Register databases in Isoharja Oy
Registry database for Isoharja Oy (later Isoharja), consisting of following parts:
● customer register
● project database
● recruiting applications
● register for other web queries
The person responsible for the registry is Eero Vainionpää.
His responsibilities for ensuring that the registry is used for intended purposes include:
● check access rights frequently
● ensure proper security measures (including security updates)
● ensure that database users have adequate instructions for using the registry
The person responsible for registry details is CTO Eero Vainionpää.
His responsibilities are to maintain access rights for users, give out information about the registry and inform customers about their rights for checking and updating their data.
The registry contains a database of Isoharja’s customers and partners, both companies and persons for maintaining business relationships.
The registry is used for producing services for customers and partners. The registry data is also used for marketing and dissemination targeting companies and persons. Anonymous usage data is used for research and statistics.
The registry is also used for project management, processing recruiting applications and other data received from webforms applicable for our operations.
The data stored in the registry consists of the following details:
● first and last names
● company or organization and department name
● address details
● phone, mobile numbers
● email addresses
● internet addresses
● target language
● customer history, log data
● recruiting application information
● information in attachments
● all additional details given through webforms
The register consists of several parts and not all parts contain the previous details.
The data is received directly from customers: companies, organizations and private
persons. Additionally public databases may be used as source.
Personal data will not be shared with third parties otherwise than permitted by current legislation. The data is stored in both EU/ETA server facilities as well as facilities outside the EU/ETA region. Isoharja maintains contracts with all of its service providers and data processors which state that they will adhere to EU General Data Protection Regulations. Anonymous data (excluding names and identifying details) may be exported for research purposes.
The registry is accessed, maintained, and edited by Isoharja personnel. Access to the registry is restricted and only available with a personal account and password combination. The account username is granted when access to the registry is opened and will be closed when the employees’ contract is terminated or if the employee is assigned to a different role in Isoharja.
The registry is solely for Isoharja’s use. Any updates will be performed by data submitted by customers or data available via public access.
All data in the registry is used only by Isoharja. Several service providers provide servers and storage space where the registry is stored. Servers are in secure facilities with no unauthorized access.
Registry data is stored on a usage basis, archiving is not in use. The data is stored for the period for which the data is needed for the registry. Any expired data is deleted manually.
In connection with signing up for events, newsletters or providing personal details
Persons have the right to inspect, correct or remove their stored data by request. The registry does not have classified person data. Person data is usually validated when entered (either through public databases or other public sources) or periodically.
Companies or persons can request correcting their data by request to the register owner.
Requests can be made at this address:
The request will be replied to as soon as possible and then carried out. The registry does not include data for which these requests cannot be carried out.
No data is exported or disclosed from the registry without written consent from the
customer company or person.
Eero Vainionpää is the owner and maintainer of the registry.
The maintainer is responsible for
● usage policy and data model of the registry, granting access rights, informing registered persons, responding to requests for data inspection and maintaining data integrity
● technical administration of the registry
● security, archiving and backups, also any data deletions
● naming any additional responsible persons for the registry
Internal usage guidelines are maintained separately. Training is provided regularly