I am ready for a long road flight for work with a week- or months-long projects.
DATA PROTECTION AND COOKIES POLICIES
DATA PROTECTION POLICY
INTRODUCTION AND REFERENCES TO LEGISLATION
Pursuant to article 13 of Regulation EU 2016/679 of the European Parliament and Council of 27 April 2016 OMT Solutions Oy hereby informs you that, when you sign up for services, the personal data you provide will be processed in full compliance with the data protection legislation (Regulation EU 2016/679 of the European Parliament and Council of 27 April 2016, hereinafter GDPR 679/2016) relating to the protection of natural persons. Accordingly, we hereby provide below the necessary information pertaining to the procedures for processing data that is provided.
DATA CONTROLLER AND SUPPLIER
Pursuant to articles 4 and 24 of GDPR 679/2016 the Data Controller is:
OMT Solutions Oy
Registered Office, Administrative and operational headquarters:
Kipparinkatu 4 B 42, 02320 Espoo
Business-ID 3379260-6
Data Protection Officer: OMT Solutions has appointed a data protection officer who you can reach through the above contact details or by sending e-mail to vn@onemoretask.io
GENERAL PRINCIPLES ON THE PROCESSING OF PERSONAL INFORMATION
The personal information of our customers will be collected, archived, processed and transmitted in compliance with the criteria established by OMT Solutions Oy and by the applicable laws, regulations and rules on the processing of data.
The principles relating to the processing of the personal information of our customers are the following:
In the context of requests that are made and services that are agreed the following type of data will be processed
– Data of a personal nature, i.e. (pursuant to article 4) any information regarding a natural person that is identified or identifiable (by way of example and not of limitation, depending on the request that is sent or the service that is requested: biographical data of the requesting party, the user of application, tax code, data relating to residence, domicile, driving licence details, email address, mobile phone number, etc.);
– Special categories of data, i.e. (pursuant to articles 9 and 10) data or information that could reveal racial or ethnic origin, data relating to citizenship, data relating to health for the management of any claims, as well as data of a judicial nature, relating to road traffic violations, fines, etc.)
- Person's name and contact information, Employment information, Working time information, Attendance information, Absence data , Salary data , Person's location data (see Processing of location data below) , Location data of vehicles and equipment (see Processing of location data below) , Logbook and travel invoice data , Additional job data, Education and skills information, Access rights and access permit information.
-The information contained in the Supplier's systems owned by the Customer, located in the Supplier's cloud services (Onemoretask service) and on users' devices (Onemoretask mobile application). To the extent that the Customer's data contains personal data in accordance with data protection legislation, the Supplier must be considered a personal data processor in accordance with data protection legislation. The Supplier processes the Customer's data until the data storage period according to the agreement between the Parties ends.
-Log information: The log information collected by the supplier about the users of the services covered by the contract consists of the following information: Access rights data and changes made to them, Change log of changes to personal data made by users, System login and usage data
PROCESSING PURPOSES
Data that are collected will be used for the following purposes:
a) To comply with legal obligations deriving from tax and accounting regulations and any other applicable legislation;
b) To enable users to carry out registration procedures to access specific sections of the website www.onemoretask.io and smartphones application onemoretask ;
c) Requests for contact, information, quotes, contracts, administrative and accounting activities related to and resulting from the management of the range of services offered by the Controller;
d) In the event of the tracking of a vehicle/equipment or person, remote monitoring of them.
e) Sending of commercial and advertising correspondence on products, services and other activities carried out by the Controller (MARKETING purposes)
f) Sending of commercial correspondence based on choices in terms of consumption, habits, preferences (PROFILING purposes)
g) Communication of data to third-party companies that are contractually related to or controlled by the OMT Solutions including for statistical and/or promotional purposes.
e) To enable the maintenance of customer relationships. The register information is used e.g. for the following purposes: responding to requests for quotations and making offers, other matters generally related to customer relationship maintenance and informing about current issues and events. In the case of private customers, the information in the register is also used to implement contractual system functions and provide user support.
f) To deliver the services that are the subject of the agreement between the Parties to the Customer. The Supplier may collect log data related to the users of the services covered by the contract, which the Supplier needs to provide the services, troubleshoot and investigate cases of abuse. The supplier can use usage data that does not contain personal data for service development, performance measurement and statistical purposes.
