(updated on 31.05.2020)
This Privacy Notice describes Legal Gaming Oy’s practices when it processes personal data of its external data subjects.
Legal Gaming Oy has a unilateral right to modify this Privacy Notice. The modifications take effect immediately when an updated version of this Privacy Notice is posted to our website.
Controller:
Legal Gaming Oy
Business ID 3131447-5
Contact:
Minna Ripatti
|
PURPOSE OF PROCESSING |
LEGAL BASIS FOR PROCESSING |
DATA SUBJECTS AND PERSONAL DATA |
|
Contract: Performing contract to which LG is party |
Clients: (i) contact details, (ii) data related to our relationship, (iii) other data disclosed to us |
|
Contract: Performing contract to which LG is a party |
Business partners and potential business partners: (i) contact details, (ii) data related to our relationship, (iii) other data disclosed to us |
|
Legitimate interest: Manage and develop LG’s client relationships and further develop our business operations You have a right to opt-out of direct marketing each time we provide marketing to you. |
Clients and potential corporate clients: (i) contact details, (ii) data related to our relationship, (iii) other data disclosed to us |
|
Our legitimate interest: to manage our jobseekers |
Jobseekers: (i) contact details, (ii) data related to our relationship, (iii) other data disclosed to us, (iv) videos and pictures, (v) CV data |
|
Our legitimate interest: to manage contacts made to us |
Contacts: (i) contact details, (ii) data related to our relationship, (iii) other data disclosed to us |
|
Our legitimate interest: to manage newsletter subscriptions |
Subscribers: (i) contact details |
|
Legal obligations ⇒ to comply with several legal obligations, e.g. KYC and AML/CTF |
Clients and potential clients, business partners and potential business partners: (i) data related to our legal obligations |
|
Consent ⇒ Consent based on Act on Electronic Communications Services (917/2014) |
Visitors of our websites: (i) IP addresses |
|
PURPOSE FOR PROCESSING |
SOURCES OF INFROMATION |
|
See purposes (a), (c) and (g) above |
(i) Data subjects themselves, (ii) Business partners, (iii) Courts and other authorities, (iv) Public sources, such as the internet, postal services, Trade Register and population register |
|
See purpose (b) above |
(i) Data subjects themselves, (ii) Business partners, (iii) Public sources, such as the internet, postal services, Trade Register and population register |
|
See purpose (d), (e) and (f) above |
(i) Data subjects themselves |
|
See purpose (h) above |
(i) Cookies and other such technologies |
LG may transfer your personal data to third parties (e.g. to data storage service providers), as it is a part of normal business operations. When personal data is transferred to third parties, we ensure that we conclude adequate personal data processing agreements and safeguards in relation to the data transfers.
Your personal data may be transferred to our business partners, data storage service providers and communications services providers, accounting and auditing services providers and relevant authorities.
LG may transfer personal data outside the EU and the EEA. When doing so, we ensure adequate safeguards for the data transfer, such as standard contractual clauses and Privacy Shield arrangements.
|
PURPOSE FOR PROCESSING |
SOURCES OF INFROMATION |
|
See purposes (a) above |
Necessary data shall be retained for as long as it necessary for us to handle our client relationships. |
|
See purpose (b) above |
Necessary data shall be retained for as long as it necessary for us to handle our business partner relationships. |
|
See purpose (c) above |
Necessary data shall be retained until you opt out of direct marketing or we have an impression that you no longer want to receive our direct marketing. |
|
See purpose (d) above |
Necessary data shall be retained for a period of twelve (12) months once we receive the relevant job application. |
|
See purpose (e) above |
Necessary data shall be retained for a period three (3) years following the last time you were in contact with us. And for social media contacts the data shall be retained for as long as you delete your personal data from our social media pages |
|
See purpose (f) above |
Necessary data shall be retained for as long as the data subject wants to receive our newsletter. |
|
See purpose (g) above |
Necessary data shall be retained for as long as we have a legal obligation to hold on to that data. |
|
See purpose (h) above |
Data retention period depends on each cookie and other technologies. |
We inspect the necessity of the personal data stored regularly and keep records of the inspections.
The data subject has a right to use all of the below mentioned rights. The contacts concerning the rights shall be submitted to the contact details stated in Section 2. The rights of the data subject can be put into action only when the data subject has been satisfactorily identified.
|
RIGHT |
DESCRIPTION |
|
Right to inspect |
The data subject has the right to inspect what, if any, data the controller has stored of her/him. |
|
Right to rectify and erasure |
The data subject has a right to request the controller to rectify or erase the personal data concerning the data subject on the grounds provided by law. |
|
Right to restriction of processing |
The data subject can request the controller to restrict the processing of the personal data concerning the data subject on the grounds provided by law. |
|
Right to data portability |
The data subject shall have the right to receive the personal data concerning her/him, which he/she has provided to the controller, in a structured, commonly used and machine-readable format where the processing is based on consent or a contract. |
|
Right to object |
Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning her/him for such marketing. Where personal data are processed on the basis of the legitimate interests of the controller, the data subject shall have the right to object the processing of personal data concerning her/him for such purposes in accordance with the law. |
|
Automated individual decision-making, including profiling |
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. |
|
Right to withdraw consent |
Where the legal basis for the processing of personal data is the consent of the data subject, the data subject shall have the right to withdraw her/his consent. |
Data subject shall also have the right to lodge a complaint with a competent supervisory authority, if the data subject considers that the processing of personal data relating to her/him infringes data protection laws.
LG uses e.g. the following data security measures: (i) personal data access is limited; (ii) we protect data with anti-malware, antivirus and other such software; (iii) each category of data has been assigned with a responsible party; (iv) we use up-to-date and reliable systems and services to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (v) we use up-to-date and reliable systems and services to ensure the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and (vi) we regularly assess and evaluate our personal data processing activities.