Latest update 26.10.2021
We are delighted that you have found our Website! At Ålands Penningautomatförening (Paf) we are committed to protecting your privacy and we will treat your information with respect.
Paf is the controller and is responsible for all collected personal data by Paf or its subcontractors on Paf’s behalf, and for the processing of such personal data.
Company Reg. No: 0280695-6
AX-22101 Mariehamn, Åland
Email: [email protected]
Tel: +358 20 7910 600
Paf has also appointed a Data Protection Officer.
Data Protection Officer
AX-22101 Mariehamn, Åland
Email: [email protected]
2. Collection of and purpose of processing personal data
By visiting our Website, Paf and/or its subcontractor will collect your IP address for the purposes of managing the operation of the Website as well as the administration of the Website. Paf processes the IP addresses for the purpose of providing a secure Website.
By contacting Paf by email, telephone or by other communication channels, Paf will process the information provided by you in order fulfil the purpose of the communication.
The information gathered about you is collected primarily on the legal grounds of legitimate interests for processing personal data and some personal data will be processed by third parties as part of Paf’s business process which includes management of this Website.
Paf also processes your personal data based on consent, for example using certain cookies.
If you are visiting this Website for career opportunities, we recommend you to read the privacy statement under the career pages.
Cookies and other similar technologies
3. Sources of information
Personal data is either provided by you or by Paf’s subcontractors which offer services related to the processing of personal data.
4. Disclosure of and transfer of personal data
Paf processes your personal data in the strictest confidence and only discloses your personal data to third parties which processes the personal data on behalf of Paf and to persons authorised to process personal data, who have undertaken to observe confidentiality or are subject to appropriate statutory confidentiality. Otherwise, Paf will only share your personal data with a third party if you have given consent to such disclosure.
Where Paf has engaged a subcontractor, which provides services related to the processing of personal data to Paf, so called a processor, the subcontractor will only process the personal data in accordance with Paf’s written instructions.
Paf may disclose your personal data within the Paf group. The sharing of your personal data is primarily for managing your personal data for various matters, for example referring you to one of our subsidiaries or being able to answer your questions.
Paf may also disclose your personal data in cases where Paf is required to do so by law, regulation or as a result of a request from an authority.
Paf always strives to process your personal data as far as possible within the European Union (EU) and the European Economic Area (EEA).
In cases where it is necessary to transfer personal data outside the EU/EEA, Paf has taken the necessary and reasonable legal, technical and organisational measures to ensure that the level of protection is the same as in the EU/EEA. In cases where Paf transfers personal data to countries outside the EU/EEA, processing is primarily supported by EU standard contractual clauses.
5. Duration of storage
Paf does not store your information longer than it is necessary for the purposes for which the Personal Data are processed. In general, Paf stores IP-addresses for up to seven days, thereafter the IP-addresses are erased.
Communication with Paf through email, telephone or by other communication channels, Paf may store the information as long as it is needed in order to fulfil the purpose of the communication.
Paf may store your information for a longer period of time if required by law and/or regulation, and if the information is included in an ongoing legal process.
6. Your rights
Right to access your personal data
You are entitled to access your personal data, i.e. a record of what personal data Paf is processing about you, provided that the data does not affect the rights and freedoms of others, or access to personal data is forbidden due to legal requirements. Please note that in cases where Paf receives a request for access to personal data, Paf may request further information from you requesting access to your personal data, to ensure effective handling of the request and disclosure of the personal data to the correct person.
Right to rectification
You are entitled to have incorrect personal data that concerns you rectified as well as within the stated purpose, to supplement incomplete personal data.
Right to object and restriction of processing
You are entitled to object to the processing of your personal data where processing is conducted for legitimate business reasons, unless Paf has a compelling reason to continue the processing, for example security purposes.
In the event you dispute the accuracy of your personal data or you have made an objection to the processing, have the right to require the processing of your personal data to be restricted.
Right to be forgotten
You are entitled to request that Paf delete or remove all or some of your personal data, for example, if the personal data is no longer required for the purposes it was collected or otherwise processed. Paf may deny your request if the processing is based on a law requirement or for a compelling legitimate interest.
Withdrawal of consent
In the event Paf relies on your consent to process your personal data, you have the right to withdraw or decline your consent at any time. Please note that the withdrawal of consent does not affect the legality of the processing that takes place before the consent is withdrawn.
Right to lodge a complaint
If you consider that Paf’s processing of your personal data does not comply with applicable data protection laws, you may submit a complaint to the Finnish Data Protection Ombudsman.
Some of the cookies used on this Website are so called third party cookies which are placed by external companies that Paf purchases services from, for example Google Analytics.
Necessary cookies are essential for the website to function properly. This category only includes cookies that ensure basic functionalities and security features of the website. These cookies do not store any directly identifying information. Please be aware that you accept these essential cookies by using this Website. Paf would not be able to provide this Website without these cookies.
The below categories of cookies will be stored in your browser only if you have given your consent. You can change your settings at any time. Kindly note that by opting out it may affect your browsing experience.
The website uses Google Analytics cookies to track the website’s performance and help us to make the site better.
Cookies for marketing that are used to remind you of us later and for example give you information about career opportunities.
Managing cookie settings
Analytics and marketing cookies will not be installed on your browser without your consent. You also have the possibility to change the cookie settings at any point, should you wish to do so. Just click on the Cookie Settings in the downright corner of the Website.
You can also allow, block or delete cookies installed on your device via the settings in your web browser at any time. All web browsers show information on cookies so that the user can see which cookies have been installed and remove them.
If you deactivate or remove cookies please be aware that may affect your user experience, for example, the functions on the Website may be impaired.
Note that the changes you make in your web browser relating to cookies may affect all websites you visit, not just our pages, unless you disable or remove cookies individually.
In order to deactivate or remove cookies on your device, click “Tools” or “Settings” in the menu. For more information on settings relating to cookies in your web browser, see “Help” under the main menu.
Paf has taken all necessary and appropriate steps to protect your personal data from unauthorised procedures such as unlawful or unauthorised processing, which includes theft, deletion, alteration, disclosure and transfer of personal data. These measures include the greatest possible restriction of the circle of people that has the right to the personal data and limitation of the ability of the authorised persons to make changes as well as technical barriers to infringement, including encryption during transmission and storage, firewalls and strict requirements for passwords.