Solita’s privacy statement
We care about your privacy and right to data protection. The following includes information on how Solita Oy and/or its affiliates (“Solita” or “we”) and our authorized partners collect and use your personal data when we process your data and the rights you have in relation to the processing of your personal data. We process your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws and regulations.
We may update this Privacy Statement from time to time to reflect changes in our operations and/or applicable law. We recommend that you revisit this site from time to time to see the latest version.
Collection of personal data
We process personal data received through Solita’s websites, our online services, and interactions with customers, partners and other stakeholders.
We may collect personal data on our website so that we can provide our visitors with a better experience, improve relationship management and care, and enable contacts required by the service.
We may also collect your personal data when you subscribe to our marketing emails, purchase or use our services or interact with us in any other way. We use a customer management database to manage and track our sales and marketing activities. We also have a recruitment register to process and store information about individuals who are being considered to be hired as new employees to Solita Group companies.
Collected personal data and how it is used
Solita and our authorized partners may process your personal data e.g. name, title, company, email address, physical address, phone number, education, username, invoicing information or other similar relevant information for the following:
- Providing products and services to you
- Communicating with you and providing you with requested information or facilitating meetings or other events
- Operating and managing our business operations including processing personal data as part of surveys or research, data analytics, marketing research or other purposes
- Managing our contractual and/or employment relationship with you
- Recruitment
- Complying with legal requirements
- Monitoring use of our systems
- Marketing our products and services
- Reviewing of sanctions lists and other relevant sources for compliance purposes
Processing of your personal data may be based on a contractual relationship, legal obligation, your consent, or our legitimate interest to enable us to conduct and maintain our business operations effectively.
Data protection and retention
Personal data is kept technically and organisationally protected. The level of security is audited at recurring intervals by carrying out either an external or internal audit.
Access to personal data is restricted on a need-to-know basis to individuals (Solita employees and authorized partners) who need to access the data in order to fulfill the tasks and duties related to their role within and with Solita.
Solita stores personal data for as long as is necessary for the purpose for which the information was collected, within the limits of the applicable legal and regulatory requirements.
Data sharing and international transfers
Personal data can be shared within Solita Group regardless of the affiliates’ location and with Solita’s subcontractors for the purposes mentioned above.
We also use third-party service providers who may have access to personal data as part of technical, maintenance, user analysis, research, statistical and marketing services they provide to Solita. Such third parties are only allowed to process your personal data to the extent necessary for them to provide the service we have requested from them.
Adequate data processing agreements ensure that the personal data is treated lawfully and in compliance with Solita’s instructions.
We may also transfer your personal data to countries outside the European Union and the European Economic Area, such as the United States. When personal data is transferred outside the EU or the EEA, Solita uses appropriate safeguards, such as the standard contractual clauses provided by the EU Commission.
Access to personal data and other rights
You have a right to inspect, correct and request erasure of your personal data. You may also request to restrict and object to the processing of your personal data if it could compromise your rights to privacy. All related requests must be made in writing to Solita. Contact details are available below.
You may be requested to verify your identity, specify your request, and may be asked for more information about your request.
We will respond as soon as possible. If Solita for some reason disagrees with your request, we will state our reasons for doing so. If you feel that your personal data has not been processed in a lawful manner, you may bring the matter to the attention of the relevant data protection authority.
Contact information
If you have questions about our Privacy Statement or Solita as a data controller, please email to [email protected].
Other information
Data controller:
Solita Oy
Peltokatu 26
33100 Tampere
Finland
Contact:
[email protected]
Latest update: May 2023
Recruitment and job candidate privacy statement
When you apply for a job with us or when we contact you about job opportunities, Solita Oy and its group companies (“Solita” or “we”) will process your personal data. This privacy statement informs you about how we handle your personal data in our recruitment activities.
1. Controller(s) and contact information
Solita Oy, in addition to the Solita company recruiting for the position, is responsible for the use of your personal data as a data controller.
For any questions or concerns regarding your data, please contact your Solita recruitment contact person or use the contact details below.
Solita Oy (Business ID: 2905040-7)
Peltokatu 26, 33100 Tampere, Finland
[email protected]
2. When and why do we process your personal data?
When you are part of our recruitment process, either by submitting a job application or if we contact you through a direct search initiative:
- What data we collect: We gather basic details like your name and contact information, your job history and education, skills, and any other information you provide. Sometimes, we’ll also note down things from interviews or conduct checks on your references and background. If you are asked to take a personality and/or aptitude test, we’ll additionally process information about the results of the tests completed.
- Why we do it: This information is needed to manage who we’re considering for a job, evaluate your suitability for the role and ultimately to make a hiring decision.
- Legal basis: We do this with your consent or due to our legitimate interests in managing the recruitment process. At later stages of the recruitment process, the use of your personal data becomes necessary to take steps to enter into an employment contract with you.
- Personality and aptitude tests: To help us make hiring decisions, you might be invited to complete skill, cognitive ability or personality assessments. These tests will be carried out on external platforms indicated by us.
