Customer relationship management and stakeholder contact information register
1 Introduction
Protecting your privacy and the transparency of the processing of your personal data are important to the Fintraffic Group. The purpose of this privacy statement is to inform you of the processing of your personal data in the use of the customer relationship management system. The personal data is used for communication between stakeholders and Fintraffic Road. Personal data of customers or designated stakeholder representatives is processed for identification and contacts (tenders, agreements and services).
2 Controller
Fintraffic Road Ltd
Palkkatilanportti 1, 00240 Helsinki, Finland
+358 29 450 7000
You can contact the controller’s representative by email at digipalvelut@fintraffic.fi
You can contact the Group’s data protection officer by email at privacy@fintraffic.fi or by phone at +358 29 450 7000.
3 Categories of data subjects and personal data we process
Categories of data subjects
- Employees of cities and other municipalities
- Suppliers’ representatives and contact persons
- Consultant contractors
- Authorities
Personal data to we process
- Name
- Phone number
- Workplace
- Title
4 Purpose and legal basis of processing
Enabling communication and disseminating information to the right persons in the communication between stakeholders and Fintraffic Road Ltd.
Legitimate interests of the controller based on Article 6(1)(f) of the EU General Data Protection Regulation (EU) 2016/679 are used as the legal basis for the processing of personal data.
5 Disclosure of data and data recipients
No personal data is disclosed to parties outside Fintraffic Road Ltd.
Your personal data is not transferred outside the EU or the EEA.
6 Data storage
Your personal data will be processed for 18 months from the moment of recording. When the legal basis for processing no longer exists or your personal data is no longer needed for the original purpose, your data will be destroyed in an appropriate manner.
7 Protection of personal data
The controller has access to appropriate technical and organisational personal data protection measures. The controller uses these protection measures to ensure that your personal data is not accidentally or unlawfully destroyed, lost or changed. The controller also takes measures to ensure that no data is disclosed unlawfully and it cannot be accessed by parties that do not have any right to process the data.
Your personal data is protected through proactive risk management and security planning, data traffic protection measures, continuous maintenance of information systems, backup, and the use of secure equipment facilities, access control and security systems.
8 Rights of the data subject
You have the right to
- receive information on the processing of your data and to access your data;
- request the rectification of your data;
- request the erasure of your data;
- request that the processing of your data is restricted to its storage; and
- object to the processing of your data.
9 Referral to the Data Protection Ombudsman
If you feel that your personal data has been processed in violation of the data protection legislation, you have the right to submit a complaint to the supervisory authority. The Office of the Data Protection Ombudsman acts as the competent supervisory authority in Finland.
Street address: Lintulahdenkuja 4, 00530 Helsinki, Finland
Postal address: PO Box 800, 00531 Helsinki, Finland
Switchboard: +358 29 566 6700
Registry: +358 29 566 6768
Email (registry): tietosuoja(at)om.fi
However, we would appreciate if you can first notify the controller of the matter. For more information on the data subject’s rights, please see https://tietosuoja.fi/en/private-persons
This privacy statement is valid as of 14 February 2024.