When you use our services, you trust us to manage your information appropriately. We understand that this is a great responsibility and work very hard to keep your information safe and under your control. The purpose of a data protection policy is to help you understand what kind of data is collected and why and how you can update, manage, transfer and delete data.
Data Protection Policy for clients
This Data Protection Policy is applied to the user and customer directories and marketing register of Eilakaisla Oy’s (”Eilakaisla” or ”we”) services and websites (”Services”) Weople Oy, a part of the Eilakaisla Group, is responsible for the Weople service.
This Data Protection Policy specifies the manner in which we process the personal information relating to clients, potential clients and their representatives (collectively ”Clients”), who use the Service.
A separate data protection policy may apply to some of our services. In the event that a separate data protection policy is applied to a specific service, said policy will be published along with the service in question.
We reserve the right to update this policy when necessitated by changes in processing methods or other reasons. A current and updated version can always be found at https://www.weople.hr/en/privacy. We will not make significant changes to this Data Protection Policy or limit the rights of Clients described in this Data Protection Policy without notice.
Please note that this Data Protection Policy applies to the processing of personal information that is performed by Eilakaisla as data controller. If, in the course of offering Services to Clients, Eilakaisla processes certain personal information on behalf of a client, the client in question is deemed to be the data controller. In such an event such processing of information is covered by the client’s data protection policy or other documentation that is used to inform the registered users about the processing of information by the data controller.
Data controller contact information
Types and sources of collected personal information
We collect two types of data about our Clients: (i) Client Data; and(ii) Analytical Data.
Client Data is personal information that Eilakaisla collects directly from you. Eilakaisla collects and processes the following Client Data: (i) name and contact information (incl. user name and password); (ii) organization and title; (iii) email address; (iv) desired language of communication and method of contact (v) contacts; (vi) billing and payment information; (vii) information relating to your commission and use of Services or interest in our Services (iix) marketing bans and marketing consents.
Most of the Client Data is obtained directly from the Client during the sign-up process or while using the Service. Additionally, personal information may be collected and updated from public directories and from operators who offer related services.
While we do not normally use Analytical Data for identification purposes, there may be times when they can lead to an individual being identified either directly or when connected to or combined with Client Data. In such instances Analytical Data is considered personal information in a legal sense and we process the connected data as personal information.
Analytical Data that we may collect automatically when you visit or use Eilakaisla Services include:
You can disable cookies or set up a cookie warning in your browser’s settings. Below are some links to information about how to change your cookie preferences in the most popular browsers.
Please note that some parts of our Service may not work correctly if cookies are disabled.
Web analytics services
We use Google Analytics and other web analytics services to generate Analytical Data and reports about user behavior on our Service website to continue improving our Services. For more information about Google Analyticsis, visit the Google Analytics website. To opt out of Google Analytics data collection, install the following add-on to your browser: Google Analytics opt-out add-on.
Purpose and grounds for data collection
Eilakaisla processes personal information for the following purposes:
To offer our Services and to meet our contractual obligations.
We process your personal information to offer Eilakaisla’s Services and to meet our contractual obligations to our Clients and to operate, maintain and develop our business.
We use the information, for example, to process payment transactions and to provide essential information about a Client’s job posting to applicants.
For marketing and customer communication purposes
We may process personal information to contact our Clients about matters relating to our Services and to notify them about changes to our Services and for marketing purposes. If you contact us through our chat service, we use the information you provide to answer your questions, resolve potential issues and process your message.
Quality enhancement and trend analysis
We may process information relating the use of our Services to enhance the quality of our Services through, for example, the analysis of different trends related to the use of Services. Whenever possible, we use composite information that makes it impossible to identify individuals.
Grounds for processing
We process personal information to meet our legal obligations and our contractual obligations to our Clients. Additionally, we process personal information on the grounds of a legitimate interest to operate, maintain and develop our business and to build and maintain customer relations. When we process your information on the grounds of a legitimate interest, we weigh our legitimate interests against your right to privacy.
In some parts of the Services, we may ask our Clients to consent to the processing of personal information. In such instances the Client may withdraw their consent at any time.