- Additional checks for some positions: We may perform reference checks to verify your qualifications and learn more about your experience and skills. For certain roles that require high level of trust, we might also do a background check against certain datapoints to ensure your trustworthiness. We will ask a separate approval from you before doing such background checks.
- How long do we keep information: If you don’t end up working with us, we’ll only keep your information for as long as we need to in case of any legal claims that might come up. This time varies (depending on the country in question) but won’t be more than 2 years after we finish the hiring process. However, in any case, information about personality and aptitude test results we’ll keep only for a maximum period of 1 year.
- Getting ready for your new job: If you are hired, we’ll use your information to get everything ready for your start, like your employment contract and setting up your profile in our HR system.
If one of our Solita colleagues shares your information as a recruitment referral:
- What data we collect: We receive your name, contact information, and possibly your job and education information as provided by our employee. This may also include any extra information the Solita employee might provide (such as relationship with you).
- Why we do it: We use this information to potentially find new team members from within our current employees’ circles. If we deem your profile suitable and you’re interested to proceed with us, we’ll use your information just like we explained above with respect to our recruitment processes.
- Legal basis: Our legitimate interests to identify and connect with great talent who, we believe, are more likely to align with our culture and values through referrals from our current employees. Our employees’ referrals also support our interest in finding new talent in a cost-effective manner.
- How long do we keep information: If you decide not to move forward with us in an official recruitment process, we’ll either delete or anonymize your information, unless you consent to us keeping your information as part of our database of potential candidates (see more below). Similarly, if we deem your profile not suitable to our present needs, but potentially for future job openings, we may include your information in our database of potential candidates (see more below), unless you opt-out.
If we find you through publicly accessible sources (such as LinkedIn) or keep your information for future opportunities:
- More info about the context: We can use publicly accessible professional sources to add your professional information to our database of potential candidates. Similarly, if you don’t get hired, we may ask to keep your information as part of this database.
- What data we collect: This includes your name, contact information, and any work or education history available on public platforms like LinkedIn.
- Why we do it: We use this information for the purposes of talent sourcing and maintaining a database of potential candidates.
- Legal basis: We do this with your consent and/or because it’s in our legitimate interests to identify and connect with quality talents.
- How long do we keep information: We only hold onto information about potential candidates for as long as it is necessary to fulfil the purpose of processing. Once we see that your details aren’t relevant anymore or are out of date, we will make sure to remove them right away. We are also constantly checking our database to keep it up to date, so if any information is not needed anymore, we will delete it as a result.
If you sign-up to our Talent Community Newsletter:
- What data we collect: Just your name, email, and country. Other information can be provided voluntarily.
- Why we do it: To let you know about job openings and events at Solita through the newsletter.
- Legal basis: We do this only with your consent.
- How long do we keep information: We will keep your information for as long as you are subscribed. In addition, if we notice that your contact details are not current anymore—like if a newsletter gets bounced back—we will delete your information.
3. Does our recruitment chatbot produce automated recruitment decisions?
The recruitment chatbot on our job openings website is there to make applying for jobs easier and faster. Here’s how it works from data protection perspective:
- What the chatbot does: The chatbot helps you find job openings with us. You can tell it about your work experience, education, skills, and what type of work you’re looking for. No need to upload your CV to apply.
- It does not make any hiring decisions, nor does it perform screening or rankings: The chatbot uses automation to understand and respond to your answers. But don’t worry, it’s not deciding if you get the job, nor does it perform any candidate screening or ranking. Its job is just to guide you to the right open positions based on what you tell it.
- Helping you to apply: Think of the chatbot as your first step in getting to know us. It’s about giving you information and saving your time while applying.
4. Who do we share your information with?
Sometimes, we need to share your information with others to help us fulfil the purposes outlined in this statement. Which recipients we share your information with depends on how you interact with us. Here’s a summary of recipients that might process your information:
- IT system service providers: We use IT system service providers to process personal data for the purposes described in this statement. We use companies like Greenhouse Software, Inc. to provide us with a recruitment platform for managing your data. In addition, we use professional personality and aptitude test service providers that provide us with their testing platform.
- Recruitment agencies: Sometimes, we get help from recruitment agencies. They can assist us in finding the right candidates, especially for specialized roles or direct searches.
- Background check agencies: For certain jobs, we need to verify your background. We work with companies that specialize in this to make sure everything checks out.
- Solita Group companies: Solita companies collaborate with each other in recruitment activities, and therefore we can share personal data between them.
5. Do we send your data outside the EU?
Sometimes, we might need to send your information to places outside the European Union (EU) or the European Economic Area (EEA). Here’s what you should know about this:
- Staying local when we can: We try our best to keep and process your data only within the EU/EEA. But occasionally, we might need to allow data transfer outside EU/EEA.
- Transfers due to the operations of our service providers: If your data is transferred to countries outside the EU/EEA, it happens because one of our service providers has operation centres in such countries.
- Keeping your data safe: We use special agreements to make sure your data is as safe as it would be in the EU/EEA. We generally rely on the EU Commission’s adequacy decisions or standard contractual clauses to make sure your data is handled safely.
