Datadrivers Oy
Hallituskatu 2 A 7
FIN-95400 TORNIO
PRIVACY STATEMENT
22.5.2018
Datadrivers Oy is a Finnish company that aims to develop driver education software and make efficient use of training data. This Privacy Policy applies to the processing of personal data of Datadrivers' customers and users of the services it provides, such as Webauto, Netreeni, opetusluvalla.fi and lomakelahetys.fi. Datadrivers processes the personal and training information of customers and service users in order to fulfill the contract for the service ordered by the customer, provide a comprehensive training search for those in need of training as well as notify registrants of expiring professional licences and other qualifications.
We are committed to protecting the privacy of our customers and users of our services in accordance with applicable data protection laws. Below is a more detailed description of, e.g.:
Please read the contents of the privacy statement.
Controller: Datadrivers Oy
Address: Hallituskatu 2 A 7, 95400 Tornio
E-mail: info@kuljettajaopetus.fi
We only collect personal information that is necessary for pre-defined uses. When we collect information, we tell you what information is a prerequisite for using the services and what information the user can provide if they wish. The information is primarily collected from the data subject themselves when they log in and use the services. Information about the data subject can also be stored in the services by instructors or a registered employer.
In addition to service user and training information, we process the following customer information:
In addition, we collect information about the use of our services as described in the cookie clause.
The data is processed for the following purposes:
Driver data such as driving licence and driving licence related data as well as professional qualification data such as initial and continuing learning data for lorry and bus drivers and taxi drivers, and licence data, are public data that training centres and professional transport operators need to process. It is also in the data subject's interest that the compiled information is available to the employer or potential employer in an up-to-date manner. In so far as the processing is based on a legitimate interest, we consider that the data subject can reasonably await the processing, taking into account the public nature of the information, the employer-employee relationship and the need for the professional transport company to process in order to fulfill the contractual and legal obligation. Treatment based on a legitimate interest may be opposed as described below.
We will retain the information for as long as is necessary to fulfill the purposes defined above in accordance with applicable law. Learning records shall be kept in accordance with the Driving Licence Act and the Act on the Professional Qualifications of Truck and Bus Drivers for six calendar years following the year in which the training or examination was completed.
After the above period, we will truncate the information and process the name and contact information as well as individual information describing the user profile for marketing purposes as long as the data subject has not refused to receive marketing messages. If the registrant refuses the marketing and there is no other reason to process the data, we will retain information about the ban and contact information so that we can ensure compliance with the ban. The data subject may also request the deletion of their data in its entirety.
We strive to keep the personal information we hold accurate and up-to-date by deleting unnecessary information and updating outdated information. However, we encourage users of the Services to periodically check that their information is up to date by logging into the Services. The data subject can also influence the data retention period themselves through the options described below.
We comply with our legal obligations to retain information.
We may automatically collect information about the service user terminal through server logs as well as cookies and other similar technologies. A cookie is a small text file that a browser stores on a user's device. Cookies often contain an anonymous, unique identifier that allows us to identify and count the browsers that visit our site.
Cookies do not move online by themselves, but are rather installed on the user's terminal only with the site the user visits. Only the server that sent the cookie can later read and use the cookie. Cookies or other technologies do not damage the user's terminal or files, and cookies cannot be used to access programs or spread malware.
We automatically collect the following information:
The so-called first-party cookies are set by the website visible in the address bar. In addition to these, our services use cookies from so-called third parties, such as measurement and monitoring service providers and social media services.
We use both session-specific and persistent cookies. Session-specific cookies expire when the user closes the browser. Persistent cookies stay on the user’s device for a fixed period of time, or until the user deletes them. The term for persistent cookies typically varies from a few months to a few years.
Cookies allow us to remember the registrant's login information and choices, develop our services and business and investigate possible abuses. We also use cookies to statistically track the number of visitors to our services and to investigate whether marketing emails or newsletters have been opened and acted upon.
When setting cookies, the user is given the option to refuse to set cookies using browser settings or to use the influence options listed in this privacy statement.
The data subject can often influence the processing of data in different ways:
With respect to automatically collected data, the user can influence the collection and processing of data in the following ways:
The data subject's personal data is also processed by the company providing the training services in accordance with its own register data description or data protection clause. In addition, we may disclose information in the following ways:
We use subcontractors to provide services. In this case, we guarantee through contractual arrangements that the data will be processed in accordance with the legislation in force at the time and this register description. As a rule, data will not be transferred outside the European Union or the European Economic Area.
The data is kept technically secure. Physical access to the data is blocked by access control as well as other security measures. Access to information requires adequate rights as well as multi-stage authentication. Unauthorised access is also prevented, e.g. with firewalls and technical protection.
The data is backed up securely and can be restored, if necessary. The level of security is audited at regular intervals through either external or internal auditing. The data shall be accessible only to the controller and to specifically designated persons who have access to the data in order to carry out their tasks. Users are bound by professional secrecy.