PROVISION OF DATA
Pursuant to article 6 of GDPR 679/2016 processing for the purposes in points is carried out by the Controller during the course of its legitimate activities and in compliance with the obligations set forth by laws, regulations and the EU legislation, or by provisions established by authorities with legal power and by supervisory and control bodies. The provision of data in most points is therefore obligatory. Any refusal to provide data or part thereof will make it impossible to establish or implement contractual obligations, where said data are necessary for the performance of a contract.
Following your express consent, until any opposition, the provision of data is OPTIONAL for the purposes in points e) (MARKETING), f) (PROFILING) and g) (COMMUNICATION OF DATA TO THIRD PARTY COMPANIES). In the event of refusal there will be no consequences of any kind; if you do not provide your consent you will be unable to receive information on our offers, promotions, discounts, etc.
PROCESSING PROCEDURES AND DATA SECURITY
The use of your personal data shall take place with the support of printed, computer or electronic tools for the purposes specified below, with procedures and instruments for guaranteeing the utmost security and confidentiality, by parties expressly appointed for said purposes in compliance with the provisions of article 32 of GDPR 679/2016.
Your personal data will be archived in secure databases on our servers, or on the servers of our trusted suppliers acting in their capacity as data processors, and will be processed mainly with automated procedures.
Processing of location data: In connection with functions that use location, location data can be collected from the user's device as follows: For work time records, location data is saved at the beginning and end of the recording, if the user has allowed the use of location data and activated their recording in the mobile application settings. During logging, the location is not saved. In the vehicle positioning functions for driving events, the location is saved while the driving event is in progress. Location recording starts at the beginning of the driving event, continues while the driving event is in progress and ends when the driving event ends. In fleet positioning based on Bluetooth beacons, location information can be used to locate Bluetooth beacons if the user allows background positioning. This location information cannot be linked to the user or their device.
In any case, your personal data shall be processed in compliance with the provisions pertaining to the confidentiality of personal data contained in the Code, Regulations and Provisions issued by the Supervisory Authority.
Data that are collected will only be handled by authorized staff. All staff with access to your data shall be appointed as data processors, in accordance with the provisions of the applicable regulations.
Data that are collected may be periodically updated with information that is required during the course of the relationship that is established.
We use commercially reasonable technical and organizational measures and controls to protect the personal information of users from losses, misuse and unauthorized access. Unfortunately, data that is transmitted or used over the Internet can never be 100% secure. Therefore, although we protect all personal information, we cannot ensure or guarantee that this personal information will be completely protected from unlawful use by hackers or criminals or in the event of hardware or software malfunctions in computers or telecommunication networks. The data controller will inform the user when it becomes aware of a security breach regarding his/her personal identity information in our possession (in accordance with that which is set forth in the event of pursuant to the applicable regulations).
If a user decides to inform us of his/her email address for any reason, he/she expressly accepts to receive electronic notices in the event of a security breach.
DATA RETENTION PERIOD
Data that is collected will be processed for the period of time that is strictly necessary for fulfilling the purposes they were collected for; for the purposes in points e) (MARKETING) and f) (PROFILING) your personal data will be processed for a period of 10 years from the time you originally provide your consent and/or the respective express renewal in the event of registration or the signing of contracts.
The retention of data for which processing consent is optional and not obligatory, may be suspended in advance when the data controller receives a cancellation request from you.
SCOPE OF COMMUNICATION AND DISCLOSURE
Without prejudice to communications made in compliance with an obligation deriving from a law, rule or EU regulation, your data may be communicated to the following:
– Police forces, armed forces and other public authorities, to comply with obligations established by the law.
– Companies managing services conducted through the use of credit cards;
– Parties providing services for the management of IT systems and telecommunication networks, companies appointed for the management of geopositioning services for vehicles;
– Insurance companies responsible for the settlement of claims;
– Companies specializing in the management of commercial information or credit information, or advertising promotion;– Other companies that are contractually linked to OMT Solutions who carry out activities pertaining to the management of claims;
– Lawyers or debt recovery companies for legal assistance on contracts and the management of disputes.
