Version: Apr 25, 2023
Data Controller and Data Protection Officer
If you have any questions or concerns about our data protection practices, or if you have any requests for resolving issues with your personal data, please contact us:
Data Controller: Jobilla Oy
Business ID: 2655898-5
Address: Vuorikatu 16 A 8, 00100 Helsinki, Finland
Data Protection Officer: Janne Rotko
E-mail address: firstname.lastname@example.org
Jobilla Oy is the parent company of Jobilla Group. The subsidiary companies carry out some of the processing on behalf of Jobilla Oy under a separate data processing agreement.
Jobilla Group subsidiaries
Jobilla DACH GmbH
Friedenstraße 91 / 91 a
Jobilla Benelux B.V
Regentesselaan 2 C
Legal Basis for Processing Personal Data
We process your personal data on the basis of one or more of the following legal grounds:
- Contractual necessity: We process your personal data to fulfill our obligations under a contract with you, such as providing you with our products and services.
- Legitimate interests: We process your personal data for our legitimate interests, such as improving our products and services, conducting market research, and protecting our website and services from fraud and abuse. We will only rely on this legal basis when we have carefully considered and balanced any potential impact on your privacy rights and freedoms.
- Consent: We will obtain your consent before processing your personal data for certain purposes, such as sending you marketing communications.
- Legal compliance: We may process your personal data to comply with applicable laws, regulations, or legal obligations, such as responding to a lawful request for information from a government authority.
Where we rely on your consent as the legal basis for processing your personal data, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us at email@example.com. We also provide options to unsubscribe from our marketing communications at the end of each message.
It is to be noted that if necessary consents are not granted to Jobilla, we are not able to take any actions with consent as the legal basis for processing of your personal data.
If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data).
Similarly, if we collect and use your personal data in reliance on our (or a third party’s) legitimate interests which are not already described herein, we will make clear to you at the relevant time what those legitimate interests are.
Personal Data We Collect
We may collect the following categories of personal data about you:
- Contact information, such as your name, email address, postal address, and phone number;
- Marketing and communication preferences, such as your opt-in preferences for receiving marketing communications and newsletters.
We collect this personal data directly from you when you provide it to us, or automatically when you use our products and services, such as when you browse our website. Contact information may be provided to us by third parties.
Cookies and Other Technologies
We use the following categories of cookies:
- Necessary cookies, which are essential for the website and cannot be disabled on our systems. They are usually set based on the choices you make in relation to the services, such as privacy settings, logging in and filling in forms;
- Advertisement cookies, which we use to make ads as interesting and useful as possible for our website visitors. Most commonly, cookies are used to tailor advertising to the user, to improve campaign performance reporting and to prevent the repetition of ads you have already seen;
- Functionality cookies that are not necessary for the functionality of the website. They are usually set based on information provided on the website to customize and optimize the user experience and to store chat history, remember your preferences and personalize your experience, such as language and location settings.
We may also use third-party cookies, such as those provided by advertising and analytics partners, to collect information about your use of our website and services.
We provide functionality for you to choose to block some cookies. You can also manage your cookie preferences through your web browser settings. However, please note that blocking certain types of cookies may negatively affect the experience of using the website and limit the use of the services we can offer.
Use of Personal Data
We process your personal data for the following purposes:
|To provide and improve our products and services, including processing transactions, providing customer support, and personalizing your experience
|Contractual necessity; Legitimate interest
|To communicate with you about our products and services, including sending you marketing communications and newsletters, where you have opted in to receive them
|To communicate with you about our products and services when we have a commercial interest, for example contacting employees of our previous, existing or relevant potential customers. Opt-out mechanisms are provided for these communications.The processing of personal data for the purposes of direct marketing can be considered as processing serving a legitimate interest. GDPR Art. 6(1)(f), recital 47 sentence 7.
|To comply with our legal obligations and enforce our rights, including protecting our intellectual property and preventing fraud
|To perform research and analysis to better understand our customers and improve our products and services
Disclosure of Personal Data
We only share personal data within Jobilla’s organization if and as far as reasonably
necessary for fulfillment of the processing purpose in question.
