal data in our business is processed and protected in compliance with the required laws and regulations.

2. The Controller

Huld Oy, Keilasatama 5, FIN-02150 Espoo

Persons responsible for the data filing system:

3. Contact Information in Data Protection Related Issues

Any questions and/or requests related to data protection can be directed to marketing@huld.io.

4. Legal Basis of the Processing of Personal Data

According to the EU’s General Data Protection Regulation (GDPR), the following qualify for legal basis for the processing of personal data:

  • the (documented) consent of the data subject,
  • performance of a contract,
  • the controller’s legal obligation, or
  • the protection of legitimate interests.

5. Data Collection and Purposes

We collect personal data only for predefined purposes listed below.

Personal data is processed by Huld employees that take care of recruitment or customer relations, or participate in recruitment, sales, or marketing.

5.1 Prospective Employees

Why do we collect data?

Our goal is to make applying for a job a nice experience for all parties involved. To ensure this, it is necessary that communication between our company and the applicant runs smoothly and that we understand the applicant’s mindset and skills. Any personal data we receive via recruitment is used only during the recruitment process for contacting the applicant. Any information on the person’s skills and background is used only to evaluate the applicant’s suitability. Data is processed only in the extent that is necessary for recruitment purposes. Only recruiting managers and Human Relations personnel have access to the data. There are no disclosures of data to third parties.

What kind of data do we collect?

A Huld employee enters the following data of the applicant in our recruitment system:

  • First name, Last name
  • Address (Post Office)
  • Telephone number
  • E-mail address
  • CV
  • Application letter or Cover note (not obligatory)

We may also make complementary notes during a recruitment process or an interview. These are processed as a part of the applicant’s data in the recruitment system.

How and when do we collect data?

Any data mentioned above and stored in our recruiting system is provided by the applicant his- or herself. In principle, we do not collect and store data by telephone or e-mail. Instead, the applicant is always asked to provide the information via our recruitment system.

In case we receive information about the applicant’s skills or person during the recruitment meeting (such as CV in paper or calling/visiting cards), they are processed only by persons who take part in the recruitment process. All such data will be destroyed within 6 months from the meeting date unless the applicant qualifies for next stage in the recruitment process.

In case of open applications, the applicant’s personal data is completely deleted from Huld’s recruitment database within 6 months. In other applications, the data is deleted within 12 months.

5.2 Customers and Associate Partners

Huld Oy processes personal data of customers and associate partners for customer relations purposes, as well as for marketing and development of Huld services and events.

Regarding customers and associate partners, we may process the following personal data:

  • Of natural persons: First and last name and organizational position
  • Of natural persons: Contact information
  • Of business companies: Information of our customers or associate partners, complete with contact information
  • Information of ordered services, billing data, and other information connected with the customer relation and ordered services
  • Other data given by the person him- or herself
  • IP-address

Personal data is principally gathered during management of the customer relation, alternatively direct from the persons themselves, for example when participants register for an event by filling in their personal data or when we are contacted via our company website.

5.3 Other Contacts

We may process your personal data if you contact us by filling in the contact formula on our website, or when you participate in one of our events. In these cases, we may process the following personal data:

  • Of natural persons: First and last name and organizational position
  • Of natural persons: Contact information
  • Of business companies: Information of our customers or associate partners complete with contact information
  • Other data given by the person him- or herself
  • IP-address

In principle, we collect your data only when you personally give it to us. We can also collect your data (your IP-address) when you visit our website and have not disabled the use of cookies.

5.4 The Duration of Personal Data Processing

Huld stores the data as long as we have a statutory right or obligation to do so. We go actively through our database and erase any unnecessary or outdated data.

Data is not used for automated decision-making or profiling.

6. Cookie Policy

We use cookies on our website. Cookies are small data files that your browser places on your computer when you visit a website. Cookies help Huld collect and store anonymous data on our website visitors, for example by using Google Analytics. Cookies do not contain any information that could be used to personally identify you. Cookies provide information that Huld uses to for example make the website more user friendly, and to analyze site use.

We use the following cookies on our website:

  • Google Analytics
  • Hubspot
  • Social media plug-ins, such as LinkedIn, Twitter, Facebook, and Instagram

If you wish to deactivate our cookies in your browser, you can adjust your browser preferences. This can be done for a specific website, alternatively by deactivating cookies altogether.

7. Regular Disclosures of Data, and Data Transfer to Countries Outside the EU or EEA

There are no regular disclosures of data to other parties.

Your personal data is disclosed only to following parties:

  • The police, for criminal investigation purposes.
  • In projects that include marketing, to our associated partners who analyze, print, or distribute marketing material.

We may disclose your personal data to our associate partners who act as data processors. These processors, that is, our associate partners that process personal data on our behalf, are bound by a contract with Huld. A contract ensures Huld has the right to oblige its associated partners to follow the European Union General Data Protection Regulation (GDPR). Our associated partners are not allowed to use the data in our filing system for any other purposes than those contracted with Huld for a specific order of trade.

8. Principles Applied to the Protection of the Filing System

The processing of personal data in our filing system is carried out with due care. Appropriate measures are taken to protect the data that is processed through information systems. In case personal data is stored on Internet servers, appropriate measures are taken to ensure the physical and digital data security of such equipment. Huld Oy ensures that the stored data, server user rights and other data that is critical for the security of personal data are processed in confidence and only by employees whose work duties require them to do so.

9. What Are Your Rights Related to the Processing of Personal Data?

9.1. Right to Verify Data, and Right to Rectification

All data subjects have the right to verify their data stored in the filing system and obtain from the controller the rectification of any incorrect information or the completion of any incomplete personal data. If data subjects want to verify their personal data stored in the filing system, requests concerning such verification must be sent to in writing to marketing@huld.io. The data controller may require the requester to provide proof of identity if necessary.

The data controller will respond to the customer within the time limit set out in the EU’s General Data Protection Regulation (in general, within one month).

9.2. Right to Be Forgotten

Data subjects have the right to request from the controller the erasure of personal data concerning them (“the right to be forgotten”). Furthermore, data subjects have other rights, as set out in the EU’s General Data Protection Regulation, including the right to restriction of the processing of personal data in certain circumstances. Such requests must be sent to the data controller in writing. The data controller may require the requester to provide proof of identity if necessary.

The controller responds to the data subject within the time limit specified in the European Union General Data Protection Regulation (in general, within one month).

9.3. Right to Data Portability

You have the right to receive your own personal data that you have provided to us in a structured, commonly used format so that you can transmit your data to another controller. Such requests must be directed to the address given in this Privacy Statement.

9.4. Right to Complaint

The data subject has the right to lodge a complaint with a supervisory authority. In Finland, the supervisory authority is The Office of the Data Protection Ombudsman.

10. Changes to This Privacy Statement

We reserve the right to make changes in this Privacy Statement. This statement will be updated whenever principles for processing of personal data, alternately the legislation applicable, are updated or changed.