Privacy policy

The register of the Reliable Partner and Tilaajavastuu.fi services of Suomen Tilaajavastuu Oy

  1. Controller of the File

Suomen Tilaajavastuu Oy (2327327-1)

Contact details

Tarvonsalmenkatu 17 B, 02600 Espoo

tel. 0600 301339

asiakaspalvelu(at)tilaajavastuu.fi

  1. Person in Charge of the Data File

Administrative Manager Annina Mäki

Contact details:

Tarvonsalmenkatu 17 B, 02600 Espoo

tel. 040 351 6409

annina.maki(at)tilaajavastuu.fi

  1. Name of the Data File

The register of the Reliable Partner and Tilaajavastuu.fi services of Suomen Tilaajavastuu Oy.

  1. Purpose of the Data File

The data file is used to operate the Reliable Partner service and other Tilaajavastuu.fi –services (”Services”). The data contained in the file is published in the Service and disclosed to other users of the Service according to the proxy given by the business customer to the controller of the data file.

The data file is also used to maintain customer data for invoicing, register development, fault correction, credit control as well as to check the correctness of company information for customer relationship management and for the marketing of other services provided by the controller of the data file and/or their collaborative partners.

  1. Contents of the File

The file contains the name, postal address, email address, phone number, business ID as well as information on the Board of Directors and the Managing Director (if applicable) of the business customer. In addition to the aforementioned information, the file stores the username and password of the main user of the registered business customer.

Information collected through the proxy process on the authorizing company and its signatory is also stored in the file. This information is transmitted to the pension insurance company and Tax Administration. Through these sources, the file stores the business ID and name from the Tax Administration, the business ID and name from the pension insurance companies, the business ID and name from the accident insurance companies, the name and personal identity code from the register on bans on business operations, as well as the company name and information on the Board of Directors and the Chief Executive Officer (if applicable) from the Construction Quality Association (Rakentamisen Laatu RALA ry). For an additional charge, the file stores a credit report from Bisnode Oy. The customer supplies the information on applicable collective agreements themselves. Personal information for Estonian companies are received from the Estonian Trade Register, MTR Majandustegevuse register, as well as the Estonian police and Ministry of Justice. This information is made public in accordance with Estonian legislation, meaning that the information contains Estonian personal identity codes and addresses.

Cookies are used to identify a user in the Service. The use of cookies is common in online services. Cookies are software technology that assist with the use of the Service by modifying the content according to the user’s preferences. The user can set their Internet browser to disable cookies altogether or to notify them when cookies are received.

The user has the right to view the information regarding themselves saved in the file. This can be done by contacting the administrator of the file.

The controller of the file carries out reasonable steps to protect the user’s personal information from misuse, loss and unauthorized access.

  1. Regular Data Sources

Finnish companies:

– Bisnode Finland Oy supplies the following information based on a cooperation agreement: The Business Information System details and bans on business activity.

– Suomen Asiakastieto Oy supplies the following corresponding information based on a cooperation agreement: corresponding information to Trade Register extract.

– The Finnish Patent and Registration Office supplies the following information based on a cooperation agreement: the Trade Register extract.

– Rakentamisen Laatu RALA ry supplies the following information based on a cooperation agreement: the RALA report.

– The Tax Administration supplies the following information based on a cooperation agreement: the tax payment information of companies.

– Pension insurance companies supply the following information based on a cooperation agreement: employees’ pension insurance payment information.

– Finnish accident insurance companies supply the following information based on a cooperation agreement: validity of compulsory accident insurance. Some also supply information on voluntary accident insurances.

Estonian companies:

– Maksu- ja tolliamet (Estonian Tax and Customs Board) supplies information on companies’ enforcement debts and neglected payments, bankruptcies, official announcements and VAT data.

– MTR Majandustegevuse register supplies information on special licenses regarding certain professions.

– Estonian Trade Register supplies trade register information, financial statements, present and former members of the Boards of Directors.