We do not share any personal data with third parties outside Jobilla’s
organization unless one of the following circumstances applies:
- We may share your personal data to third parties if it is necessary to (a) meet any applicable law, regulation and/or court order; or (b) detect and prevent security or technical issues or frauds; or (c) protect the interests, properties or safety of Jobilla, our Personnel or the public in accordance with the applicable law. In this case we will, if possible, inform you about such transfer.
- We share personal data with third parties outside Jobilla’s organization for other reasons than the ones mentioned before, only when we have your explicit consent to do so.
We store all personal data within the European Union and European Economic
Area to the extent it is possible. We have, however, service providers and business interests also located outside of the European Economic Area (meaning all European Union countries as well as Norway, Iceland and Liechtenstein, together the “EEA”), which means that we may transfer any personal data to service providers located in territories outside the EEA if necessary.
We strive to ensure that when your personal data is transferred outside of the EEA by
our service providers and hosting providers, appropriate measures and controls are in
place to protect that information in accordance with the applicable data protection
regulation. In each case, such transfers are made in accordance with the requirements
of the GDPR and may be based on the use of the European Commission’s Standard
Model Clauses for transfers of personal data outside the EEA.
When the personal data is no longer needed, we will destroy all such data in our possession within a reasonable time. Your personal data may also be destroyed upon your request unless the applicable law in force at the time of the request prevents deletion of such data.
We take appropriate administrative, organizational, technical and physical measures to protect your personal data against unauthorized or unlawful access, processing, disclosure, alteration, accidental loss or destruction. These measures include, e.g., encryption, firewalls, secure facilities, and access right systems. We regularly test our websites, data centers, systems, and other assets for security vulnerabilities.
Should despite of the security measures, a security breach occur that is likely to have
negative effects to your privacy, we will inform you and other affected parties, as well as relevant authorities when required by applicable data protection laws, about the breach as soon as reasonably possible.
Third-Party Websites and Services
Our website and services may contain links to third-party websites and services that are not owned or controlled by us. We are not responsible for the privacy practices or content of these third-party websites and services. We encourage you to read the privacy policies of these third-party websites and services before providing any personal data to them.
Right to access your data. You have a right to access your personal data processed by us. If you wish to receive a copy of such personal data, please send
us an e-mail by using the contact information below.
Right to rectification. If your personal data changes, or if you find your personal data to be inaccurate, you may correct, update, or delete inaccuracies by sending us an e-mail by using the contact information below.
Right to withdraw consent. You have a right to withdraw your consent regarding the
processing of your personal data and require us to erase such data we have
processed based on your consent. We will retain and use such information only if we
have a legitimate and lawful purpose to do so, e.g., to comply with our legal obligation or resolve possible disputes. The withdrawal of your consent will not affect the processing already incurred prior to such withdrawal of the consent.
Right to erasure. You have the right to have us erase your personal data if (a)
such data is no longer necessary for the purposes for which it was collected or processed, (b) there is no justified reason for us to process your personal data or
(c) your personal data has otherwise been processed unlawfully. If you would like to have your personal data erased, please send us an e-mail by using the contact information below.
Right to restriction. You have a right to request us to restrict the processing of your
personal data e.g., when you are waiting for our response for your request to
access or erase your data.
Right to data portability. You have a right to receive your personal data you have provided us in a structured, commonly used, and machine-readable format and, if
you so desire, have your data transmitted to another controller, when technically feasible.
Right to lodge a complaint. If you feel our processing of your personal data is in breach of the GDPR or you are not satisfied for any other reason, please send us an
e-mail by using the contact information below. You also have a right to lodge a
complaint with a local supervisory authority.
How to use the above rights. The above-mentioned rights may be used by sending an e-mail to us on the addresses set out below, including the following information: name, e-mail, address and phone number. We may request the provision of additional information necessary to confirm your identity.
To exercise any of these rights, please contact us at firstname.lastname@example.org.