Transferring to countries outside Europe
Your personal information is stored within the EEC and we never disclose or transfer your personal information to locations outside the EEC.
Recipients of personal information
We do not disclose personal information to third parties outside the Eilakaisla organization unless one of the following conditions are met:
Disclosure is necessary for uses described in this Data Protection Policy.
Insofar as the needs of third parties to access personal information in order to perform Services are concerned, Eilakaisla has put up appropriate contractual and organizational measures to ensure that personal information is processed only for the purposes described in this Data Protection Policy and is done in full compliance with relevant legislation and regulation.
We may disclose personal information to third parties outside the Eilakaisla organization, if accessing and exploiting personal information is deemed necessary within reason to (i) comply with any applicable legislation, regulation and/or court order; (ii) detect, prevent and handle fraud or information security or technical issues and/or (iii) secure the interests or property or ensure the safety of Eilakaisla or our Clients or safeguard public interest in accordance with legislation. Whenever possible, we notify Clients about such disclosure and processing.
To authorized service providers
We may disclose personal information to authorized service providers who provide services for us (including subcontractors who provide data storage, sales, marketing and customer support services). According to the obligations defined in our contracts with our service providers, they agree to comply with, or exceed, the privacy and data security standards defined in this Data Protection Policy.
For other justifiable reasons
In the event that Eilakaisla becomes a party to a merger, a divestiture or an acquisition, we may disclose personal information to a third party involved in the transaction. We will, however, ensure the confidentiality of all personal information. As soon as we are reasonably able to, we will notify those Clients whose information is affected by the transaction or falls under a different data protection policy.
By express consent
We may disclose personal information to third parties outside the Eilakaisla organization for reasons other than those listed above when we have the Client’s express consent to do so. The Client has the right to withdraw their consent at any time.
Eilakaisla does not retain personal information longer than is legally permissible and only as long as is necessary to provide Services or parts thereof. The retention period is dependent on the nature of the information and the purpose of processing. As such, the maximum period of retention can vary by case.
As a rule, Client Data pertaining to your use of the Services is wiped out within a reasonable period after you have discontinued the use of our Services. We retain Client Data for as long as the Client is registered in our Services as a user or as long as we are legally obligated to do so or there is a legal reason for retaining the information, such as the handling of claims, internal reporting, marketing or accountability.
We retain Analytical Data for 12–26 months. After which time Analytical Data is anonymized.
The rights of a client
Right to access information
You have the right to access personal information pertaining to you that we process. The Client can contact us and we will disclose to the Client what personal information pertaining to the Client we have collected.
Right to withdraw consent
If processing is based on Client consent, the Client may withdraw said consent at any point. Withdrawal of consent may limit the Client’s ability to use our Services. Withdrawal of consent does not affect the legality of personal information processing performed prior to withdrawal.
Right to request rectification of information
The Client has the right to contact us to request us to rectify or supplement faulty or outdated personal information retained by us. You may rectify or update some personal information pertaining to you in the Services through your user account.
Right to request deletion of information
The Client can ask us to delete their personal information from our systems. We perform the requested actions, provided we do not have a justifiable reason to not delete the information.
Right to object
The Client can object to the processing of their personal information, if the information is used for purposes not related to offering our Services or meeting a legal obligation. If we do not have a justifiable reason to continue processing the information, we will stop processing it after you have objected to it.
Right to restrict the processing of information
The Client can request us to restrict the processing of their information when, for example, your deletion or rectification request or objection is being processed and/or we do not have a justifiable reason to process your information. The restriction request may limit your ability to use our Services.
Right to transfer data from one system to another
The Client is entitled to receive their personal information in a structured and commonly used format and to independently transfer the information to a third party.
The Client can exercise the rights mentioned above by sending a letter or email to one of the addresses listed above with the following information: Client’s full name, company name, address, email address and telephone number. We may ask for additional information that is relevant for identification purposes. We may reject requests that are repeated at unreasonable intervals, are excessive or are clearly unfounded.
