Drafted 9 Aug 2018
1. Data controller
Lingsoft Language Services Oy (0961030-7)
Kauppiaskatu 5 A
2. Contact person
The person in charge of data protection matters can be reached by email at tietosuoja [at] lingsoft.fi
3. Name of the personal data file
Lingsoft personal data file for job applicants
4. Legal basis and purpose for processing your personal data
The register is maintained for the purpose of storing job applications. In accordance with the EU General Data Protection Regulation, the legal justification for the processing of personal data is obtained when the data subject consents to the storing of their job application during the stage that the application is stored
Personal data is used during the initial phases of the recruitment process for new employees and subcontractors in order to collect their basic information and maintain contact with applicants.
5. Data content of the register
Basic applicant information: name, telephone number, email address, position being sought, and any attachments included in the applicant's form.
The data content of the register is stored in the manner specified by legislation that is in force at the time of writing.
6. Regular data sources
The personal data in the register is primarily collected from the data subject personally. Personal data can be supplemented and updated from the data controller’s own information system, the Population Information System, credit information registers and other similar public and private registers and information sources providing information services, and the data controller's partners.
7. Regular data disclosures and the transfer of data outside the EU or EEA
Only appointed persons may process data, and data is not disclosed outside the Lingsoft Group. The data controller may disclose data to public authorities within the limits permitted and required by valid legislation. Data will not be transferred outside the EU or EEA.
8. Register protection principles
Lingsoft only enters the data that is needed for the job application process in the register. The data controller ensures that the data can only be accessed by data controller personnel who require the data in order to carry out their work assignments. The confidentiality obligation of personnel processing personal data is stated in their employment or subcontracting agreements. Lingsoft's facilities are monitored and access to them is restricted.
A user ID and strong password are required in order to use the data in the register. Lingsoft's network is protected by a firewall and an intrusion detection system. All workstations are equipped with anti-virus protection, through which all email traffic is routed. Direct access to the register database is only available to technical maintenance personnel when they need to perform any necessary installation or troubleshooting tasks.
9. Right to the inspection and correction of data
Each and every data subject in the register has the right to inspect or update their data stored in the register as well as demand the correction of any erroneous information or supplementing of incomplete information.
If the data subject wants to inspect data concerning them that is stored in Lingsoft's recruiting data register or demand that said data be corrected, they must submit a written request to tietosuoja [at] lingsoft.fi. If necessary, the data controller may ask the data subject submitting a request to prove their identity. The data controller must respond to the data subject's request within the time period specified in the EU General Data Protection Regulation (one month).
10. Other rights related to the processing of personal data
Data subjects have the right to request the deletion of their personal data from the register. Data subjects also have other rights afforded to them by the EU General Data Protection Regulation, such as restrictions on the processing of personal data.
Requests concerning the recruiting data register must be submitted in writing to tietosuoja [at] lingsoft.fi. If necessary, the data controller may ask the data subject submitting a request to prove their identity. The data controller must respond to the data subject's request within the time period specified in the EU General Data Protection Regulation (one month).