3Step IT Group Oy and its group companies


Last Updated: January 2023

By ticking the checkbox in the application form you consent to your personal data being registered and processed for the recruitment purposes by 3 Step IT Group Oy and the respective subsidiary or affiliate (“ 3 Step IT”) in a country in which the applicant has applied a position. All contacts and inquiries related to this Privacy policy should be addressed to dpo@3stepit.com.

Information provided by you will be available to HR and recruiting personnel within the organization in accordance with the EU's general data protection regulation (2016/679) and other applicable regulations governing the processing of your personal data.

Processing of personal data

The data that you provide in your application will be registered on behalf of 3 Step IT in 3 Step IT’s recruitment system, ReachMee.

We process the following personal data:

Basis of processing personal data

We process the data based on your consent for recruitment purposes of 3 Step IT. You can revoke your consent by informing the HR representative of the open position during the recruitment. For Post recruitment changes be in touch with Data protection office, contact details at the bottom of this policy.

3 Step IT is the data controller

3 Step IT is the data controller for processing of your recruitment related personal data that you submit over to us during the recruitment process.

Use of Personal data

3 Step IT will use your personal data for processing of your job application and to:

Your application will be processed via a candidate profile which brings together the information you provided with your job application.

Who may see your personal data?

Information provided will be available to HR and recruiting personnel within the organization.


For how long is personal data retained?

Your personal data will be retained for up to two (2) years after the application filing date in the 3 Step IT’s recruitment data base, after which the data is erased unless longer retention is required by law.

International Data Transfers

We may need to transfer personal data outside the European Economic Area to carry out our operations. Transfers of this kind are done according to the requirements of the applicable laws, and by following the applicable safeguards for the transfers, e.g. based on adequacy decisions on the level of data protection adopted by European Commission, or using standard contractual clauses approved by European Commission.

Currently our providers do not transfer data outside of EU/EEA, neither by actual transfer or by support or otherwise indirect access from third countries.


Your rights

If you have submitted personal data to 3 Step IT, you may have a right to:

We may need to request specific information (such as copy of identification) from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to anyone who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

In accordance with applicable regulation, in addition to your rights above, you are also entitled to lodge a complaint with the competent supervisory authority.

Contact information.

If you have questions, comments or complaints about our handling or protection of your personal data, please contact our Data Protection Officer.

Company responsible for this privacy policy:

3Step IT Group Oy Limited Liability Company registered in Finland (Group acts as a contact point for all 3step IT Group companies in Privacy related requests)
Registration number: 2087590-4
Office address is: Mechelininkatu 1A Helsinki 00180, Finland
The general phone number is +358 10 525 3200
Data Protection Office: dpo(at)3stepit.com