Privacy Policy

General information

Careful processing of your personal data is of utmost importance at the Granlund Group. We process personal data in order to meet our statutory or other contractual obligations and to take care of our obligations as an employer and a partner. Your personal data is processed in accordance with data protection legislation, the basic principles defined in the General Data Protection Regulation and the best practices of data management and processing to ensure that your privacy is not compromised, as required by the General Data Protection Regulation (GDPR), the Personal Data Act (523/1999) and the Act on the Protection of Privacy in Electronic Communications (515/2004).

We have valid contracts meeting the requirements of the General Data Protection Regulation with our partners. In line with the contracts, we have received sufficient guarantees from the processors of personal data that the processing of personal data performed by them meets the requirements of the General Data Protection Regulation.

Data controller and processor of personal data

Granlund Oy is the data controller and processor of personal data. 
Granlund Oy, Malminkaari 21, PO Box 59, FI-00701 Helsinki, Finland

Reason for processing personal data

The reason for collecting and processing personal data may be fulfilling statutory obligations or contracts or managing customer relationships. The reason for processing may also be the data subject’s consent, communications, marketing, recruitment or other corresponding legal reason.

Rights of the data subject 

According to the General Data Protection Regulation, you have the right of access to your personal data. If necessary, we may request additional information from you to confirm your identity.

If you submit a request pertaining to this right electronically, we will deliver the data in a commonly used electronic format. Primarily, fulfilling all the requests is free-of-charge but, with certain conditions, we may collect the administrative costs accumulated from you by performing the action or refuse to perform the requested action.

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you. This right does not apply to public sector registers that are maintained as stipulated in the legislation.

You have the right not to be subject to decision-making based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

We store your personal data only for as long as is necessary according to valid legislation, after which your personal data will be erased.

Contact requests related to data protection and the data subject can be submitted to  

Transfer of personal data

We primarily process all data inside the EU and EEA. We comply with all obligations set by the EU General Data Protection Regulation (679/2016) and data protection legislation when transferring data inside and also outside of the EU/EEA.

How do we collect personal data?

We collect personal data from the data subjects themselves, for instance, through visits or e-mails, visits to our website, calls, social media or in connection with logging into our digital services.

What personal data do we collect?

We collect and process the following personal data, among others: contact details of businesses and individuals (such as name, telephone number, e-mail address and address), information related to customer service or contacts, usage data of our website and online services as well as data related to our marketing participation registrations or sales.

Purpose of processing personal data

We only process personal data for purposes for which the personal data has been originally collected, unless the data subject has given their consent to using their personal data for other specified purposes.

We collect personal data for the following purposes, among other things: meeting our statutory obligations, creating assignment, customer, partner and cooperation relationships and maintaining them, offering SaaS services and ensuring the identity of the person logging in, recruitment purposes, training, communications as well as marketing and ensuring the data protection of our website.

Use of cookies

We use cookies (small text files stored in the device) in order to offer and develop our services. We also use cookies to individualise content and targeting advertising. With cookies, we can better offer up-to-date and individual services, among other things, by showing content based on the user’s interests. Cookies also enable, for instance, logging in and verification, saving personal settings and definitions, analysing the operations of our website and preventing fraud. When you use our online services, the following information, among other things, is collected: your IP address, the links you use, the advertisements and other content you viewed, from which website do you arrive and which pages do you visit, the time of your browsing, your browser or the browser type and other similar data. Our website and services may include third party cookies.

We use both session and permanent cookies. Session cookies only exist for the duration of the session, or the time you spend on our website, and they are automatically erased when the browser is closed. Permanent cookies exist for a certain period of time, and they are stored on your computer also after the session has ended unless you erase them before that.

Cookies do not harm your device or files.

You can adjust the use of cookies from your browser settings. You can find additional information from each browser’s data protection or manual documentation. 

Contact requests related to data protection and the data subject can be submitted to