– The Estonian Credit register supplies information on the connections of the members of Boards of Directors with other companies.

– Police and the Ministry of Justice supplies information on criminal convictions of the members of Boards of Directors.

All aforementioned sources are public information sources.

Part of the information is supplied by customers, such as information on collective agreements. A further data source is data created in connection with providing or maintaining the service.

  1. Regular Data Disclosures

Information is disclosed to the registered users of Tilaajavastuu.fi service and other online services provided by Suomen Tilaajavastuu Oy. In addition, Reliable Partner programme’s full contractor’s liability reports, report extracts or compliance summaries may be disclosed through selected third party company information services and other online services provided that providers of such services are located within the European Economic Area, The information is disclosed electronically in encrypted form, or by letter. Customer information can be disclosed by order or request for assistance by the authorities.

  1. Transfer of Data outside the EU or EEA

Other than in the aforementioned manner, data is not disclosed to third parties from the file. Data is not disclosed outside of the European Union or European Economic Area except, within the limits of the Personal Data Act and the authorization given to the controller of the file by the business customer, to companies registered as service users that require information in order to fulfill the legal and contractual obligations related to their business activities in Finland.

  1. Changes and Updates

The file can be updated periodically without a separate notice, and changes that have occurred are later reported with a “latest update” notice. Refer to this page to keep up-to-date with changes. Persons using the Service accept changes to the Service by continuing to use the Service.

  1. Principles of Personal Data File Security

Both manually handled data and electronically saved data are protected in accordance with the principles laid down in the Finnish Information Society Code as well as the regulations and instructions by Finnish Communication Regulatory Authority. All data is stored in electronic format.

Proxies are archived both electronically and as hard copies.

The register resides on a protected server in Finland.

  1. Date of Entry into Force

The date the file has entered into force is on April 24th, 2012. Latest update on April 11th, 2017.


Privacy Policy

Veronumero.fi services
The privacy policy for the employee register of the Veronumero.fi Service

The maintenance of the Veronumero.fi Service as well as the processing and registering of the personal data you have provided is in compliance with the Personal Data Act and legislation in force in Finland.

Personal Data Act (523/99) 10 §

In the data file, a user representing the controller of the file and a customer are referred to with the term (“User”).

In the data file, the Veronumero.fi Service is referred to with the term (”Service”).

  1. Controller of the Data File

A company that has ordered the Veronumero.fi Service acts as the controller of the file (“Controller”).

Suomen Tilaajavastuu Oy is responsible for the operative upkeep and management of the file (“Administrator”, operative upkeep)

Business ID: 2327327-1

Contact Details: Tarvonsalmenkatu 17 B, 02600 Espoo

  1. Person in Charge of the Data File
    Deputy managing director Mika Huhtamäki
  2. Name of the Data File

The employee register of the Veronumero.fi Service.

  1. Purpose of the Data File

The data of the register is used, inter alia, for the following purposes:

  • Fulfilling the legal obligations in the Act governing the use of Tax Numbers (TNs) and the public register of TNs.
  • Fulfilling the legal obligations in the Act on Assessment Procedure
  • Fulfilling the legal obligations in the Occupational Safety and Health Act
  • Fulfilling the obligations required by the project supervisor and the contractor
  • The identification of persons at a construction site by the project supervisor
  • Reporting to the Tax Administration
  • Reporting to the supervising authority
  • Construction site-specific reports on the induction andtuntu site pass of individual persons
  • For contacting, if necessary
  • The testing and development of services and systems
  • For management tasks

The Administrator upkeeps the file and performs tasks authorized by the Controller on behalf of and for the Controller. The Controller and the Administrator can disclose personal data to construction sector operators for the purpose of implementing compliance with obligations. Personal data is not disclosed to third parties, unless it is required by law or any other provision. Necessary information can be also be disclosed to the Controller’s or Administrator’s service providers and consultants for the purpose of fulfilling legal obligations. The Controller and the Administrator can disclose data to their subsidiaries and sister companies in compliance with the Personal Data Act. Furthermore, the Administrator can use and disclose data from the file to the extent contained in the Personal Data Act to market services provided by the Administrator and/or its cooperation partners to the Controller.