- Ask for more: If you are curious about where exactly your data is going and how we’re keeping it safe, contact us using the contact details provided.
6. Your rights
You have the following rights:
- The right to access your data.
- The right to rectify your data.
- The right to erase your data.
- The right to object to the processing of your data.
- The right to restrict the processing of your data.
- The right to data portability.
- The right to withdraw your consent.
- The right to launch a complaint with your local data protection authority or the Finnish data protection authority that governs us (www.tietosuoja.fi/en/private-persons).
7. We may update this privacy statement
We may occasionally update the information provided in this statement. The latest version will be published and available on this page and/or other relevant communication channels.
Latest update: March 2024
Solita’s Business Partner Privacy Statement
We care about your privacy and right to data protection. The following includes information on how Solita Oy and/or its affiliates (“Solita” or “we”) and our authorized partners collect, use and process personal data of our customers, potential customers, vendors and other business partners and their representatives with whom we have a business relationship or aim to develop one. Thus, the individual situations in which personal data is being processed may vary, but this Privacy Statement aims to give a general understanding of the processing of your personal data. Below we also describe the rights you have in relation to the processing of your personal data.
Personal data means any information that can be used to identify a person directly or indirectly either provided by you and/or obtained through other means. We process your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws and regulations.
We may update this Privacy Statement from time to time to reflect changes in our operations and/or applicable law. We recommend that you revisit this site from time to time to see the latest version.
Collection of personal data
In order to carry out and maintain our business operations and relationships, we need to collect and process, among other information, certain personal data related to you. Personal data is mainly collected directly from you or aggregated through other co-operation Solita has with you. We may also collect personal data from companies and other legal entities you represent as well as the websites of these entities. We may collect personal data also from other reliable public sources or third parties, such as the trade registers, industry or compliance databases. We use customer and partner management databases to manage our sales and marketing activities and to manage our partner relationships.
Collected personal data and how it is used
Solita and our authorized partners may process your personal data e.g., name, title, company, email address, physical address, phone number, username, invoicing information or other similar relevant information for the following:
- Providing products and services to you
- Communicating with you and providing you with requested information or facilitating meetings or other events
- Operating and managing our business operations including processing personal data as part of surveys or research, data analytics, marketing research or other purposes
- Managing our contractual and/or other relationship with you
- Monitoring use of our systems
- Marketing our products and services, including directly contacting you and sending you direct marketing communications
- Complying with legal requirements
- Reviewing of sanctions lists and other relevant sources for compliance purposes
Processing of your personal data may be based on a contractual relationship, legal obligation, your consent, or our legitimate interest to enable us to conduct and maintain our business operations effectively.
Data protection and retention
Personal data is kept technically and organisationally protected. The level of security is audited at recurring intervals by carrying out either an external or internal audit.
Access to personal data is restricted on a need-to-know basis to individuals (Solita employees and authorized partners) who need to access the data in order to fulfill the tasks and duties related to their role within and with Solita.
Solita stores personal data for as long as is necessary for the purpose for which the information was collected, within the limits of the applicable legal and regulatory requirements. Predominantly, personal data shall be deleted from the customer and partner registers ten years after the relationship between Solita and our Customer has ended. If the personal data is subject to longer statutory retention requirements, we comply with those requirements.
Data sharing and international transfers
Personal data from the customer and partner databases can be shared within Solita Group regardless of the affiliates’ location and with Solita’s subcontractors for the purposes mentioned above.
We may also use third-party service providers to manage customer and partner databases. Personal data from the customer and partner databases may be disclosed to our auditors, insurance companies and different governmental authorities/agencies (or similar) for the purposes of their regulatory tasks.
Third parties are only allowed to process your personal data to the extent necessary for them to provide the service we have requested from them. When data processing activities are outsourced to carefully selected third party service providers (such as IT service providers, marketing service companies, consultants) they operate as data processors on behalf of Solita under a specific data processing agreement and in compliance with Solita’s instructions.
We may also transfer your personal data to countries outside the European Union and the European Economic Area, such as the United States. When personal data is transferred outside the EU or the EEA, Solita uses appropriate safeguards, such as the standard contractual clauses provided by the EU Commission.
Access to personal data and other rights
You have a right to inspect, correct and request erasure of your personal data. You may also request to restrict and object to the processing of your personal data if it could compromise your rights to privacy. All related requests must be made in writing to Solita. Contact details are available below.
You may be requested to verify your identity, specify your request, and may be asked for more information about your request.
We will respond as soon as possible. If Solita for some reason disagrees with your request, we will state our reasons for doing so. If you feel that your personal data has not been processed in a lawful manner, you may bring the matter to the attention of the relevant data protection authority.
Contact information
If you have questions about this Privacy Statement or Solita as a data controller, please email to dpo (at) solita.fi.
Other information
Data controller:
Solita Oy
Peltokatu 26
33100 Tampere
Finland
Contact:
[email protected]
Latest update: May 2023
Whistleblowing centre
Read more here