Personal data that is collected and stored in OMT solutions databases will be processed by the controller’s employees or co-workers or by persons appointed to process said data. This data will not be communicated to third parties, without prejudice to that which is set forth above and, in any case, up to the specified limits.
We reserve the right to appoint third parties for the processing of personal data on our behalf and, as a result, we may share personal data with said third parties. However, we require that said third parties comply with OMT solutions data protection principles and policy during the processing of users’ data. Finally, personal data will not be disclosed, except in cases where this is set forth by the law.
RIGHTS OF DATA SUBJECTS AND EXERCISING OF RIGHTS
In compliance with the applicable legislation, you may at any time request:
– Confirmation of the existence or otherwise of your personal data;
– Know the content and origin, purposes and processing procedures;
– The criteria applied in the event of processing conducted with the use of electronic instruments;
– The identification details of the controller, the processors and the parties or categories of parties to whom your personal data may be communicated.
Moreover, it is your right to obtain:
– The updating, correction, supplementing, right to data portability;
– The cancellation, transformation to an anonymous form or the blocking of your data that is processed in breach of the law;
– The right to object, in any case, for legitimate reasons to the processing of data that is relevant for the purpose of the collection;
– Object to the processing of data for commercial purposes.
Pursuant to the Regulation, you also have the right to present a complaint to a supervisory authority.
To exercise these rights you may contact the data Controller:
OMT Solutions Oy
Registered Office, Administrative and operational headquarters:
Kipparinkatu 4 B 42, 02320 Espoo , vn@onemoretask.io
If a user contacts us to access his/her personal information or to delete these from our systems and registers, in compliance with this data protection policy and the legal obligations, we shall, where possible, grant this request within the required period of time.
However, we hereby inform our customers that, because of technical constraints and backup procedures for our systems, users’ personal information may continue to reside in parts of our systems for a certain period after they are deleted.
The data controller reserves the right to refuse requests for access or the deletion of personal information if the requested disclosure or deletion of information is not permitted by the law.
To protect ourselves from unlawful access requests, we therefore reserve the right to ask for sufficient information to verify the identity of the party presenting a request before enabling a request or making corrections.
TRANSFER OF DATA
Your personal data will be archived in databases on our servers, or on the servers of our trusted suppliers acting in their capacity as data processors, in the Finnish territory, or in the countries of the European Economic Area or in Switzerland where approved contractual clauses are in force for the secure transfer of data. The information that is collected may reside in servers in the United States or in other countries.
Cookies and other technologies
We use various technologies to collect and store Usage Data and other information when the Users visit our Services, including cookies, storing website data, and using web and application telemetry.
Cookies and other website data saved on your device allow us to identify visitors of the our Services and facilitate the use of our Services and to create aggregate information of our visitors. This helps us to improve Services and better serve our Users. The cookies and other website data will not harm your device or files. We use cookies and other website data to tailor the Services and the information we provide in accordance with the individual interests of our Users. Please note that the retention time of different cookies is limited and varies from less than a minute till indefinitely and when a specific cookie is deleted.
You can manage the cookie preferences
The Users may choose to set their web browser to refuse cookies.
Please note that some parts of the Services may not function properly if use of cookies is refused.
The Services use pseudonymized identifiers to track and predict your app and service usage and preferences. OMT Solutions also uses session-only 3rd-party tracking technologies to verify and report transactions initiated by our advertising partners.
You can manage your cookie preferences through the cookie banner on our websites.
You can also manage your communication and other privacy settings via onemoretask App.
OMT Solutions uses different third party analytics and telemetry providers, marketing or affiliate partners, and other services integrated into our client software.
INTRODUCTION AND REFERENCES TO LEGISLATION
Pursuant to article 13 of Regulation EU 2016/679 of the European Parliament and Council of 27 April 2016 OMT Solutions Oy hereby informs you that, when you sign up for services, the personal data you provide will be processed in full compliance with the data protection legislation (Regulation EU 2016/679 of the European Parliament and Council of 27 April 2016, hereinafter GDPR 679/2016) relating to the protection of natural persons. Accordingly, we hereby provide below the necessary information pertaining to the procedures for processing data that is provided.
