Fluentia's Privacy Policy Statement

Fluentia's Privacy Policy Statement (updated June 13, 2023)

Data protection and responsible business practices are important to us. At Fluentia Oy (hereafter referred to as ‘Fluentia’), data protection is considered an integral part of all business operations. Personal data is processed and protected in accordance with regulations and laws.


DATA CONTROLLER
Fluentia Oy (Business ID: 3179241-8)
Postall address: Tykistökatu 4 B, 20520 Turku, Finland
Questions and requests regarding data protection can be sent to: privacy@fluentia.fi.


PURPOSE OF THE REGISTER AND COLLECTED DATA
We collect the personal data described below only for predefined purposes, which are detailed in the following sections:

Job Applicants
In connection with the job application and recruitment process, we process the following information about you:
•    First and last name
•    Email address

In addition to the above-mentioned information, we also process the following data to the extent you provide it to us during the recruitment process:
•    Phone number
•    Postal address and city of residence
•    Current employer
•    Education and work history
•    Skills and professional expertise
•    Public information from LinkedIn, GitHub, Twitter, etc., and information you share via your CV, as well as any other information you provide

The following information collected during the recruitment process are stored to an appropriate extent:
•    Assessment of your suitability for the applied position
•    Written communication with you
•    Information provided by your potential references
•    Information on the progress and outcome of the recruitment process, as well as the execution of any tasks included in the recruitment
•    Any feedback we provide to you, to help you improve in your work or job search

The information is used in the recruitment process and the processing of your job application for communication during the recruitment and job application stages, as well as to support possible onboarding and the start of employment.

Personal data is primarily collected directly from the individual. With the individual's consent, information may also be obtained from other sources, such as references named by the individual.

Customers and Partners
As a customer or partner of Fluentia, we may process the following information about you:
•    First and last name
•    Information about the customer or partner company, including contact details
•    The individual's position and contact information (email address and phone number)
•    Other information provided by the individual (details of customer feedback, participation in events, and newsletter subscriptions)
•    IP address information is used for managing customer and partner relationships, as well as for marketing, implementing, and developing Fluentia’s services and events.

Personal data is primarily collected in the context of managing and implementing customer and partner relationships. Information is also collected directly from the individual, for example, when you register for an event we organize, subscribe to our newsletter, or visit our website.

Other contacts
If you contact us, for example, to inquire about our services, register for an event we organize, or subscribe to our newsletter, we may process the following information about you to the extent that we have received it from you::
•    First and last name
•    Email address
•    Phone number
•    Name of the organization and contact information
•    Country
•    The individual's position and contact details
•    IP address

Other information you may choose to provide to us (e.g. the web address of your LinkedIn profile)
The information is used to process your inquiry or request and for communication between you and Fluentia. Additionally, the information is used for the marketing, implementation, and development of Fluentia’s services and events.

In this case, personal data is primarily collected directly from the individual. Additionally, information may be collected based on the use of our website through cookies. For more information, see our 'Cookie Policy.'


LEGAL BASIS AND PURPOSE OF PERSONAL DATA PROCESSING
The primary legal basis for processing personal data, according to the EU General Data Protection Regulation (GDPR), is the legitimate interest of Fluentia. The basis for processing may also include, instead of or in addition to the aforementioned, the performance of a contract between Fluentia and you, where we process personal data to fulfill the purposes and obligations defined in that contract. In some cases, instead of or in addition to the aforementioned, our processing may be based on your separate consent. The collected data will not be used for automated decision-making or profiling.


HOW LONG WE PROCESS PERSONAL DATA
We process personal data only for as long as we have a legal right or obligation to do so. We regularly assess the necessity of the data we store and delete any data that is no longer necessary.


COOKIE POLICY
Fluentia uses cookies on its website to facilitate site usage. Users cannot be identified solely through cookies. Cookies and the information collected through them are also used to analyze the usability and usage of the website, monitor use, and improve the site.

The following cookies are used on our website::
•    Google Analytics. We use Google Analytics to track the usage of the website. Additionally, Google sets cookies on our website, allowing Google to track the usage of its clients' websites.

You can prevent the use of cookies on your device by changing your browser settings; however, this may result in some parts of the site not being displayed on your device.


REGULAR DISCLOSURE OF DATA AND TRANSFER OF DATA OUTSIDE THE EU OR EEA
Data is not regularly disclosed to other parties. Data may be published to the extent agreed with the customer.

Data may also be transferred by the data controller outside the EU or EEA. In such cases, we ensure, through agreements and/or as required by law, that the transfer or disclosure is conducted in accordance with applicable data protection legislation, ensuring an adequate level of protection for the personal data being transferred.


PRINCIPLES OF REGISTER PROTECTION
Care is taken in the handling of the register, and data processed through information systems is appropriately secured. When register data is stored on internet servers, the physical and digital security of the hardware is properly ensured. The data controller ensures that stored data, server access rights, and other information critical to the security of personal data are handled confidentially and only by employees whose job responsibilities include such handling.

Detailed security principles are defined in Fluentia’s information security policy, which follows the structure of ISO27002 (2013) as applicable.


RIGHT OF ACCESS AND RIGHT TO REQUEST CORRECTION OF DATA
Every individual whose data is in the register has the right to check their information stored in the register and to request the correction of any incorrect information or the completion of incomplete information. If a person wishes to review their stored data or request a correction, the request must be sent in writing to the data controller. The data controller may, if necessary, ask the requester to verify their identity. The data controller will respond to the customer within the time frame set by the EU General Data Protection Regulation (generally within one month).


OTHER RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA
Individuals whose data is in the register have the right to request the deletion of their personal data from the register ("right to be forgotten"). Similarly, registered individuals have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may, if necessary, ask the requester to verify their identity. The data controller will respond to the customer within the time frame set by the EU General Data Protection Regulation (generally within one month).