Regardless of whether the Client has in advance consented to direct marketing, the Client has the right to prohibit us from using the Client’s personal information for direct marketing, market research and direct marketing profiling purposes by contacting us using the contact information listed above or by using the functionalities of the Service or the unsubscribe option provided in direct marketing messages.
Filing a complaint
If you perceive that we process personal information in a way that is not in compliance with applicable data protection legislation, you can file a complaint with local authorities.
We use administrative, organizational, technical and physical security measures to protect the personal data we collect and process. These include data encryption, passwords, firewalls, protected facilities and systems protected by limited access rights. Our security measures are designed to maintain appropriate levels of security to ensure the confidentiality, integrity, usability, retrievability and survivability of the information We regularly test our Service, systems and other equipment for vulnerabilities.
If, regardless of our security measures, a data security breach occurs that is likely to adversely affect the privacy of Clients, we will notify the affected Clients and other affected parties in a manner defined by relevant legislation, and the authorities, if required by relevant data protection legislation, of the breach as soon as possible.
These usage terms apply to corporate clients of Weople Oy’s Service. Weople Oy is a part of the Eilakaisla Group These terms form a part of the Contract between the Client and Eilakaisla In the event that a discrepancy exists between these terms and the Order, the Order shall prevail.
”Client” refers to a business or organisation, named in the Order, that has placed an order with Weople for the use of the Service.
”Clien Data” refers to material or information that Users upload to the Service.
”Immaterial Rights”refer to copyright, neighbouring rights (including database, directory and image rights), patents, utility models, design rights, trademarks, trade names, trade secrets, know-how and other registered or unregistered immaterial rights.
”User” refers to a Client employee, for whom, based on the Order, a user account has been created for in the Service for the purpose of using the Service.
”Party ” refers to the Client or Eilakaisla (together ”Parties”).
”Service” or ”the Weople Service” refers to the giving and receiving, through Eilakaisla’s Weople system, of information relating to recruitment, placement, reception, office, outplacement, consulting and aptitude assessment services.
”Agreement” refers to these general terms and Orders between the Parties.
”Order” refers to a written or electronic order, that the Client has placed and Eilakaisla has accepted, for providing the Service to the Client.
”Eilakaisla” refers to Eilakaisla Oy (business ID 0105926-6).
2. The Weople Service
2.1. The User can use the electronic recruitment system to order Eilakaisla Services consistent with the Agreement.
2.2. Weople is a recruitment system that a business or organisation can use to:
a) create job postings
b) send to or promote job postings in multiple channels and recruitment medias
c) receive applications to open positions
d) evaluate applications as well as sort and select applicants,
e) communicate with applicants and book interviews,
f) save interview frames and memos,
g) book electronic cut-e (a part of the Aon Group) aptitude assessments for applicants and receive the resulting applicant reports,
h) search the Weople / Eilakaisla applicant pool for potential candidates
i) as well as manage company data, users, payment methods and other essential information.
Weople / Eilakaisla reserves the right to make changes to the service.
2.3. The User is expected to immediately upon commissioning Eilakaisla’s services provide to Eilakaisla all the information necessary for Eilakaisla to assist the User as effectively as possible.
3. Right to use the Service
3.1. The Client has the right to use the Service as described in this Agreement during the contract period.
3.2. The Client shall only use the Service in the manner described in this Agreement. The Client agrees to refrain from using the Service for unlawful or unauthorized purposes.
3.3. The Client and the User may not:
a) copy, edit, distribute, make available to the public, sell, rent, sub-license the Service or parts thereof or in other ways give third parties access to the Service;
b) circumvent or attempt to circumvent the Service’s copy protection;
c) reverse engineer the Service, unless permitted by mandatory legislation;
d) use the Service for unlawful purposes;
e) use the Service to infringe or violate the Immaterial Rights or other rights of third parties; or
f) use the Service for the distribution of viruses or other malware.
3.4. Eilakaisla owns the Immaterial Rights to the Service and the usage analytics of the Service. This Agreement does not constitute the transfer of Eilakaisla’s Immaterial Rights to the Service or other Immaterial Rights to the Client.
