Dated June 25th, 2021
Dooap Oy, a Finnish corporation with business I.D. 3207965-7, having registered domicile in Åkerlundinkatu 11 D, 33100 Tampere, or
Dooap Inc., having registered domicile in 8920 Business Park Dr #250, Austin, TX 78759, or
Another Dooap affiliate you are employed by, if any.
We collect data about you from:
An employment agency
Security clearance providers
Occupational Health and other health providers
Your Trade Union
Other applicable source
We may collect, use, store and transfer different categories of personal data about you related to your employment to the extent relevant and applicable, such as:
Identity Data such as first name, last name, date of birth, gender and local identity number or similar identifiers, citizenship and country of residence, immigration status and information, passport, photographs, electronic identification and communication data
Contact Data such as address, email address, telephone numbers, next of kin, emergency contacts and their contact information, marital status.
Employment Data such as job title and description, your employment contract and any information related thereto and changes thereof, department name, location of employment, employment history and your qualifications, job application, employment references, right to work information
Skills, Competencies and Training Data such as your education, training, certificates, language skills, data from assessments and other related data.
HR Performance and Administration Data such as talent review ranking and leadership potential ranking, personal data that is relevant for diversity, equity, and inclusion (DEI) purposes, complaint-related information, your responses to staff surveys if this data is not anonymized.
Salary, Compensation and Pension related Data such as your time spent working and any overtime, expenses or other payments claimed, details of any leaves, such as sick leave entitlement, sickness and absences, leaves and holidays, pension schemes (current and previous), your bank account details, payroll records and tax status information, trade union membership for the purpose of the deduction of subscriptions directly from salary, details relating to maternity, paternity, parental and adoption leaves and pay.
Health-related information such as disability condition, information related to leave entitlements, sicknesses and absences
Security clearance details such as background checks and higher security clearance details according to your job and details of criminal convictions.
Business travel related information such as driver’s license, driving record, licensing plate, transportation and accommodation, travel itineraries, routes travelled, travel party configurations, travel preferences, frequent travel program numbers, and travel reward cards
Secondary Employment details, conflict of interest declarations or similar
Beyond Employment Data such as hobbies, interests, political affiliations or memberships
Copy of documents which proof any of above.
We may use and process your personal data for purposes connected to your employment, such as
to carry out the contract we have with you, provide you access to business services required for your role and manage our human resources processes
to pay your salary, pension and other employment related benefits and bonuses and process the administration of statutory and contractual leave entitlements such as holiday or maternity leave.
Performance management and compensation related-activities, including compensation analysis, to assess your performance, to conduct pay and grading reviews and to deal with any employer / employee related disputes. We also use it to meet the training and development needs required for your role.
Workflow management, such as assigning, managing, and administering projects
Succession planning and talent management, career development and engagement
Retirement planning and management
Monitoring and enforcing compliance with company policies and procedures and legal requirements applicable to Dooap (such as labor, tax, and social security laws) or contractual requirements
Travel, transportation, and relocation planning
IT activation, support, and authentication
Organizational development and communications
Corporate governance or corporate affairs
Administration and management of Dooap’s financial affairs and taxes
Preventing unauthorized individuals from accessing, changing or deleting your personal data
Supporting any claim, defense or declaration in a judicial or quasi-judicial proceeding
Monitoring and preventing sexual harassment, discrimination, fraud or other criminal activities
Safety and security monitoring while on premises and while working from home
Facilitating onboarding and exit of personnel
Facilitating internal recruitment and hiring
Ensuring an engaging experience, realizing continuous improvement, and personalizing the HR services
Communicating internally or externally
Managing memberships to professional associations
Performing internal or external audits
Conducting corporate transactions (mergers, acquisitions and divestments)
Organizing internal and external events
Managing exceptional situations, serious threats to health and protecting you and other individuals in such situations
Investigating and enforcing disciplinary measures
Dealing with legal disputes
Carrying out our contractual obligations with our customers and suppliers, such as personal data included in agreements and purchase orders, security checks required by our customer, compliance declarations required by our suppliers, quality complaints
We collect and use your personal data when this is necessary to:
Perform your employment contract with Dooap;
Comply with our legal obligations as your employer and other regulatory requirements, such as labor, tax, and social security laws.
We may process some of your personal data based on legitimate interest, such as to:
Secure our premises and IT systems
Perform our contractual obligations with our customers and suppliers
Handle and investigate complaints; and
Prevent or investigate fraud or other criminal activities.
