Privacy Policy

    1. Data Controller

    JTA Connection Oy
    Tuotekatu 8
    33840 Tampere, Finland
    tel. +358 3 273 1665

    2. Contact information for registry-related matters

    Jaakko Salmela, Operations Manager, tel. +358 45 6360611, jaakko.salmela(at)

    3. Name of Registry

    Recruitment register

    4. The Use of Personal Data

    Personal data is used for receiving, processing and storing job applications submitted to JTA Connection. Using personal data is necessary for recruitment purposes.

    Data submitted in recruitment forms is stored in the Recruitment register, technically implemented by a Service Agreement with C&Q Systems Oy (the Provider). Data collected in the form is used only for processing the application, responding to the applicant, and for creating a summary report. The system allows the managing of personnel’s and applicants’ personal data and the managing and analyzing their competence data for the purposes of training and professional development.

    5. Data Entered Into the Registry

    The Recruitment register only records basic data submitted in the recruitment form (name, address and other contact information, date of birth), data concerning the applicant’s curriculum vitae (education, special skills, work history, language skills, photo), specifications of the job applied for, data related to the job interview and testing, as well as the application sent as an attachment and other free-form information submitted.

    6. Regular sources of data

    Data is obtained from the Data Subject him/herself in the recruitment process or through the Data Controller’s activity in saving personal data or competence surveys in the system.

    7. Regular Disclosure of Data And Transfer

    The Data Controller can disclose personal data and reports from competence surveys to JTA Connection personnel only.

    8. Data Transfer Outside the EU

    No data is transferred outside the EU. C&Q Systems uses servers hosted by Festum Software Oy, located in Finland.

    9. Principles of Protecting The Register

    a. Manual material
    Manual material is stored in a locked space with access only for employees who need said material in their work.

    b. Electronic Information
    Electronic data are stored on JTA Connection’s network servers accessible only from computers within the organization or externally via a VPN connection. User access to them is available only to employees who need the data in their work.

    Applicant data is always confidential and will not be disclosed beyond the recruitment process. Confidentiality means that applicant data is accessible only by persons entitled to use the data.

    All web and software servers provided by C&Q Pro are secured with public SSL certificates. Login takes place via a secure HTTPS connection. The provider is responsible for securing its software services and operational environment against data security hazards by adhering to appropriate data security methods and practices. Detailed information is specified in the C&Q Systems Privacy Policy Statement.

    10. Right of inspection

    By request, a Data Subject has the right to inspect what personal data of him/her has been stored, to demand correction of incorrect data, and to request deletion of personal data in the register. The Data Controller is responsible for fulfilling these rights for the duration of the C&Q Pro network services contract. Upon expiration of that contract, unless otherwise agreed in writing, the Provider will deliver the Data Controller’s data to the Data Controller within 30 days upon written request.

    The Provider’s obligation to store Data Controller’s data expires one year after the expiration of their Service Agreement, and the Provider is obliged to delete the Data Controller’s data, unless requested in writing by the Data Controller to save it. However the Provider has the right to delete or save Data Controller’s data to the extent obligated by law or statute.

    The inspection request must be addressed in writing to: tietosuoja(at)

    The inspection request must include:

    Data Subject’s name
    the nature of the Data Subject’s connection with the Data Controller (e.g. employment)
    period of time the data pertains to

    Upon receiving the request the Data Controller will respond without delay, no later than 30 days after receiving the request. Then an appointment is made for the Data Subject to retrieve, upon verification of identity, the data specified in the request from the Data Controller.

    11. Right to rectification

    A Data Subject has the right to rectify incorrect recorded personal data. The Data Controller has the responsibility to inform how a correction request is made and where it is to be addressed.

    12. Duration of Data Processing

    The data in the Recruitment register is stored for 2 years. Upon the Data Subject’s request, as defined in the law, the data can be removed earlier.

    13. Informing the Data Subjects

    The privacy policy is published on the JTA Connection website.