Processing of SCS remote connection related personal data

The data is controlled and processed by Valmet Oyj for security and troubleshooting purposes

The legal basis for the processing is legitimate interests pursued by the controller. The data items processed include user name, IP addresses, used communication protocol, and connection and disconnection times.

By request, the data may be shared with Valmet’s customer controlling the other end of the connection.

The data may be accessed by relevant personnel within the Valmet group, as well as data processors Valmet is contracting for supporting its business. By default, the data will be stored in the Area where the connection is created and in the EU. The data may also be accessed by Valmet personnel from outside of the EU when needed. EU Model Clauses are used as appropriate safeguards for the processing outside of the EEA.  The usage logs will be stored for 12 months, the account information will be maintained until the account is deleted according to Valmet security policies.

Valmet will support the applicable data subject’s rights. This includes their rights of access to, rectification of, or erasure of personal data or restriction of processing concerning the data subject or to object to processing including direct marketing. The data subject has the right to lodge a complaint with a supervisory authority (data protection authority).

If you have any questions about the privacy notice including data transfer mechanisms to countries outside of the EEA, please contact the Valmet Data Privacy Officer via the Privacy Web Form.