DATA CONTROLLER AND SUPPLIER
Pursuant to articles 4 and 24 of GDPR 679/2016 the Data Controller is:
OMT Solutions Oy
Registered Office, Administrative and operational headquarters:
Kipparinkatu 4 B 42, 02320 Espoo
Business-ID 3379260-6
Data Protection Officer: OMT Solutions has appointed a data protection officer who you can reach through the above contact details or by sending e-mail to vn@onemoretask.io
GENERAL PRINCIPLES ON THE PROCESSING OF PERSONAL INFORMATION
The personal information of our customers will be collected, archived, processed and transmitted in compliance with the criteria established by OMT Solutions Oy and by the applicable laws, regulations and rules on the processing of data.
The principles relating to the processing of the personal information of our customers are the following:
- The personal information of our customers will be processed correctly and lawfully;
- the personal information of our customers will be collected for specific, explicit and legitimate purposes and will subsequently be processed in a manner that is compatible with these purposes;
- the personal information we collect from our customers will be relevant, complete and proportionate to the purposes they are collected for;
- the personal information we collect from our customers will be accurate and, if necessary, updated to the best of our ability;
- the personal information of our customers will be protected against unauthorised access and processing through commercially and technically reasonable technical and organizational security measures and controls;
- the personal information we collect from our customers will be stored as personal data for no longer than the period of time that is necessary for pursuing the purposes this personal information was collected for.
- The customer is responsible for the fact that the Supplier has the right to collect log data
In the context of requests that are made and services that are agreed the following type of data will be processed
– Data of a personal nature, i.e. (pursuant to article 4) any information regarding a natural person that is identified or identifiable (by way of example and not of limitation, depending on the request that is sent or the service that is requested: biographical data of the requesting party, the user of application, tax code, data relating to residence, domicile, driving licence details, email address, mobile phone number, etc.);
– Special categories of data, i.e. (pursuant to articles 9 and 10) data or information that could reveal racial or ethnic origin, data relating to citizenship, data relating to health for the management of any claims, as well as data of a judicial nature, relating to road traffic violations, fines, etc.)
- Person's name and contact information, Employment information, Working time information, Attendance information, Absence data , Salary data , Person's location data (see Processing of location data below) , Location data of vehicles and equipment (see Processing of location data below) , Logbook and travel invoice data , Additional job data, Education and skills information, Access rights and access permit information.
-The information contained in the Supplier's systems owned by the Customer, located in the Supplier's cloud services (Onemoretask service) and on users' devices (Onemoretask mobile application). To the extent that the Customer's data contains personal data in accordance with data protection legislation, the Supplier must be considered a personal data processor in accordance with data protection legislation. The Supplier processes the Customer's data until the data storage period according to the agreement between the Parties ends.
-Log information: The log information collected by the supplier about the users of the services covered by the contract consists of the following information: Access rights data and changes made to them, Change log of changes to personal data made by users, System login and usage data
PROCESSING PURPOSES
Data that are collected will be used for the following purposes:
a) To comply with legal obligations deriving from tax and accounting regulations and any other applicable legislation;
b) To enable users to carry out registration procedures to access specific sections of the website www.onemoretask.io and smartphones application onemoretask ;
c) Requests for contact, information, quotes, contracts, administrative and accounting activities related to and resulting from the management of the range of services offered by the Controller;
d) In the event of the tracking of a vehicle/equipment or person, remote monitoring of them.
e) Sending of commercial and advertising correspondence on products, services and other activities carried out by the Controller (MARKETING purposes)
f) Sending of commercial correspondence based on choices in terms of consumption, habits, preferences (PROFILING purposes)
g) Communication of data to third-party companies that are contractually related to or controlled by the OMT Solutions including for statistical and/or promotional purposes.
e) To enable the maintenance of customer relationships. The register information is used e.g. for the following purposes: responding to requests for quotations and making offers, other matters generally related to customer relationship maintenance and informing about current issues and events. In the case of private customers, the information in the register is also used to implement contractual system functions and provide user support.
f) To deliver the services that are the subject of the agreement between the Parties to the Customer. The Supplier may collect log data related to the users of the services covered by the contract, which the Supplier needs to provide the services, troubleshoot and investigate cases of abuse. The supplier can use usage data that does not contain personal data for service development, performance measurement and statistical purposes.
