Privacy policy

Data privacy policy

Staffmax Oy and Doormax Oy are aware of their responsibility as a registrar and will handle personal data according to valid legislation and authoritative instructions in order to realize sufficient level of data privacy and data protection.

This data policy provides information on the handling of personal data.

Primary registar

Name: Staffmax Oy
Address: Lapinkävijäntie 11 C 76, 96100 Rovaniemi, Finland
Telephone: 050 344 1973
Email: [email protected]

Shared registar

Name: Doormax Oy
Address: Lapinkävijäntie 11 C 76, 96100 Rovaniemi, Finland
Telephone: 050 344 1973
Email: [email protected]

Contact person

Name: Henry Hynynen
Telephone: 050 344 1973
Email: [email protected]

Purpose and reason of handling personal data

Personal data will be handled for acting out customer contracts and agreements, offering job applicants and employees to customer enterprises, fulfilling obligations concerning the employer, developing customer service, as well as customer communication and sales and marketing purposes.

According to the General Data Protection Regulation of the European Union (GDPR), the purpose of handling personal data is the legitimate benefit of the registrar. The handling of personal data to fulfill the employer’s obligations is in accordance with legislation.

Personal data to be handled and preservation times

Customer information (corporate and personal customers)

  • Name and business ID of enterprise or name, personal ID and postal address of personal customer
  • Name and contact information of corporate representative (e.g., email address and telephone)

Customer information will be preserved 12 months after the ending of customer relationship.

Employee information

  • Name, personal ID and contact information (e.g., postal address, email address and telephone)

Employee data will be preserved according to the preservation time required by valid legislation, always at least 10 years from the ending of the accounting period.

Data about job applicants will not be gathered in a separate register, and application documents can be preserved for a maximum of 12 months.

Data sources

Registrees themselves, public registers, corporate websites, and employers of the registrees.

Handing over of personal data

Personal data can be handed over to authorities and partners in needed extent for accounting, taxation, and other statutory obligations. Needed data about employees will be handed over to the partner enterprise for whom the employee works as hired staff.

Transferral of personal data

Personal data will not be transferred outside EU and ETA areas.

Principles of protection

Personal data will not be stored as physical copies in manual form except for temporary samples and prints which will be disposed of in a secure manner.

Electric systems are appropriately protected with user names and passwords. Only members of staff responsible of salary calculation, recruitment and accounting, as well as persons working in customer projects who need it on the grounds of their duties, are allowed to handle personal data.

The registree’s rights

Right of inspection: Everyone has a right to access and inspect personal data about themselves. The request for information must be made in writing and addressed to [email protected] Identity must be verified if asked.

Right of rectification: Everyone has a right to request for the rectification of an obvious incorrect information concerning themselves. The rectification can be made if the personal information is not of a kind that the registrar is not authorized to rectify. The request must be made in writing and addressed to [email protected] Identity must be verified if asked.

Right to require for erasing of information: veryone has a right to request for erasing of information concerning themselves. However, the registrar cannot and is not obligated to erase personal data that the registrar has a statutory obligation to preserve. The request must be made in writing and addressed to [email protected] Identity must be verified if asked.

More information about the registree’s rights and possibilities to make a notice about the registrar’s handling of personal data is available on the website of the competent authority at

Cookies and Google web analytics

Our website uses cookies that can be saved on a visitor’s computer when he or she visits the website. We also use Google’s web analytics services.

Cookies and analytics services can be used to gather data about e.g. from what address or through what addresses the user arrives at our website, which browser is used, what the screen sharpness is, and what the IP address of the user’s computer is. The purpose of gathering this data is to improve the usability of our website and provide us and our partners with means of developing our site even further. The data can also be used to target marketing and advertising on the website according to the interests of the visitors. Marketing and advertising targeted in this way cannot, however, identify the user, and the gathered data will not be combined with other data gathered from the user in other contexts.

The user can block the cookies by changing browser settings to not allow cookies. Blocking cookies can, however, affect the functioning and usability of some websites.