Processing of personal data
One4all Finland Oy (Business ID: 2437819-8) processes personal data on behalf of the controller when providing the controller with the Software as a Service services purchased by the controller.
The controller is responsible for processing personal data and determines the principles for processing personal data. If a data subject wants more information about the personal data processing conducted by the controller, the data subject should contact the controller.
1. How we process personal data
We process personal data in accordance with instructions provided by the controller. Additionally, we process personal data as required by applicable EU and Finnish legislation along with regulations and instructions issued by authorities.
We can process personal data on behalf of the controller when, for example, the controller transfers resident information to a housing company’s digital notice boards or deploys an app for data subjects that requires identification of data subjects. We can also process personal data on behalf of the controller when a data subject books a space or utilities managed by the controller, the data subject pays for a space reservation or register and/or log into the One4all manager management system (”Service”).
2. How we use personal data and our justification for processing personal data
We process personal data to fulfil our contractual obligations to the controller, such as providing a Service purchased by the controller to the controller.
The controller specifies the legal basis for processing of personal data. We only process personal data for the purposes specified by the controller. We only process information relevant to the purposes specified by the controller.
3. Which personal data we process
The controller determines the personal data we process. The controller may require that we process, for example, the following personal data:
– Name, address, email, phone number
– User ID and password, along with login event data
– Any identifiers related to access control
– Booking data for shared spaces, along with invoicing and payment data
– Any other information related to communications, information concerning service use, any data subject
consents, and other additional information provided by the controller.
4. How we protect personal data
We take the appropriate measures to keep the personal data safe and to secure its usability, availability, integrity and security.
Outsiders do not have access to our information systems, and all information in our data file is always protected with passwords, system redundancies and hardware and software firewalls. Data storage is secured with backups. Any manual materials are stored in a locked space, with access only by individuals with the right to process personal data by virtue of their duties and the service provider commissioned by the controller.
5. Who is personal data disclosed to
Personal data is used by the controller. We may disclose your personal data to competent authorities when required or permitted by current legislation.
We also disclose personal information within the framework of the current legislation to subcontractors obligated to only process data on behalf of the controller.
The controller determines whether data can be transferred outside EU/EEA.
6. Retention period for personal data
We retain personal data only as long as necessary to fulfill the purposes determined by the controller unless legislation requires otherwise.
7. Data subject’s rights
The data subject may inquire about the data subject’s rights and the use of said rights from the controller. The controller is responsible for processing personal data.