The Service saves and retains data delivered by the Controller via or otherwise reported in the Service, as long as the Controller is registered in the service. When the Controller terminates the use of the Service, the personal data is retained for 5 years by the Administrator, to allow the Administrator to answer potential questions/inquiries made by the Controller within the framework of the use of the aforementioned register. After the five year period, the Controller’s personal data in the Administrator’s information system is destroyed, excluding the data that must be retained according to the law.

  1. Contents of the File and Supervision

The first name and surname, birthdate, Finnish personal identity code, foreign personal identity code, home country address, foreign address, tax number, photograph, municipality of residence, phone number, email address, name of employer and Business ID of the employees of the Controller.

In addition, the passwords of Service Users (users that log into the service) are stored. The User is identified by email address and password.

Cookies are used to identify the User in the Service. The use of cookies is common in online services. Cookies are software technology that assist with the use of the Service by modifying the content according to the User’s preferences. The User can set their Internet browser to disable cookies altogether or to notify them when cookies are received.

The User has the right to view the information regarding themselves saved in the file. This can be done by contacting the Administrator.

The Controller and the Administrator responsible for operative upkeep carry out reasonable steps to protect the user’s personal information from misuse, loss and unauthorized access.

  1. Regular Data Sources

The data source of the Service is the information provided through the registration process by the User and information possibly later supplied by the User, as well as information received from the Tax Administration on the correctness of the tax number.

  1. Regular Data Disclosures

Information is disclosed to customers who have entered an agreement with Suomen Tilaajavastuu Oy. The information is disclosed electronically in encrypted form, or by letter. Customer information can be disclosed by Suomen Tilaajavastuu Oy to the authorities by order of the authorities or their request for assistance.

  1. Transfer of Data outside the EU or EEA

Other than in the aforementioned manner, data is not disclosed to third parties from the file. Data is not disclosed outside of the European Union or European Economic Area except, within the limits of the Personal Data Act and the authorization given to the Controller, to companies registered as service users that require information in order to fulfill the legal and contractual obligations related to their business activities in Finland.

  1. Transfer of Service, Merger or Sale

If the Administrator or a part of its business is sold or merged with a third party, or the Service is transferred to a third party, the Administrator withholds the right, in all of these cases, to transfer or assign the information collected from the Controllers as part of the merger, sale, trade, transfer or other change of control.

  1. Changes and Updates

The file can be updated periodically without a separate notice, and changes that have occurred are later reported with a “latest update” notice. Refer to this page to keep up-to-date with changes. Persons using the Service accept changes to the Service by continuing to use the Service.

  1. Principles of Personal Data File Security

Both manually handled data and electronically saved data are protected in accordance with the principles laid down in the Act on the Protection of Privacy in Electronic Communications as well as the regulations and instructions by Finnish Communication Regulatory Authority. All data is stored in electronic format.

The register resides on a protected server in Finland.

  1. Date of Entry into Force

The date the file has entered into force is on April 24th, 2012. Latest update on October 21st, 2015.

 


Privacy Policy

The personal data file connected to the CRM System of Suomen Tilaajavastuu Oy

Personal Data Act (523/99) 10 §

  1. Controller of the File

Suomen Tilaajavastuu Oy (business ID 2327327-1)

Contact Details:

Tarvonsalmenkatu 17 B, 02600 Espoo

tel. 0600 301339

asiakaspalvelu(at)tilaajavastuu.fi

  1. Person in Charge of the Data File    

Administrative Manager Annina Mäki

Contact Details:

Tarvonsalmenkatu 17 B, 02600 Espoo

tel. 040 351 6409

annina.maki(at)tilaajavastuu.fi

  1. Name of the Data File

The personal data file connected to the CRM System of Suomen Tilaajavastuu Oy (hereafter “ST”), containing contact persons and users of the customers and potential customers of ST. Customers are companies or entrepreneurs. Registered persons are the employees or persons in charge of the customers and potential customers.