PROVISION OF DATA
Pursuant to article 6 of GDPR 679/2016 processing for the purposes in points is carried out by the Controller during the course of its legitimate activities and in compliance with the obligations set forth by laws, regulations and the EU legislation, or by provisions established by authorities with legal power and by supervisory and control bodies. The provision of data in most points is therefore obligatory. Any refusal to provide data or part thereof will make it impossible to establish or implement contractual obligations, where said data are necessary for the performance of a contract.
Following your express consent, until any opposition, the provision of data is OPTIONAL for the purposes in points e) (MARKETING), f) (PROFILING) and g) (COMMUNICATION OF DATA TO THIRD PARTY COMPANIES). In the event of refusal there will be no consequences of any kind; if you do not provide your consent you will be unable to receive information on our offers, promotions, discounts, etc.
PROCESSING PROCEDURES AND DATA SECURITY
The use of your personal data shall take place with the support of printed, computer or electronic tools for the purposes specified below, with procedures and instruments for guaranteeing the utmost security and confidentiality, by parties expressly appointed for said purposes in compliance with the provisions of article 32 of GDPR 679/2016.
Your personal data will be archived in secure databases on our servers, or on the servers of our trusted suppliers acting in their capacity as data processors, and will be processed mainly with automated procedures.
Processing of location data: In connection with functions that use location, location data can be collected from the user's device as follows: For work time records, location data is saved at the beginning and end of the recording, if the user has allowed the use of location data and activated their recording in the mobile application settings. During logging, the location is not saved. In the vehicle positioning functions for driving events, the location is saved while the driving event is in progress. Location recording starts at the beginning of the driving event, continues while the driving event is in progress and ends when the driving event ends. In fleet positioning based on Bluetooth beacons, location information can be used to locate Bluetooth beacons if the user allows background positioning. This location information cannot be linked to the user or their device.
In any case, your personal data shall be processed in compliance with the provisions pertaining to the confidentiality of personal data contained in the Code, Regulations and Provisions issued by the Supervisory Authority.
Data that are collected will only be handled by authorized staff. All staff with access to your data shall be appointed as data processors, in accordance with the provisions of the applicable regulations.
Data that are collected may be periodically updated with information that is required during the course of the relationship that is established.
We use commercially reasonable technical and organizational measures and controls to protect the personal information of users from losses, misuse and unauthorized access. Unfortunately, data that is transmitted or used over the Internet can never be 100% secure. Therefore, although we protect all personal information, we cannot ensure or guarantee that this personal information will be completely protected from unlawful use by hackers or criminals or in the event of hardware or software malfunctions in computers or telecommunication networks. The data controller will inform the user when it becomes aware of a security breach regarding his/her personal identity information in our possession (in accordance with that which is set forth in the event of pursuant to the applicable regulations).
If a user decides to inform us of his/her email address for any reason, he/she expressly accepts to receive electronic notices in the event of a security breach.
DATA RETENTION PERIOD
Data that is collected will be processed for the period of time that is strictly necessary for fulfilling the purposes they were collected for; for the purposes in points e) (MARKETING) and f) (PROFILING) your personal data will be processed for a period of 10 years from the time you originally provide your consent and/or the respective express renewal in the event of registration or the signing of contracts.
The retention of data for which processing consent is optional and not obligatory, may be suspended in advance when the data controller receives a cancellation request from you.
SCOPE OF COMMUNICATION AND DISCLOSURE
Without prejudice to communications made in compliance with an obligation deriving from a law, rule or EU regulation, your data may be communicated to the following:
– Police forces, armed forces and other public authorities, to comply with obligations established by the law.
