WEFIND IT PRIVACY STATEMENT
Wefind IT, IT Staffing Service Privacy Policy and Processing of Personal Data

The privacy and data protection of temporary employees at Wefind IT staffing company is important to protect and keep in a safe place. We are committed to protecting the privacy of the information we collect. We are constantly improving the privacy and security of our data and will take all necessary steps to ensure that it is properly stored.
We provide information on data protection and the processing of personal data on our website and, where appropriate, provide information to the data subject on request. We have carefully defined the processing of personal data in our company Wefind IT and compiled documents on the processing of personal data, data protection and data security.

The document is in three parts:
- An internal document (e.g. definitions, guidelines, security descriptions)
- A public document (material to be published on the website).
- Contractual annexes (data protection annexes to contracts relating to the processing of personal data)
The privacy statement will be updated as necessary and any changes to the public statement will be announced on our website. The date of the change is always indicated.
Personal data are collected for different purposes and different types of data content are processed for different purposes. In this privacy statement, we describe in more detail the data in Wefind IT's employee register and the purposes for which it is used.

Keeper of the register
The controller of the employee register is Wefind IT, Find Group Oy (3010059-8). Contact details can be found on our website and for data protection issues we can be contacted at info@wefindit.fi.

Personal data processing process
The processing of personal data of our employees is carried out in accordance with the information below. We determine what information we collect and store. Any unnecessary personal data will not be processed or stored and any unnecessary data will be deleted. When determining retention periods for personal data, other legislation and factors that affect the retention of personal data are taken into account.
Personal data are only processed by those persons in our company whose job description requires the processing of such data. The processing of personal data in the systems is limited and accessible to persons whose job description requires them to be processed. In such situations, only the personal data required at any given time will be available.

The process of processing personal data is governed by the following principles: lawfulness, fairness and transparency, purpose limitation, data minimisation and accuracy, and confidentiality. These principles are reflected in our practice, in our day-to-day operations and we have trained individuals who have access to this personal data to act in accordance with the principles.

Employees' personal data is processed in accordance with contractual relationships or in the performance of legal obligations.

Disclosure of personal data
Personal data is only processed outside Wefind IT by partners or customers with whom a contractual relationship has been established. These contracts explicitly take into account data protection and the processing of personal data.

Personal data concerning employees will not be disclosed to third parties, except in accordance with the requirements of the law or in situations where disclosure is mandatory for the purposes of exercising the employee's interests and rights.

Exceptionally, in this case, data will be transferred outside the European Union or the European Economic Area, as there is an immediate need for the transfer for the performance of the service. In such cases, the controller ensures the level of data protection as required by law and also ensures a high level of data protection through contracts.

Data protection expertise
Our staff is regularly trained in data protection and the processing of personal data. We actively monitor data protection practices in the industry and ensure the level of data protection competence of our staff. This takes into account the role of each individual and, where the job description involves significant processing of personal data, the level of competence must be high.

Policies
We have analysed the operating models for the processing of personal data to ensure that they comply with the requirements of data protection legislation. In addition to the processes, we have paid attention to the technical solutions, both in terms of data protection and data security. We have audited our data security activities, both in terms of policies and technical solutions. Any areas of improvement identified are taken into account and efforts are made to improve them. We use secure technologies and also take security into account when managing equipment.
Data protection, data security and the processing of personal data are taken into account with our subcontractors, partners and contractors and we oblige them all to meet our quality standards.
As a rule, the processing of personal data is digital. The processing of manual documents containing personal data is secured, protected and stored in accordance with data protection guidelines.

Rights of the data subject
The data subject may exercise all his or her rights under the GDPR in accordance with the instructions on our website www.wefindit.fi. We will respond to requests for information as soon as possible and if for any reason we are unable to comply with a request within one month, we will immediately inform the party concerned.

Purpose of the use of register data
The processing of an employee's personal data is only necessary and the use cases are predefined. The data in the register will be used for:
- For communication
- To manage the employment relationship
- Paying wages and salaries
- Recruitment
- Recruitment and payment of wages and salaries Recruitment and payment of wages and salaries
- Organising occupational health care
- Exercising the rights of the data subject
- Statistics

Data content of the register
The register only processes personal data that are necessary for the purposes for which it is used, namely:
first name and surname
contact details (e.g. address, telephone number, e-mail address)
country of residence and language.
gender
date of birth and social security number.
working time
trade union details
bank details
occupational group and duties
salary details
annual leave information
curriculum vitae and any additional information provided by the worker himself/herself for job search purposes
date of commencement and termination of employment
the nature of the employment relationship (e.g. fixed-term, part-time, permanent)
tax, health and insurance information
change(s) to previous, individualised information

Registration of personal data
Personal data are collected from the employee during the employment relationship and the recruitment relationship. A list of data is collected from the systems when the data are updated.
The accuracy of personal data may be checked from time to time with the employee.

Protection of personal data
Databases containing personal data are protected by technical means such as firewalls and passwords. Storage takes place in a locked room with restricted access. Manual archives are also kept in a locked room with restricted access.
Personal data is protected by the following means:
Technical solutions and manual/automatic updates
Anti-virus protection (updated)
Firewall (continuously updated)

For more information, please visit
Wefind IT has an organised data protection policy and, in addition to the Data Protection Officer, data protection is handled by designated persons. We are always happy to help you with your personal data processing needs. Up-to-date contact details are available on our website www.wefindit.fi. Data protection material is frequently updated on our website. Please feel free to ask us a question if you notice any points missing from this privacy statement. We will be happy to answer!