  1. Purpose of the Data File

Personal data is used to provide ST’s services to customers, and to manage, maintain and develop existing and potential customer relationships. ST can also use personal data for the marketing of ST’s or its collaborative partners’ services.

  1. Contents of the File

The information with the following content is processed in the customer register:

  • Name, business ID and contact details of the business customer
  • Basic information about the user or person in charge of the business customer, such as name, profession, postal address, email address, and phone number.
  • Data about the business customer’s contractual and customer relationship, such as information about acquired services and their start and end dates, information about the period of validity of certificates and qualification information available in ST’s services, and other information about customer service provision.
  • Information about the services’ billing and collection
  • Information about direct marketing prohibitions and consents
  1. Regular Data Sources      

Data sources are information provided by the customer and data created in connection with providing the services of ST.

  1. Regular Data Disclosures

ST can disclose information to its collaborative partners for direct marketing purposes within the limits of the legislation in force.

  1. Transfer of Data outside the EU or EEA

In principle, data is not disclosed outside of the European Union or European Economic Area, unless it is necessary for the technical implementation of data processing. ST can use subcontractors to process the information contained in the CRM System. Insofar as the subcontractors of ST carry out data processing outside of the European Union or European Economic Area, ST ensures an adequate level of data protection in accordance with the relevant legislation in force.

  1. Changes and Updates

The file can be updated periodically without a separate notice, and changes that have occurred are later reported with a “latest update” notice. Refer to this page to keep up-to-date with changes. Persons using the Service accept changes to the Service by continuing to use the Service.

  1. Principles of Personal Data File Security

All data is stored in electronic format. Access to the CRM System is only granted to employees, who have the right to handle customer data. Every user has their own username and password. Information is collected into databases that are protected by firewalls, passwords and other technical means.

  1. Date of Entry into Force

The date the file has entered into force is on April 24th, 2012. Latest update on October 21st, 2015.


Privacy policy Zeckit.com

Finnish only

  1. Date of Entry into Force
    The date the file has entered into force is on 1.12.2015. Latest update on 2.8.2016.

Privacy policy Taito competency register 

File description for the Competence Register, Taito service

The Competence Register service is maintained and the personal data you provide is processed and registered in accordance with the Personal Data Act and the Finnish legislation as it stands at any given time.

In the file description, the Competence Register service provided by Suomen Tilaajavastuu Oy is referred to as “the Service”, and “user” refers to a company that has entered into an agreement with ST on the use of the Competence Register or the Building Register service or another service using the data contained in the Competence Register service. “Employer” refers to a user who uses the Service to manage their employees’ professional competence information and shares this information with other users and third parties.

 

  1. Controller

The controller (“Controller”) is the employer that ordered the Service.

Suomen Tilaajavastuu Oy (“Administrator”) is responsible for the operational management and administration of the Service. The company’s Business ID is 2327327-1, and its address is Tarvonsalmenkatu 17 B, FI-02600 Espoo.

  1. Contact person

Mika Huhtamäki, Deputy CEO

  1. Name of register

Competence Register

  1. Purpose of register

The data contained in the register will be used for the following purposes:

  • Collecting, maintaining and using information about the professional qualifications of the Controller’s employees for the Controller’s internal purposes, such as the further development of their employees’ competence and professional qualifications.
  • Verifying that the Controller’s employee has valid professional qualifications required by the law or a contract, or other competences required for their tasks, and submitting this information to the client company serving as the Controller’s contract partner or the main implementing party or construction company operating on the joint construction site, or another contract partner, to ensure that statutory and/or contractual obligations are met and to ensure safety at work.
  • Reporting to the supervising authorities.
  • Making enquiries, if necessary.
  • Testing and developing services and systems.
  • Carrying out administrative duties.

The Administrator shall be responsible for maintaining the register and for carrying out tasks on behalf of the Controller, based on an authorisation granted by the Controller.

The Controller and the Administrator shall be entitled to disclose personal data (i) to the Controller’s contract partners, (ii) to parties with whom the Controller is negotiating a contractual relationship, (iii) for fulfilling the statutory obligations of parties operating in the construction sector or other sectors, (iv) to third parties acting on behalf of, and authorised by, parties specified in items (i) to (iii), and (v) to the supervising authorities when the current law so requires.

An employee may disclose their personal data to third parties by allowing a third party to read the data contained in their Valttikortti card, using a card reader compatible with the Service.

The Controller and the Administrator may disclose data to their subsidiaries and affiliates in accordance with the Personal Data Act.

In addition, the Administrator may use and disclose data contained in the register, to the extent permitted by current laws, for the purpose of marketing services provided by the Administrator and/or its partners to the Controller.

Professional competence information may also be disclosed by means of company-specific reports produced by the Administrator, without identifying the employee possessing the professional qualification (anonymised data). Furthermore, the Administrator may disclose anonymised data concerning the total number of the professional qualifications held by the Controller’s employees, in a manner that enables the anonymised data to be published via corporate information services and other online services provided by third parties in the EU and EEA areas.

Otherwise, personal data shall not be disclosed to third parties, unless so required by the law or another order.

The Service shall record and store the information provided by the Controller via the Service or otherwise announced in the Service for as long as the Controller is registered for the Service or has provided employee data via the Ilmoita service. When the Controller ceases to use the Competence Register service and the Ilmoita service, the Administrator shall store their data for a maximum period of fifteen years to enable the Administrator to meet their contractual and statutory obligations and respond to any questions or enquiries made by other users and/or the authorities concerning the Controller’s data, within the purpose of use described above for the register. After that time, the personal data provided by the Controller shall be removed from the register, excluding any data that must be stored based on the law.

  1. Data content and control

The Competence Register contains employees’ professional competence information that has been entered into the Service by the employer, as well as such professional competence information provided and maintained by third parties that is supported by the Service at any given time and is entered into the information for an employee included in the Ilmoita service directly by the third party that granted the qualification or maintains the competence information.

The data content of the register may be based on the information provided for the Ilmoita service of the Veronumero.fi service (e.g. first and last names of the Controller’s employees, dates of birth, Finnish personal identity codes, foreign personal identity codes, addresses in Finland, addresses abroad, tax numbers, photographs, places of residence, telephone numbers, email addresses, employers’ names and Business IDs), the information provided for other online services maintained by ST, and the following supplementary information:

  • Type of professional qualification (name)
  • Description of professional qualification
  • Holder of professional qualification
  • Code identifying a personal qualification, or other identification information, such as a card ID
  • Date of issuance, date of training, start date of qualification
  • Issuing party (person or organisation)
  • Validity of professional qualification, last date of validity
  • ID information for the person who entered or edited the qualification
  • Date when the qualification was last edited
  • Photograph of a document or card proving the qualification, if available
  • Valttikortti card ID
  • Valttikortti card bar code

In addition, the names, organisations, user IDs and passwords of the users of the Service (users signing up for the Service) shall be stored. Users shall be recognised based on their email addresses and passwords.

Cookies shall be used to identify users in the Service. Cookies are commonly used in online services. Cookies are a software technology that makes it easier for users to use the Service by modifying the content in accordance with their preferences. Users may configure their browsers to reject cookies or notify them when cookies are being used.

Employees and other users shall be entitled to review the information that has been stored about them in the register. They may do so by contacting their employer, who serves as the controller. Other users may review their information on the user pages of the Service or by contacting the Administrator.