Sometimes, we may process your personal data after you have given us your prior consent. For example, in certain circumstances we will ask your prior consent before using your photos or videos as part of our corporate communications.
Our ability to perform our obligations derived from your employment contract with Dooap and our ability to comply with our legal and contractual obligations sometimes depend on Dooap having access to and being able to use certain personal data.
Therefore, and depending on the circumstances, if you do not provide us with the personal data we request or if you ask that we stop processing your personal data, we may not be able to perform our contractual obligations (such as paying you for your work) or we may be in breach of one or more legal obligations applicable to us.
Access to your personal data will be given to those who need such access for the purposes listed above or where required by law. These parties include, among others, the Dooap Human Resources, relevant business managers, and, on limited occasions, members of the Information Technology ("IT"), Finance, Tax, and Legal departments. Access to the internal Employee directory (which contains contact details of Dooap personnel) will be provided to the employees that need to access such internal Employee directory.
We may share your personal data amongst Dooap affiliates or subsidiaries that provide shared services across Dooap group, such as HR services, management, financial and accounting support, credit control, recordkeeping, and payroll.
These third parties may include payroll administrators, benefits administrators, financial consultants and financial services providers, professional advisers, IT systems providers, outside counsel, expense claims providers, employee data management solutions providers, timekeeping solutions providers, hardware providers, company car management companies, travel and mobility service providers, and limited other parties.
We may also sell, transfer or otherwise share some or all of our assets to relevant third parties, including your personal data, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
We may be obligated to disclose your personal data to authorities or third parties pursuant to mandatory applicable law or an order of a regulatory or statutory authority.
We may transfer your personal data outside the country where it was collected, or outside of European Economic Area (EEA), as applicable.
If personal data is transferred to country that does not provide adequate level of protection for personal data, such transfers shall be subject to appropriate safeguards, such as standard contractual clauses approved by the European Commission and/or other appropriate transfer mechanism as required under relevant data protection laws.
We employ appropriate technical, physical and organizational security measures designed to protect your personal data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorized disclosure or access, as well as all other forms of unlawful processing.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Further, we also consider end of the employment relationship, security reasons, applicable statutes of limitations, on-going or potential litigation or dispute and regulatory or legal obligation to retain the personal data.
In some circumstances, we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
We will delete your personal data in case you revoke your consent, if we are processing your personal data based on your consent. In such case, the information regarding prohibition may, however, be retained.
Your personal data will be deleted in case you have requested the deletion of your personal data and we have no legitimate ground for the processing of such data.
We will also retain your personal data for additional periods if it is required by mandatory law or where your personal data is required for us to assert or defend against legal claims. We will retain your personal data until the end of the relevant retention period or until the claims in question have been settled.
After the end of applicable retention period, personal data will be deleted in course of next regular database updates.
In case you wish to know what personal data we hold about you, you may, as appropriate and in accordance with applicable law, exercise such rights by contacting us through the contact points referred to below.
Also, in case you wish to rectify any incomplete, incorrect or outdated personal data, you may, as appropriate and in accordance with applicable law, exercise such rights by contacting us through the contact points referred to below.
You also have the right at any time to request us to erase personal data concerning you and processed by us and we are obliged to erase such data if we have no legal ground to continue processing such data.
In some cases, you have the right to object to the processing of your personal data if the data has been processed on the basis of our legitimate interest, and we shall discontinue processing such personal data unless we can demonstrate legitimate grounds for further processing of such personal data. You also have the right to object processing of your personal data for purposes of direct marketing.
In addition, you may, under certain circumstances have the right to request us to restrict processing of your personal data. Should the restriction of processing apply, the respective personal data will be marked and may only be processed by us as defined in the applicable law.
Where your personal data has been processed by automated means based on your consent or an agreement entered into between you and us, you have the right to receive such personal data from us that you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another entity without hindrance from us. In exercising your right to this data portability, you shall have the right to have the personal data transmitted directly from us to another controller, where technically feasible.
You have also the right to file a complaint with the competent supervisory authority regarding our processing of your personal data.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
For personal data collected from individuals inside the EU/EEA, written inquiries may be addressed to: [email protected] .
You have the right to make a complaint at any time to the competent supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the authority. So please contact us directly in the first instance.
Open Application, Dooap Inc