In all its activities, Heka takes into account the proper processing of the personal data of private persons and the protection of personal data and privacy.
Basis for processing personal data
Heka’s business operations require the processing of personal data.
Heka acts as the controller of personal data. Heka ensures compliance with general data protection principles and legal obligations when processing personal data.
Lifecycle and processing of personal data
When processing personal data, we take its entire lifecycle into account.
We strive to ensure the accuracy of the personal data we use. The primary source of personal data is the person themselves or another reliable source.
We consider data security to be an essential part of the processing of personal data.
Heka’s data protection organisation
Heka has a designated data protection organisation, as we want to ensure the best possible processing of personal data.
Heka has a designated data protection officer who directs and develops the implementation of data protection at Heka.
Heka has a data protection group in which Heka’s key business operations are represented.
The regional offices have designated data protection liaisons.
Everyone at Heka is responsible for data protection
Heka organises data protection training for its employees. Heka’s employees are instructed and informed about data protection and related changes on Heka’s intranet.