The Controller and the Administrator, who is responsible for operational management, shall implement reasonable measures to prevent the abuse and disappearance of data, as well as unauthorised access to the data.

  1. Regular sources of information

The sources of information for the Service include the Controller, who is the employer, and external service providers authorised by and acting on behalf of the Controller, as well as the authorities and other parties issuing professional qualifications, from whom the Controller may also collect information confirming the accuracy and validity of professional qualifications.

  1. Regular disclosure of information and the transfer of information outside the EU or the European Economic Area

Information shall be transferred outside the EU or the European Economic Area only in accordance with what is described in the special terms and conditions for the Service and/or to the Controller’s contract partners or with consent from an employee, by means of reading their Valttikortti card using a card reader compatible with the Service.

The data contained in the register shall not be disclosed to third parties outside the EU or the European Economic Area in ways other than those described above.

  1. Transfer of the Service, merger or acquisition

If ST or part of its business operations are sold to or merged with a third party or if the Service is transferred to a third party, ST shall, in all of these cases, reserve the right to transfer the agreement concerning the Service and the maintenance of the register to that third party.

  1. Changes and updates

The file description may be updated without notice at regular intervals, and the changes implemented shall be announced later by means of a “last updated” notification. Please check back on this page to keep up to date with changes. The user approves the changes by continuing to use the Service.

  1. Data protection principles

Electronically stored data has been protected in accordance with the Act on the Protection of Privacy in Electronic Communications and the regulations and guidelines of the Finnish Communications Regulatory Authority. All of the material is in electronic format.

The register is located on a secure server.

Registration for the Service takes place online when the user approves the terms and conditions for the Service and provides their contact and identification information.

  1. Date of entry into Force

The file description came into effect on 1 May 2015. Last updated: 3 April 2017.


THE USE OF COOKIES

The website of Suomen Tilaajavastuu group may use cookies. Cookies are small text files that save onto the user’s computer in order to create broader functionality on the website. Cookies do not collect or otherwise process personal data. If you do not want cookies to be used, you can disable them on your browser. In this case, the website may not operate as intended.

Further Information on Cookies

Cookies may occasionally be transferred to a visitor’s computer. Cookies may be used to collect the following information: the website from which you have moved to our website, the webpages of Suomen Tilaajavastuu Oy you have browsed and when you have browsed them, the browser you are using, the display resolution of your computer, the brand and model of your computer’s operating system, and the IP address of your computer i.e. the Internet address that you send data from and where the data is received.

Behavioral data may be collected by Suomen Tilaajavastuu Oy, its group companies, their service providers and third parties (advertisers and advertising networks, media and advertising agencies, measuring and monitoring services) on visits made to the websites of the Suomen Tilaajavastuu group. Suomen Tilaajavastuu group may also use behavioral data collected from websites other than its own.

With cookie-related information, the number of visits made to services can be monitored by the Suomen Tilaajavastuu group and its collaborative partners and analyzed to develop the Internet services into more visitor-friendly wholes. The abovementioned parties may use cookies to collect information about a visitor’s visits to the Suomen Tilaajavastuu group websites in order to target their advertising. The information collected through the use of cookies is used to produce targeted advertising based on the visitor’s interests for the websites of Suomen Tilaajavastuu group and their collaborative partners. When advertising is targeted by means of cookies, the visitor is neither identified nor is the anonymous data gathered on the visitor connected to personal data possibly obtained from the visitor in some other context.

Through, inter alia, physical, electronic and contractual means, Suomen Tilaajavastuu group strives to prevent unauthorized access to the abovementioned information. The intention is to commit third parties to existing legislation and self-regulations. The Internet is an open system and therefore Suomen Tilaajavastuu group does not monitor or answer for the practices of third parties.

The user can disable cookies by changing their browser settings so that the browser does not allow cookies to be saved. The visitor accepts that disabling cookies may, however, affect the functionality of some of th