Privacy Notice
This Privacy Notice applies to visitors of the website of Genomill Health Oy (hereafter “Genomill or “we”), https://genomill.com (hereafter “visitors” or “you”). It describes how we collects and processes your personal data when you visit the pages of genomill.com website or portions thereof.
We are dedicated to protecting the visitors’ privacy under applicable laws and regulations.
Last updated 2024-04-08.
If you apply for a position with us, please review our Job Application Privacy Notice.
Controller
Company name: Genomill Health Oy
Finnish business ID: 2727877-4
Address: Itäinen Pitkäkatu 4 B, FI-20520 Turku, Finland
Email: info@genomill.com
Contacts and requests concerning this privacy policy must be submitted in writing to the email address given above.
Purpose and legal basis for processing personal data
We process personal data for analytical purposes. We have a legitimate interest to monitor our website traffic as our business grows, e.g. via means of evaluating the efficiency of our public and scientific outcomes to raise the general public’s interest in us.
Processing data
We process the following technical personal data to monitor the traffic in our website:
- Visiting time
- Remote IP
- Cookies
- Network identifiers
Additionally, if you contact us via the website’s contact form, we also process the following personal data disclosed by you:
- Name
- Email address
Sources of data
We monitor our website using cookies and Google Analytics. A cookie is a small file that is downloaded to the visitor’s device upon visiting our website, saving your preferences and consent and, collectively, enable us to monitor the traffic in our website.
We process your correspondence personal data as disclosed by you if you contact us using the website’s contact form.
Disclosing personal data with third parties
Personal data is not disclosed with third parties.
Protection of personal data and retention period
Only those of our employees, who on behalf of their work have the right to process personal data, are entitled to use the systems containing personal data. The register is protected with the necessary technical and organizational precautions. Each entitled user has a personal username and password to the system.
The data is collected into databases that are protected with firewalls, passwords and other technical measures. The database and its backups are kept in locked premises, and only predesignated personnel have access to the data.
We store your personal data only for as long as is necessary for the purposes of processing personal data. We assess the need to store personal data regularly considering the applicable regulations and legislation. Additionally, we take all the reasonable measures to ensure that no data that is obsolete, incorrect or incompatible for the purposes of the processing is stored in the register. We correct or ease such data without delay.
Your rights as a data subject
You have the right to inspect the personal data stored in the register concerning yourself and the right to demand rectification or erasure of the data. Insofar as the processing is based on consent, you also have the right to withdraw or change your consent. Withdrawing your consent does not affect the lawfulness of processing before the withdrawal of the consent.
You have the right to object or to demand restriction of the processing of your data and to lodge a complaint with the supervisory authority, which in Finland is the Office of the Data Protection Ombudsman (Finn. Tietosuojavaltuutetun toimisto); see https://tietosuoja.fi/en/home.
To exercise your rights regarding your personal data, please contact us at info@genomill.com.
Genomill Job Application Privacy Notice
An individual (“candidate”) applying for a position at Genomill is asked to provide certain information that may be used to identify the candidate, directly or indirectly, alone or together with other information (“personal data”).
Company information:
Genomill Health Oy
Finnish business ID 2727877-4
info@genomill.com
Last updated 2024-03-15.
Processing personal data during recruiting
Personal data collected by Genomill
- Identifiers voluntarily provided by the candidate: name, phone number, email address, gender, social networking information and other profiling data.
- Qualification data voluntarily disclosed by the candidate: CV, cover letter, education history, work experience, language skills, other information related to the application process.
- Other information voluntarily disclosed by the candidate.
- Contact information of the professional or personal references.
Personal data is collected and kept in Genomill’s contact email and team workspace (“Genomill’s systems”).
- Genomill’s email service is provided by Microsoft (Outlook) and the data is stored within their EU Data Boundary.
- Genomill’s team workspace service is provided by Atlassian (Confluence) and the data is stored in servers across the globe.
Retention period of the personal data
- Summer job applications and related personal data are retained in Genomill’s systems until the end of the following June in case further job opportunities arise or for resolving disputes.
- Other applications and related personal data are retained in Genomill’s systems for 12 months after reception.
- Personal data of a candidate who was not hired may be retained, with candidate’s permission, for a set period of time in case further job opportunities arise.
- Personal data of a hired candidate is retained throughout their employment.
Usage of personal data
Personal data of a candidate is only used for hiring process. If possible, personal data voluntarily disclosed by the candidate that is irrelevant for the hiring process is not processed.
Disclosing the candidate’s personal data
Within Genomill
Personal data related to hiring process can be accessed by the data organizer, top management and project management. Depending on the nature of the applied job, personal data may be further disclosed with the design & development, bioinformatics or laboratory technician teams.
Outside of Genomill
Personal data of the candidate is not shared with parties outside of Genomill.
Automated processing and profiling
At Genomill, the candidate’s personal data is not used in automated processing and the data is not used for profiling.
Candidate’s data security rights
Requests and inquiries on data security rights can be addressed to Genomill via email (info@genomill.com).
Right to be informed about processing of personal data
- The candidate has a right to know the purpose for processing their personal data.
- The candidate has a right to be informed about processing of their personal data.
- This document is intended to comprehensively describe how the candidate’s personal data is being processed at Genomill. Additional information and clarifications can be requested via email.
Right to access personal data
- The applicant has a right to know if their personal data is being processed at Genomill. If yes, they have a right to access a copy of that data.
Right to correct personal data
- The applicant has a right to request correction of the personal data.
- The applicant has a right to be informed when the necessary corrections have been made.
- Corrections are carried out without undue delay, but within 30 days of receiving the request.
- Any parties within Genomill who have been disclosed with the personal data earlier shall be informed about the corrections made.
Right to restrict the use of personal data
- The candidate has a right to request restriction of the use of personal data if the data is incorrect, processed in a manner not compliant with the applicable law or regulations, or if the candidate has objected the use of their personal data.
- In such case, personal data is only processed with the candidate’s consent, for legal reasons or for personal security of another person.
- Any parties within Genomill who have been disclosed with the personal data earlier shall be informed about the restrictions.
Right to be forgotten
- The candidate has a right to request the deletion of all their personal data from Genomill’s systems, which also cancels their hiring process.
- The candidate has a right to be informed when their data has been deleted.
- The deletion is carried out without undue delay, but within 30 days of receiving the request.
Right to lodge a complaint with a supervisory authority
- The candidate has a right to lodge a complaint with a supervisory authority if they believe there are issues with the data processing or that their rights have been violated.
- The supervisoryauthority of data protection in Finland is the Office of the Data Protection Ombudsman (Finn. Tietosuojavaltuutetun toimisto).
- Contact information of the Office of the Data Protection Ombudsman can be found at their website, https://tietosuoja.fi/etusivu.
Legal grounds
Processing of personal data is based on the following laws and regulations:
- General Data Protection Regulation (EU 2016/679, “GDPR”) Article 6(1c)
- Finnish Act on the Protection of Privacy in Working Life (759/2004)