3.5. The Client is responsible for ensuring that it has the IT equipment, software and connections to use the Service.
3.6. The Client shall not use the Service for the storage or backup of any information.
4. User accounts
4.1. The person signing or in another manner approving the Agreement for the Client confirms that he/she has a lawful right to represent the Client and access Client information within the Service.
4.2. The Client manages its users and creates the desired number of user accounts for the use of the Service.
4.4. The Client shall prevent unauthorized use of its user accounts linked to the Service and keep log-in details confidential. The Client is responsible for all the actions that are performed using the Client’s user accounts.
4.5. The Client must immediately notify Eilakaisla of any unauthorized use of the user accounts.
4.6. The Client must within the Service supply to Eilakaisla current and accurate information required for creating user accounts, maintaining contact and billing. The Client agrees to keep the information current
5. Client Data
5.1. Immaterial Rights to Client Data are owned by the Client. Eilakaisla has the right to use Client Data in order to provide Services to the Client. The Client is responsible for ensuring that Client Data can lawfully be used for purposes outlined in this Agreement.
6. Processing personal information
6.1. Eilakaisla collects personal information concerning the Client’s order and Service usage in order to offer the Client Services and for other purposes consistent with Eilakaisla’s data protection policy. Such information includes names, contact details and payment details. Commensurate with its data protection policy, Eilakaisla processes this information in its role as data controller. Eilakaisla’s data protection policies can be found at https://www.weople.hr/en/privacy.
6.2. If Client Data includes personal information, the Client is the data controller and Eilakaisla processes, by offering the Service to the Client, this personal information on behalf of the Client for purposes outlined in this Agreement during its contract period. Such information can include information embedded in Client Data (for ex. contact details) and related to clients or employees of the Client.
6.3. If Eilakaisla processes personal information on behalf of the Client:
a) the Client acts as the data controller as defined by EU regulation 2016/679 regarding the protection of natural persons when processing personal information and the free movement of such information (“Data Protection Regulation”) and/or any other applicable national data protection legislation and is responsible the lawfulness of the collection, processing and application of personal information, the accuracy of personal information and the protection of the rights of the individuals whose information is being handled. The Client must inform, in the scope defined by legislation, the involved persons that their personal information is being processed by Eilakaisla and, if necessary, obtain their consent.
b) The Client is aware that due to the nature of the Services, Eilakaisla is not able to monitor nor is it obligated to confirm or verify personal information that the Client transfers to be processed by Eilakaisla when the Client uses the Service.
c) Eilakaisla shall not use the personal information for any other purpose than offering the Services. Eilakaisla shall process personal information in a manner outlined in this Agreement and the Client’s written instructions. The Client’s instructions must be professionally reasonable, compliant with applicable data protection regulation and consistent with this Agreement. If Eilakaisla observes that any instruction from the Client is inconsistent with EU or any other applicable data protection legislation, Eilakaisla is not obligated to comply with said instruction.
d) Considering the prevailing level of technological development, implementation costs and the nature, scope, context and purpose of the processing performed by Eilakaisla and the variety in the probability and severity of the threat to the rights and freedoms of the individuals, Eilakaisla implements technical and organizational measures to ensure a level of security that is equal to the threat for protecting the personal information from unauthorized and unlawful processing and from corruption and, especially, from accidental or unlawful destruction, deletion, modification, unauthorized release or access.
e) When responding to the requests of individuals exercising the rights outlined in data protection legislation (these rights include the right to access information and the right to the rectification or removal of information, the Client must primarily use the functions of the Service. If the Client requires additional help in responding to the requests, Eilakaisla shall, considering the nature of processing, assist he Client in a professionally reasonable manner and without undue delay. Additionally, Eilakaisla shall, in a professionally reasonable manner and taking into consideration the nature of the processing and the information available to Eilakaisla, assist the Client in ensuring that the Client meets the requirements of applicable data protection legislation for the performance of security and data protection evaluations, data security breach notifications and prior consultations of competent regulatory authorities. If providing assistance requires measures on Eilakaisla’s part, the Client shall reimburse Eilakaisla a reasonable sum for the processing of the Clients request for assistance.
f) Additionally, Eilakaisla ensures that:
• individuals, who process personal information have committed themselves to confidentiality or are under a statutory obligation of confidentiality.
• when Eilakaisla contracts a Sub-Processor to process personal information on behalf of the Client, the contract includes terms that are essentially in line with the terms of this Agreement.
g) The Client accepts that in order to provide Services, Eilakaisla or Eilakaisla’s Sub-Processors may process or have access to personal information outside the Client’s country of location. If the processing is governed by any EU data protection regulation and personal information is transferred from the European Economic Community (”EEC”) for processing or otherwise to a country outside the EEC and not determined by the European Commission to offer adequate levels of data protection, Eilakaisla shall adopt appropriate protective measures using standard contractual clauses approved by the European Commission or by using other appropriate GDPR compliant measures relevant to the transfer.
h) The Client and an auditor authorized by the Client have the right, with Eilakaisla’s assistance, to review Eilakaisla’s handling processes outlined in this Agreement to evaluate Eilakaisla’s compliance with the terms of this Agreement regarding the processing of personal information, and Eilakaisla will provide to the Client all information required for demonstrating compliance with the obligations outlined in this section 6.3. The Client is responsible for the costs incurred by the Client and Eilakaisla in the process of performing such an audit.
i) If the audit by Eilakaisla’s evaluation leads to the disclosure of Eilakaisla’s trade secrets or threatens Eilakaisla’s immaterial rights, the Client shall use an independent auditor that is not a competitor of Eilakaisla to perform the audit and the auditing specialist must commit to a non-disclosure agreement with Eilakaisla.
j) The Client shall give Eilakaisla a general authorization to use sub-contractors for processing in connection with providing the Service (”Sub-Contractors”).
k) Eilakaisla is free to choose and exchange Sub-Contractors at will. If requested, Eilakaisla must provide the Client with a current record of Sub-Contractors involved in the processing. If a Sub-Contractor is replaced or added at a later date, Eilakaisla must notify the Client of such changes. Upon notification, the Client has the right to request that a Sub-Contractor be replaced if the Client has reasonable grounds to oppose the change reported by Eilakaisla. If Eilakaisla is not willing to replace the Sub-Contractor that the Client has opposed, the Client has the right to terminate the Agreement.
l) Eilakaisla must give the Client written notification of all data security breaches involving personal information. Upon observing a data security breach, Eilakaisla must give said notification without undue delay. Additionally, Eilakaisla shall, in a commercially reasonable manner and taking into consideration the nature of the processing and the information available to Eilakaisla, assist the Client in mitigating the adverse effects of the data security breach.
m) Eilakaisla must permanently remove personal information from its storage devices within a reasonable time from the termination of this Agreement or after the Client has permanently discontinued the use of the Service unless Eilakaisla has a lawful obligation to retain personal information.
7. Pricing and payment methods
7.1. The Service’s monthly subscription price is outlined on the Service’s landing page at https://www.weople.hr/hinnoittelu/.
7.2. The Service’s service fees are charged in advance on a monthly basis. The fee is automatically charged against the credit card the Client has listed.
7.3. In addition to the Service’s monthly subscription fee, the Client can make one-time purchases within the Service, which will be charged against the credit card listed by the Client.
7.4. Value-added tax will be added to the prices charged to the Client according to the regulation currently in force.
7.5. Once a service fee or one-time purchase has been charged, it cannot be refunded to the Client. If the Client terminates the Agreement mid subscription, charged fees will not be refunded.
7.6. Eilakaisla retains the right to make changes to its pricing without giving reasonable notice to the Client prior to the changes taking effect. The changes will not effect subscription prices charged prior to the changes taking effect. If the Client objects the new pricing, the Client has the right to terminate the Agreement before the new pricing takes effect.
8. Suspending and changing the Service
8.1. Eilakaisla retains the right to suspend the Service for maintenance. If Eilakaisla suspends the Service, Eilakaisla will strive to notify the Users of the suspension in advance or, if this is not reasonably possible, immediately after Eilakaisla has been apprised of the reasons for the suspension.