– Companies managing services conducted through the use of credit cards;
– Parties providing services for the management of IT systems and telecommunication networks, companies appointed for the management of geopositioning services for vehicles;
– Insurance companies responsible for the settlement of claims;
– Companies specializing in the management of commercial information or credit information, or advertising promotion;– Other companies that are contractually linked to OMT Solutions who carry out activities pertaining to the management of claims;
– Lawyers or debt recovery companies for legal assistance on contracts and the management of disputes.
Personal data that is collected and stored in OMT solutions databases will be processed by the controller’s employees or co-workers or by persons appointed to process said data. This data will not be communicated to third parties, without prejudice to that which is set forth above and, in any case, up to the specified limits.
We reserve the right to appoint third parties for the processing of personal data on our behalf and, as a result, we may share personal data with said third parties. However, we require that said third parties comply with OMT solutions data protection principles and policy during the processing of users’ data. Finally, personal data will not be disclosed, except in cases where this is set forth by the law.
RIGHTS OF DATA SUBJECTS AND EXERCISING OF RIGHTS
In compliance with the applicable legislation, you may at any time request:
– Confirmation of the existence or otherwise of your personal data;
– Know the content and origin, purposes and processing procedures;
– The criteria applied in the event of processing conducted with the use of electronic instruments;
– The identification details of the controller, the processors and the parties or categories of parties to whom your personal data may be communicated.
Moreover, it is your right to obtain:
– The updating, correction, supplementing, right to data portability;
– The cancellation, transformation to an anonymous form or the blocking of your data that is processed in breach of the law;
– The right to object, in any case, for legitimate reasons to the processing of data that is relevant for the purpose of the collection;
– Object to the processing of data for commercial purposes.
Pursuant to the Regulation, you also have the right to present a complaint to a supervisory authority.
To exercise these rights you may contact the data Controller:
OMT Solutions Oy
Registered Office, Administrative and operational headquarters:
Kipparinkatu 4 B 42, 02320 Espoo , vn@onemoretask.io
If a user contacts us to access his/her personal information or to delete these from our systems and registers, in compliance with this data protection policy and the legal obligations, we shall, where possible, grant this request within the required period of time.
However, we hereby inform our customers that, because of technical constraints and backup procedures for our systems, users’ personal information may continue to reside in parts of our systems for a certain period after they are deleted.
The data controller reserves the right to refuse requests for access or the deletion of personal information if the requested disclosure or deletion of information is not permitted by the law.
To protect ourselves from unlawful access requests, we therefore reserve the right to ask for sufficient information to verify the identity of the party presenting a request before enabling a request or making corrections.
TRANSFER OF DATA
Your personal data will be archived in databases on our servers, or on the servers of our trusted suppliers acting in their capacity as data processors, in the Finnish territory, or in the countries of the European Economic Area or in Switzerland where approved contractual clauses are in force for the secure transfer of data. The information that is collected may reside in servers in the United States or in other countries.
Cookies and other technologies
We use various technologies to collect and store Usage Data and other information when the Users visit our Services, including cookies, storing website data, and using web and application telemetry.
Cookies and other website data saved on your device allow us to identify visitors of the our Services and facilitate the use of our Services and to create aggregate information of our visitors. This helps us to improve Services and better serve our Users. The cookies and other website data will not harm your device or files. We use cookies and other website data to tailor the Services and the information we provide in accordance with the individual interests of our Users. Please note that the retention time of different cookies is limited and varies from less than a minute till indefinitely and when a specific cookie is deleted.
You can manage the cookie preferences
The Users may choose to set their web browser to refuse cookies.
Please note that some parts of the Services may not function properly if use of cookies is refused.
The Services use pseudonymized identifiers to track and predict your app and service usage and preferences. OMT Solutions also uses session-only 3rd-party tracking technologies to verify and report transactions initiated by our advertising partners.
You can manage your cookie preferences through the cookie banner on our websites.
You can also manage your communication and other privacy settings via onemoretask App.
OMT Solutions uses different third party analytics and telemetry providers, marketing or affiliate partners, and other services integrated into our client software.