Contact

Privacy policy

Dated 19.11.2025

The Solutions Fund Effekt everyone's privacy and complies with legislation on the processing of personal data in its operations. These privacy principles provide information about the privacy protection and processing of personal data on Effekt's websites and services. Personal data refers to all information that can be used to identify a person.

Effekt that the personal data it processes is accurate, adequate, and up to date for its intended use. Customers always have the right to correct any deficiencies or errors in the data or request that their data be deleted. For questions regarding the processing of personal data, please contacteffekt.

Data subjects always have the right to contact or complain about the processing of their personal data to the Data Protection Ombudsman: https://tietosuoja.fi/etusivu. When contacting or complaining, the person may be asked to verify his or her identity.

Controller and processor of personal data

The controller is the person or organisation that determines for what purpose and in what way personal data is processed.

A processor is a person or organisation that processes personal data on behalf of a controller.

Data controller: The Solutions Fund Effekt

Personal data processor: The Solutions Fund Effekt with regard to websites and customer registers. The Solutions Fund Effekt may use third parties as processors in accordance with the terms and conditions of separate service agreements.

Name of the register: The Solutions Fund Effekt customer register

Purpose of processing personal data

We process personal data for customer relationship management, the provision of products and services, marketing and to identify the needs of our customers, partners and suppliers and to collect feedback.

We also process personal data for marketing purposes and in a customer or cooperation relationship, for example for billing or contract management.

We also process personal data when recruiting job applicants. More information at the end of this document.

Grounds for processing personal data

Personal data is processed in accordance with the EU General Data Protection Regulation ("GDPR") and applicable national law. Personal data will only be processed on the basis of the law and for the purposes set out above.

The legal basis for processing personal data is:

Fulfilling the agreement between The Solutions Fund Effekt and the customer; providing requested information, responding to contact requests.

Consent of the client (or jobseeker).

Legitimate interest of the controller. Providing information about The Solutions Fund Effekt products and services, for example, responding to contact requests or processing job applications.

The legitimate interest of the controller to investigate and correct errors, prevent misuse of our online services and other services.

Personal data are deleted or rendered anonymous (anonymisation) when the personal data are no longer needed for the purpose for which they were collected. Personal data may be erased upon request in accordance with applicable data protection legislation.

What information is stored

Our register contains the first and last names, title, telephone numbers, office and/or home addresses, email addresses and IP addresses of the individual. We also keep details of contracts and their dates. We do not store sensitive personal data.

Data sources

We collect personal data directly from our customers through meetings, phone calls, messages received via social media and emails. We also collect information through the use of our website, contact forms, requests for materials in newsletters, analytics tools, web cookies and similar means. We do not collect sensitive personal information.

We also collect data through the following services and systems: customer relationship management (CRM) systems, survey tools, email list services, marketing and sales tools such as Hubspot, chat tools and enterprise resource planning (ERP).

The aforementioned systems may be maintained by The Solutions Fund Effekt or a third party, in which case the third party is also a processor of personal data.

We collect personal data through our website and social media services. These services include, for example, LinkedIn.

Who has access to personal data and how personal data is shared

Only a limited number of our staff have access to personal data. All these persons are bound by confidentiality. Third party processors are bound by service contracts and applicable data protection legislation.

Even outside Finland, local mandatory legislation may oblige us to provide personal data to public authorities. We will always comply with official regulations and applicable law.

Personal data may be transferred as a result of a sale, merger or restructuring of the company or its business in accordance with applicable law.

Personal data is stored on servers located in the European Union or the European Economic Area. Personal data may be temporarily transferred outside the European Union or the European Economic Area in accordance with applicable law, for technical reasons or due to the location of the service provider. As a general rule, such personal data are IP addresses, but may also include other identifiers. Such transfers of personal data may be made to countries with an adequate level of data protection or subject to standard contractual clauses approved by the European Commission. In implementing the Standard Contractual Clauses, we may use necessary measures to protect personal data. Under the standard contractual clauses, the data subject has the right to request information about the transfer of personal data.

Where personal data is stored

Personal data is stored in a cloud-based hosting service within the European Union or the European Economic Area. Cloud and analytics services may copy data to servers outside the European Union and the European Economic Area in accordance with applicable law.

How personal data is protected

We use appropriate, reasonable and economical technical and organisational security measures to protect personal data against accidental loss, to protect access to personal data from unauthorised persons and to ensure that personal data can only be accessed, modified and processed by authorised persons. We expect the same from our business partners and service providers.

Access to personal data is restricted to staff who have a legitimate need to process personal data in the course of their duties. Access to office premises is restricted to staff only. In defining the security measures, we have taken into account the potential damage or threat to personal data and the potential sensitivity of the data.

Rights of the data subject

In accordance with the legislation in force, the data subject has the following rights in relation to personal data:

The right to be informed about the processing of personal data.

The right of access to personal data and the right to obtain confirmation of whether personal data have been processed.

The right to request the rectification of inaccurate or incorrect personal data.

The right to erasure when the personal data are no longer necessary for the purposes for which they were collected, when the processing is no longer necessary for the purposes of legitimate interests, or where the processing is unlawful or necessary for compliance with the law.

The right to restrict the processing of personal data where the accuracy of the data is contested, where the processing has been unlawful or where the controller no longer needs the data but requires restriction of processing instead of erasure, or where the ground for processing the personal data has not yet been ascertained.

The right to object to the processing of personal data, in which case the controller must state the grounds and verify the legitimate interest on the basis of which the personal data are processed.

A written request to exercise your rights should be sent to effekt. The person making the request must verify their identity.

Prohibition of direct marketing

You can opt-out of direct marketing and request to stop processing your personal data for marketing purposes via the links provided in direct marketing messages.

Changes to the data protection principles

We will post any changes to this Privacy Policy on our website, where an up-to-date document is available. We encourage you to check back regularly for any changes. If material changes are made to the privacy policy, we may also send information about them to data subjects by email or on social media channels.

On the processing of personal data of jobseekers

We process personal data of job applicants in our recruitment process for the purposes of assessing their suitability and contacting them. Without personal data, we cannot process applications.

The register of job applicants contains the following personal data: name and surname, title, telephone number, address, e-mail address, date of birth, photograph, CV, status of the recruitment process. We keep the data of job applicants sent to us for 12 months, after which it is deleted. If the job applicant is recruited, the applicant's data will be transferred to the register of employees, where they will be kept for the duration of the employment relationship or until there is no reason to process them.

We only collect job search information from the applicant and from references provided by the job applicant. Information may be collected, for example, from CVs and job applications, as well as from job interviews.

We follow similar methods to protect the personal data of job applicants as we do for our employees and customers. This information is stored in human resources information systems and is shared within our organisation only for recruitment purposes and with staff whose job description requires them to process personal data in the course of their work. Personal data of job applicants will not be shared with third parties.

The personal data of job applicants is stored in a cloud service with servers located in the European Union or the European Economic Area. Cloud and analytics services may copy data to servers outside the European Union and the European Economic Area in accordance with applicable law.

By submitting a job application, you consent to the processing of your personal data as described above.