Skip to the main content.
Ota yhteyttä Avoimet työpaikat

Privacy policy

Helmitehdas Oy

Privacy policy
Helmitehdas Oy


Helmitehdas Oy
Bulevardi 16 B – 5 krs.

Controller contact person

Marjukka Nieminen

Collected personal data and purpose of processing

Helmitehdas Oy is a company that receives commissions to provide recruitment services to corporate customers. We collect and process personal data for recruitment activities and for communications and marketing relating to recruitment or employment relationships. When we search for job applicants based on a commission, we process personal data on behalf of our customer and in such cases, the customer is the controller.  

This privacy policy meanwhile applies to the situations wherein we have received consent from a job applicant to store their personal data which we can use for recruitment purposes. We inform the job applicant separately before we disclose the data to our customer. 

Personal data collection

We primarily collect personal data from the data subjects themselves. With their consent, they provide their personal data for Helmitehdas Oy’s digital database. We are a paperless office, so no data is received or stored in paper format. We collect the following personal data:

  • Basic personal information, such as name, preferred language, username and/or other identifier, password.

  • The data subject’s contact details, such as a private email address, private telephone number, home address.

  • Information relating to the data subject’s desired job, such as information about the job sought, including type and form of employment relationship, plus data pertaining to beginning work.

  • Information disclosed by the data subject in connection with the job application process and which pertains to suitability or other personal or background information, such as a photograph, information about studies and education, profession, job history (such as employers, start date and duration of employment relationships, and job descriptions), language proficiency, other areas of special expertise, a description of personal attributes, various certificates and evaluations, plus references to online portfolios, profiles, or other sources, as well as references and - with the data subject’s consent - personal assessments or suitability evaluations and related information.

  • Information pertaining to the progress of the data subject’s previous recruitment process, such as information about second interviews or suspension of the recruitment process.

  • Any other information that the data subject has themselves voluntarily disclosed in connection with the job application process or has otherwise explicitly published for professional purposes, such as a LinkedIn profile, or information separately collected by the controller with the data subject’s consent.

Storage and protection of collected personal data

Those of our employees whose job requires them to have the right to process applicant data are entitled to use the databases that contain personal data. The data file is protected by the necessary technical and organisational measures. Data is collected into databases which are secured by usernames, passwords, firewalls, and other technology.

The data file is stored on servers protected by a technical administrator and the digital connection is protected. The persons who process personal data are obligated to non-disclosure concerning the data they receive. Databases and their back-ups are located in locked spaces and only certain, named persons are allowed to access the data.

We store personal data in a digital archive for a maximum of 12 months. We regularly assess the necessity of storing the personal data with consideration for applicable legislation. In addition, we undertake reasonable measures to ensure that no personal data about the data subject is stored which is inappropriate with regard to the purposes of data processing, or which is obsolete or erroneous. We will rectify or destroy such data without delay.

Disclosure and transfer of personal data

Stored personal data is only disclosed to our customers with the data subject’s consent. Before data is disclosed, it is ensured that the stored personal data is up to date. Data is not disclosed outside of Finland or the EU.

When processing personal data, we make use of IT system provider services that act on our behalf. We have made the necessary personal data processing agreements with our subcontractors to ensure your data protection.

Information about the data subject’s data

The data subject has the right to access the personal data stored about them on the personal data file, and to request that erroneous, obsolete, or illegal information is rectified or erased. Where processing is based on consent, the data subject also has the right at any time to withdraw or amend their consent. Withdrawal of consent will not affect the legality of data processing carried out before the withdrawal of consent took effect. The data subject has the right to restrict or object to the processing of their personal data, and also to submit a complaint about the processing of their personal data to the supervisory authority.

For particular personal reasons, a data subject also has the right to object to processing measures that affect them if the basis for personal data processing is grounds of legitimate interest. In their notification, the data subject must outline the particular situation which is the basis for their objection to processing. We may decline to carry out objection-related requests in accordance with legal principles.

Contact person

All contact and requests relating to this policy must be submitted in writing or in person to the named contact person: