TornaMobile

Privacy policy

Tornator Oyj processes personal data in accordance with the EU General Data Protection Regulation (2016/679), the Data Protection Act (1050/2018), the Information Society Code (917/2014) and other applicable legislation.

TornaMobile privacy policy describes the processing of personal data by the application "TornaMobile". We encourage you to read this policy carefully before using the service.

Our operations are based on legitimate business activities, so we also comply with EU legislation on the storage of personal data:

• The information we store is lawful, reasonable and transparent with regard to processing. This means that a person can have their data available at any time.

• The data is purpose-specific. We do not disclose information to third parties unless there is a proper reason and mutual agreement.

• We minimise the data we store and strive to keep it accurate.

• We restrict the storage of data. A useful life has been defined for the data, after which it is either automatically or routinely deleted, unless there is a legal reason for longer storage.

• We store intact and reliable data, for example verified through backups.

• We collect and store information based on customer relationships or related to business operations.

Contact details

Name: Sitowise Oy (Register processor)Business ID: 2335445-0Address: Linnoitustie 6 D Postal code: 02600City: EspooPhone number: +358 40 073 1127E-mail: tietosuoja@sitowise.com

Name: Tornator Oyj (Data controller)Business ID: 0162807-8Address: Napinkuja 3 CPost number: 55100City: ImatraE-mail: heikki.tuomikoski@tornator.fi

Purpose of the register

The purpose of the register is customer identification and access rights management, as well as maintaining and developing the customer relationship.

What information does the app collect?

The app collects user information when the user installs and uses the app. During installation and use, the application does not collect or enter personal data such as social security number, postal address, credit card information, telephone number.

User-identifying information:

• Service username, password

• Other data collected with the user's consent (name and address data)

Information automatically generated about the use of the Services:

• The App may collect end-device related information such as device type, unique id, IP address and operating system information (without limitation).

• Information related to the actions performed by the user in the application, such as workbook data and other data entered through the user interface

• Location data (GPS, Wi-Fi networks, mobile network access points) if the user has given permission for this purpose during the installation and/or use of the application. The application utilizes the user's GPS location to carry out normal transactions, such as displaying the user's location or recording geometries.

• The location is only used if the user has enabled GPS in the device settings. When GPS positioning is on, location data can be collected in the background during solo work and track recording activities, even when the application is closed or not in use. In connection with the solo work function, location monitoring is based on occupational safety and health criteria (Occupational Safety and Health Act (738/2002). In connection with the track recording function, location tracking is related to enabling the editing and collection of location data with the application and ensuring the quality of the work done.

Personal data processing activities

We process personal data in accordance with applicable data protection legislation and to the extent necessary for the provision of the service.

We may also process personal data for statistical purposes, in which case the data is aggregated in such a way that it is not possible to identify a natural person from the end result. The resulting statistics are not personal data, because they cannot be linked to an individual person.

We do not process personal health data, credit information, ethnicity or data related to political or religious beliefs.

Security

Personal data is protected in our services by appropriate measures. These measures are physical, technical and administrative, and we use them to protect personal data against loss, destruction, misuse and unauthorized access or disclosure. The stored data, server access rights and other information critical to the security of personal data are processed confidentially and only by the employees whose job description it belongs to. They will only process your personal data in accordance with our instructions and under a duty of confidentiality.

Please note that even appropriate measures cannot prevent all possible data breaches. In the event of a personal data breach, we will notify you in accordance with applicable law.

Sharing and disclosure of personal data

Personal data is not sold or rented to third parties. Personal data may be disclosed to third parties in the following cases:

• In accordance with the legislation in force at any given time, in accordance with the requirements of the authorities or other similar bodies.

• When there is a legitimate interest in disclosing the data, such as if we organise an event together with a third party. In such a case, you will always be informed about the disclosure of your data.

• When we deem it necessary to enforce or protect our rights, such as responding to legal claims, protecting your safety or the safety of others, investigating misconduct or responding to a government request.

Disclosure of personal data outside the EU or EEA

Personal data will not be transferred outside the European Union or the European Economic Area.

Collection of personal data

As a rule, we only collect personal data that the user has provided to us or that the user has consented to collect. This is the case, for example, when we process your personal data on behalf of another controller.

Other possible situations where there is the same basis for data collection:

• You contact us or do business with us via the contact form, email or phone.

• You purchase a service from us or enter into a contract with us.

• You log in and use our service.

• You access our website through cookies in your browser.

You are not required to provide us with your personal data, but in such circumstances we may not be able to provide our service to you or comply with your request.

Retention of personal data

Personal data is stored only for as long as necessary, including to comply with legal, accounting or reporting requirements. Unnecessary personal data, e.g. due to termination of the customer relationship, will be deleted after the deadline. We may retain personal data even after the termination of the customer relationship to the extent permitted or required by applicable law. Such cases include, for example, responding to claims or claims or complying with your direct marketing opt-out.

As we process personal data on behalf of the Controller, the controller may also request that we delete the personal data. We confirm the performance of this action to the controller.

Rights

The rights of the data subject can be exercised by sending a written request to the controller.

The data subject has the right to:

• check what data concerning him or her has been stored in the personal data file and how it has been processed,

• request the correction or erasure of incorrect data concerning him/her,

• transfer the data to another system or to another controller to the extent that the data subject has provided data to the register on the basis of the performance of a contract,

• withdraw their previously given consent to the processing of data and request the erasure of the data they have provided, and

• restrict or object to the processing of their data in accordance with Articles 18 and 21 of the EU General Data Protection Regulation.

Please note that the right of inspection may be denied on grounds laid down by law.

If the data subject withdraws his or her previously given consent to the processing of the data and requests the erasure of the personal data, the personal data in question will no longer be processed unless there is another legal basis for the processing.

The data subject also has the right to prohibit the use of their data for direct marketing purposes.

If you consider that the processing of your personal data is not appropriate, you can contact the Data Protection Ombudsman.

Purpose and legal basis for processing personal data

The User's data is collected and processed with the User's consent or for the performance of an agreement between the User and the Data Controller.

The application only collects data necessary for the use of the application and its subsequent reporting, such as the data required for login, data generated through application functions and data stored in the service log. The app collects user information when the user installs and uses the app. During installation and use, the application does not collect or enter any information such as social security number, postal address, credit card information, phone number.

The processing of personal data is also based on the controller's legitimate and legitimate interest in marketing and communicating its services to data subjects (legitimate interest). Personal data may also be processed in situations where there is a legal basis for doing so due to customer relationship management, marketing, service provision and development, data security or internal reporting.

The User's personal data may also be processed in order to fulfil legal obligations (such as accounting or fulfilling requests made by authorities as required by law). Personal data may also be processed for other purposes if the user has separately consented to such processing.

Sitowise Oy processes personal data in accordance with the data protection legislation in force at any given time.

Use of cookies

Information about the user's terminal device can be collected with the help of cookies and other similar technologies. A cookie is a separate text file that is stored on the user's device. The cookie contains information about the browser used by the user and its version, among other things. We use cookies and other similar technologies to improve the functionality and usability of the application and to understand how users use the service.

Changes to the Privacy Policy

We are constantly developing the service and reserve the right to change this privacy policy if necessary. The latest version is available at https://www.sitowise.com/fi/tornamobile-tietosuojaseloste

This privacy statement was last updated on 8.8.2024.

Contact

You can ask about this policy or more detailed information about the processing of your personal data by contacting us by email at tietosuoja@sitowise.com or heikki.tuomikoski@tornator.fi.