To front page
To front page

Design and development of S Group services

Data controller

SOK CorporationPostal address: P.O. Box 1, FI-00088 S-RYHMÄ, FinlandStreet address: Fleminginkatu 34, FI-00510 Helsinki, FinlandBusiness ID 0116323-1

Contact details of the data protection officer

tietosuojavastaava@sok.fi

Officer in charge of register matters

muotoilututkimus@sok.fi

Purpose of personal data processing

We process your personal data for a short time in the development of S Group’s services. The term “S Group” refers to the cooperatives and the SOK Group together with its subsidiaries and associated companies.

Grounds for the processing of personal data

The processing of your personal data is based on your consent.

The personal data processed

We may process the following personal data:
  • name
  • phone number or email address
  • address details
  • information you provide when participating in service development
  • audio and video recording, images
  • the shared desktop/screen of a computer or mobile device
If the fee for the research is subject to taxation, we will process the following personal data for the purpose of the Incomes Register declaration:
  • personal identity code

Source of information

We collect personal data from individuals participating in the study.If the research is conducted using a digital engagement platform, the Howspace engagement platform will be utilized for data collection. At that time, participants in the research will be offered the opportunity to join discussion communities using the engagement platform. If the research is conducted as a remote interview and the event is recorded, various third-party tools will be utilized for recording, such as Microsoft Teams.

Recipients of personal data

We process your personal data for the purposes defined in this privacy policy in electronic systems and services. We use external service partners in the provision of system and support services.We may transfer your personal data to the service providers used insofar as the service providers participate in the implementation of measures within the framework of the relevant assignment. The personal data is processed in Finland.We ensure that our partners protect personal data sufficiently as required by law. We do not disclose any data stored in the register to third parties, except for the disclosure of data to the authorities within the limits permitted and obligated by valid legislation, when responding to the authorities’ data requests, for example.

Transfer of personal data to third countries or international organisations and data protection safeguards used

The personal data is stored within the European Union or the European Economic Area. We do not transfer the data outside these countries or to international organizations. Howspace's main place of storage of personal data is in Sweden.

Period for storing personal data or criteria for determining the storage period

We only store personal data according to this privacy policy for as long and to the extent that it is necessary, and we use it for activities connected to the reported purposes for processing.All personal data collected will be destroyed immediately when the personal data is no longer needed for the development of the service in question. On average, personal data is stored for 1–2 months after the information has been provided.

Rights of the data subject

You have the following rights:Right to access your personal dataRight to the rectification of your dataRight to the erasure of your dataRight to restrict processing (disputing the accuracy of the data or unlawful processing)Right to withdraw your consentRight to transfer your data to another system (in case of automatic processing)Right to be informed of personal data breachesIf you wish to exercise your rights or obtain further information on the processing of your personal data, you may contact the contact person of the data controller mentioned in this policy. In order to be able to identify your specific information from the register, please provide your name and phone number or email address. More information about rights can be found on the Your rights page.You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes applicable data protection regulations.

Significant information related to automated decision-making or profiling

No automated decision-making or profiling is associated with the personal data processing.

Impact of the processing of personal data and a general description of technical and organisational security measures

We diligently protect personal data throughout its lifecycle by employing the appropriate data protection and information security measures. System providers process personal data at secure server facilities. Access to personal data is restricted, and the personnel are subject to a confidentiality obligation.The S Group protects personal data by means of, for example, preventive risk management and security planning, protection measures for data communications and by using secure hardware facilities, access control and security systems. After initial processing, hard copies containing personal data are stored in locked and fire-safe storage facilities. The granting and monitoring of user rights is a well-managed process. We regularly provide training for our personnel who participate in the processing of personal data, and ensure that our partners’ personnel also understand the confidential nature of personal data and the importance of secure processing. We select our subcontractors with care. We continuously update our internal practices and guidelines.If, despite all of our safeguards, we detect that personal data has been in the wrong hands, we will immediately begin investigating the matter and aim to prevent any damage caused. We will inform the necessary authorities and data subjects about the data breach, in accordance with what the law requires.