Registry description

This is a description of what and how personal data is processed in Levanto Finland Oy.

Purpose of the process: Payroll administration, insurance, internal communication, training, statistics and monitoring.
Categories of personal information: Name, date of birth / personal identity number, contact information, telephone number, holiday, sick leave, account and payment information.
Recipients: Personal data will not be sent to recipients outside the company except in cases where the obligation to notify is provided by law.
Sharing with third parties: The information will not be shared with third parties.
Period of retention: Personal data shall be deleted no later than seven years after the end of the employment relationship if the personal data are not required for legitimate or public interest reasons. In most cases, the data is constantly deleted when the data is no longer seen as necessary.

Purpose of the process: Maintaining contact information for customers, suppliers and other partners. Marketing and statistical purposes.
Categories of personal information: Name, address, telephone number, title, business contacts.
Recipients: Personal information will not be shared with third parties.
Sharing with third parties: The information will not be shared with third parties.
Period of retention: Data will be deleted when business with that connection is no longer likely.

Purpose of the process: Business-related information in offer requests, admission notes and invoices.
Categories of personal information: Name, title, place and time of meeting.
Recipients: The information will only be passed on to partners involved in the same matter.
Period of retention: Records of audit materials are retained for seven years. Other personal data is constantly reduced, in which case it is also assessed if the purpose of the processing of personal data is no longer relevant.

Purpose of the process: Presentation and marketing of the company’s operations and products.
Categories of personal information: For example, name, image and action.
Recipients: The information will not be disclosed to recipients, except for publication on websites / social media.
Sharing with third parties: No active sharing with third parties.
Period of retention: Personal data is constantly reduced, in which case it is also assessed if the purpose of the processing of personal data is no longer relevant.
Security measures: The company is a responsible actor in the processing of personal data in unstructured material.

Purpose of the process: The Company may process personal information via email in connection with returns or in connection with updating contact information.
Categories of personal information: Name, title, employer, contact information.
Recipients: No systematic sharing wth third parties without specific reason.
Sharing with third parties: No active sharing with third parties.
Period of retention: Sensitive personal information will be deleted immediately.
The company transfers the personal data that came with the email to the system if there is a reason and a legal basis for storing it.
The emails will then be deleted.
Security measures: The company is a responsible actor in the processing of personal data in unstructured material.

We strive to achieve an appropriate security model, taking into account the company’s technical capabilities, the costs of implementing the measures, the specific risks associated with the processing of personal data and the accuracy of sensitive personal data.

Our operations, plans and guidelines are a summary of how the company operates technically and organisationally with data protection.