Privacy policy

Heka’s privacy policy defines the methods and principles by which Heka collects, uses, retains, maintains, discloses and deletes personal data.

Through the privacy policy, we safeguard the rights of private persons with regard to personal data and ensure that the obligations regarding the processing of personal data are fulfilled.

Heka’s privacy policy is based on the current EU and national legislation on personal data and data protection, as well as the current guidelines and recommendations issued by data protection authorities.

Basis for processing personal data

Heka’s business operations require the processing of personal data.

Heka acts as the controller of personal data. Heka ensures compliance with general data protection principles and legal obligations when processing personal data.

Lifecycle and processing of personal data

When processing personal data, we take its entire lifecycle into account.

We strive to ensure the accuracy of the personal data we use. The primary source of personal data is the person themselves or another reliable source.

We consider data security to be an essential part of the processing of personal data.

Heka’s data protection organisation

Heka has a designated data protection organisation, as we want to ensure the best possible processing of personal data.

Heka has a designated data protection officer who directs and develops the implementation of data protection at Heka.

Heka has a data protection group in which Heka’s key business operations are represented.

The regional offices have designated data protection liaisons.

Everyone at Heka is responsible for data protection

Heka organises data protection training for its employees. Heka’s employees are instructed and informed about data protection and related changes on Heka’s intranet. 

Strengthening and updating the privacy policy

The board of Helsingin kaupungin asunnot Oy confirmed this privacy policy on 10 April 2018 and updated the policy on 24 February 2021.