8.2. In its effort to continuously develop the Service, Eilakaisla may change or remove features and functions of the Service without notifying the Client or Users in advance.
8.3. Eilakaisla retains the right to prevent the Client from accessing the Service without prior notice if Eilakaisla has reason to suspect the Client or a User has violated this Agreement.
8.4. Eilakaisla provides user support to Clients via the Service’s chat function as announced. All questions and notifications regarding the use of the Service are to be reported to Eilakaisla’s user support.
9.1. Both Parties undertake to keep the confidentiality of materials and information supplied by the other Party and to refrain from disclosing them to any third party or in other ways using them for purposes not consistent with this Agreement.
9.2. Confidential material does not include material that (i) is public knowledge at time of delivery or becomes public knowledge after time delivery by means other than the violation of this obligation, (ii) was demonstrably developed by the recipient without using confidential materials, (iii) was lawfully obtained as non-confidential from a third party, provided that said third party was not and has not been under obligation to keep the material confidential.
9.3. A Party must immediately cease the use of any confidential material and information obtained from the other Party and, if requested, return or destroy said material and information directly upon the termination of the Agreement or, if requested, sooner, if the Party no longer requires said material or information for purposes consistent with the Agreement.
9.4. This obligation of secrecy ends, when five (5) years have elapsed from the termination of the Agreement, unless a longer obligation to secrecy is required by the law.
10. Contracting period and termination
10.1. Details of the Agreement’s contracting period and termination have been specified in the Order.
10.2. Unless otherwise specified in the Order, this Agreement comes into effect on the Agreement’s date of acceptance and is in effect indefinitely. The Client may terminate the Agreement at any time with one (1) month’s notice.
10.3. To terminate the Agreement, the Client will in the Service disable the credit card listed in the Client’s user account as the preferred method of payment.
10.4. A Party has the right to terminate the Agreement in writing with immediate effect if the other Party substantially violates this Agreement and does not remedy the violation within 30 days of receiving from the other Party a request to do so. A payment delay of more than 30 days on the part of the Client is considered a substantial contract violation.
10.5. The Client must discontinue using the Service immediately upon the termination of the Agreement.
11. Limited liability
11.1. The Services are provided as is. The Parties are not responsible for direct or indirect damages to the other party. Limited liability is not applicable to damages caused deliberately or by gross negligence.
11.2. Eilakaisla’s contractual liability is limited to the amount that the Client has paid to Eilakaisla based on this Agreement during the six (6) months preceding the damage.
12. Applicable legislation and resolution of disputes
12.1. This Agreement is governed by Finnish law, excluding regulation regarding choice of jurisdiction.
12.2. Disputes regarding this Agreement shall be definitively resolved by arbitration, in accordance with the Finland Chamber of Commerce rules of arbitration. The number of arbitrators shall be one. The seat of arbitration shall be Helsinki.
13. Amending the Agreement
13.1. Eilakaisla may amend this Agreement by notifying the Client, via client bulletins or other written forms of communication, of the amended Agreement 30 days prior to the new Agreement taking effect, and the Client has the right to terminate the Agreement prior to the Agreement taking effect by notifying Eilakaisla in writing.
14. Transferring the contract
14.1. Eilakaisla retains the right to transfer this Agreement and the rights and obligations described in the Agreement to its subsidiary or the transferee/buyer of a business transfer/divestiture without the Client’s consent.
14.2. The Client does not have the right to transfer this Agreement or rights based on this Agreement to a third without acquiring written approval from Eilakaisla in advance.
15.1. All notifications regarding the Agreement must be delivered via post or email to the address the receiving Party has specified in the Order. If a Party’s contact information changes, the other Party must be notified without undue delay.
16.1. Eilakaisla has the right to use subcontractors in order to provide the Service.
17.1. The Parties may use the other Party’s name or logo for marketing or other purposes.
18. Interpretation of the Agreement
18.1. If a clause included in this Agreement is considered unenforceable, it will not influence the validity of the other clauses of this Agreement.
18.2. This Agreement constitutes the entire agreement of the Parties relating to the subject matter addressed in this agreement.