YIT Suomi Oy
Panuntie 11, 00621 Helsinki
tel.: 020 433 111 (exchange)
Business ID 1565583-5
You can also contact our local service points in each country of YIT´s operations:
GDPR contact person:
Tarmo Nikkilä, Legal Council
P.O. Box 36, Panuntie 11
Puh. +358 40 821 1214
Person in charge of the register matters:
Hannele Laine, Development Director, Housing Finland and CEE at YIT
P.O. Box 36, Panuntie 11
Puh.+358 40 749 4966
3. NAME OF DATA FILE
YIT Plus Customer data file
4. PURPOSES AND LEGITIMATE GROUNDS FOR PROCESSING OF PERSONAL DATA
YIT processes personal data for several purposes. The purpose of the processing may vary depending on the category of personal data being processed in each case.
In order to provide our Services and to fulfil our obligations based on contractual relationships
We primarily process personal data in order to provide Services to our Users and to carry out, maintain and develop our business. In some cases, personal data may be processed in order to fulfil an obligation towards the User that arises from the contractual relationship. If a User contacts our customer service, we use the provided information in order to answer questions and solve any possible problems.
Furthermore, your personal data may be processed in order to find the best possible apartment for you as a customer, and for the purposes of developing our services and offering additional services.
For customer communication
We may process personal data in order to contact Users in relation to our Services and in order to communicate regarding changes to the Services. The data is also used for research and analysis purposes in order to improve our Services.
For the purposes of improving quality and analysing development trends
We may process data concerning the use of the Services in order to improve the quality of our Services, such as by analysing the different development trends related to the use of the Services. Whenever possible, we aim to use anonymous information that does not allow for an individual to be recognised.
Grounds for processing
We process personal data in order to fulfil our obligations towards the User arising from contractual relationships. Furthermore, we process personal data in order to maintain and develop our business.
In some parts of the Services, Users are requested to give their consent to the processing of personal data. In these cases, Users may withdraw their consent at any time.
In addition, we may use the
User’s personal data for the following purposes:
· customer relationship management and development;
· execution of the YIT Plus service;
· authentication and verification of customer transactions;
· offering products and services
· paying for products and services and management of payments
· developing customer service and business
· research and development activities
· digital direct advertising, remote sales, promotional competitions and other direct marketing from the controller and select partners
· surveys and market research
· analysis and compiling statistics
· ensuring that the information you provided is correct in order to adhere to our legal obligations
5. SOURCE OF PERSONAL DATA
YIT has outsourced the updating of the apartment owner and tenant information, the verification of their currency and the Service access permissions by contract to the client ordering the Service, as agreed in the Service Agreement.
6. DATA CONTAINED IN THE DATA FILE
The data file contains the contact details for the properties covered by the YIT Plus service and their contact persons, service partners, apartment owners and other users who have signed up on the YIT Plus portal and the information concerning their objects of interest, combined with the basic data and status data for the properties and apartments that are for sale/that have been sold by companies belonging to the same group with the controller.
We collect the following personal data that is necessary for fulfilling the purpose of the data file:
- first names and surname
- contact information, such as address, telephone numbers and email addresses
- date of birth
- sign-up information and profile information, such as the user ID for the YIT Plus portal, the nickname or other unique identifier, and the other profile information the data subject has provided on the service, such as objects of interest, gender, profile photo, number of people in the household and other information the data subject has personally recorded
- Information concerning the implementation and use of the Service, such as browsing and search information, discussions, service requests, calendar events, photos and other documents saved in the service, discussion groups and the list of buyers/owners of apartments and other property.
Furthermore, other information related to the customer relationship is saved in the data file, such as
- the start and end date for the customer relationship and apartment ownership, and the basic information concerning the apartment and property
- the benefits and campaigns targeted towards the User and their use
- information related to invoicing and debt collection
- contacts and communication across different channels with the controller (including claims for compensation and feedback, for example)
- direct marketing permissions and prohibitions and information related to targeted marketing
- a housing cooperative’s board members and messages sent between the board members on the service
- material personally produced by the data subject or concerning them (such as ownership and family relationships, sharing of access permissions with family members or tenants)
- as regards underage persons, contacts made with the custodian, such as agreement to the processing of personal data, unless an underage person of at least 15 years of age has prohibited the processing of such data.
DATA DISCLOSURE AND TRANSFER OF DATA OUTSIDE THE EU AND THE EEA
Data is not disclosed to other third parties unless this is deemed necessary in order to fulfil YIT’s statutory or contractual obligations.
Personal data is not regularly transferred outside of the EU or EEA. If, however, data transfer is necessary, YIT will ensure that the European Commission has approved that the level of data protection in the target country is appropriate, or agreed on the transfer using the standard contract clauses approved by the European Commission.
OF PROTECTING THE DATA FILE AND DATA RETENTION TIME
Only persons who are entitled to process customer data as part of their work have access to the data. Each user has a separate user ID and password. The electronic data is protected by means of firewalls, passwords and other technical means. The data is stored in locked premises and premises equipped with access control.
Generally speaking, we will only store a User’s personal data for as long as the legislation requires or for as long as they are necessary in order to fulfil the purposes specified hereinabove.
The personal data will be stored after the termination of the customer relationship until all warranty obligations and other contractual and statutory requirements have been fulfilled and the retention times defined in the legislation, such as the Housing Transactions Act, Consumer Protection Act and the Accounting Act.
OF THE DATA SUBJECT
The User is entitled to check the information concerning them saved in the personal data file and to request the rectification of inaccurate data.
The User is entitled to prohibit YIT from processing data concerning them for the purposes of direct advertising, remote sales and other direct marketing as well as market research and surveys.
The User may also request that we delete their personal data from our systems. We will take action according to your request unless a justified reason exists for not deleting the data. Once the active data has been deleted, all residual copies may not necessarily be immediately deleted from all of our servers or our backup systems or other redundancy systems. These copies will be deleted as soon as it is feasible.
Pursuant to the General Data Protection Regulation, the User is entitled to oppose the processing of their data or request its limitation, withdraw their consent and to file a complaint regarding the processing of personal data with the local data protection supervisory authority.
The data subject is entitled to receive their personal data from us in a structured, generally used format, and to individually transfer the data to a third party.
The requests and prohibitions may be made to the contact person listed under section 2. In order to ensure data protection, the customer must be able to verify their identity upon request.
YIT may employ “cookies” or other industry standard technologies, such as tracking pixels, web beacons and other similar technologies.
A cookie is a small text file saved on the User’s device in order to maintain a file containing data pertaining to the User in question. Tracking pixels and web beacons are small graphic images located on YIT’s website that allow for determining whether a specific function has been completed.
YIT’s websites may also contain third-party advertisements that send cookies or other tracking technology onto your device in order to track your online activities on third-party websites or services for marketing purposes.
Users may disable cookies via their browser settings or set a warning for cases where cookies are set. More information on cookie management is available online. For example, the following links offer information on altering cookie preferences in the most popular browsers:
Please note that some parts of our Services may not work correctly if cookies are disabled.
Our Services use Google Analytics and other web analysis tools in order to compile technical information and reports on the use of our website, for the purposes of improving our Services. For further information regarding Google Analytics, please visit the Google Analytics website. You can opt out of the data collection performed by Google Analytics by downloading the following browser add-on: Google Analytics opt-out add-on.