Privacy for the Aisti Health service

Description of the processing of personal data in the Aisti wellbeing assessment

Aisti Health Oy (Aisti Health) implements the agreed Aisti wellbeing assessment service on the subscriber’s behalf. With regard to the processing of personal data, the service subscriber acts as the data controller and Aisti Health as the processor of personal data.

The service subscriber provides Aisti Health Oy with the names, email addresses and possible group attributes (e.g. position, business unit, department, team or location) of the persons participating in the Aisti wellbeing assessment in order to allow for group distinction. Aisti Health will send designated participants a personal single-use link to the Aisti wellbeing survey by email. Based on the participant’s responses to the assessment, the participant receives immediate personalised feedback to improve their wellbeing. Aisti Health analyses the responses of the participants to the assessment and provides a group-level result report to the service subscriber, from which neither individual persons nor their responses can be identified. The Aisti wellbeing assessment is carried out using a web application maintained by Aisti Health. The terms and conditions valid at the time are applied to the use of the application.

The service subscriber is obligated to inform you of an upcoming Aisti wellbeing assessment by email. You can request more information regarding the processing of personal data from the service subscriber.

General description of the data protection and security of the Aisti wellbeing assessment

In processing the personal data, Aisti Health carries out the appropriate technical and organisational measures to protect the personal data from unauthorised and illegal processing and damage and especially from unintentional or illegal deletion, loss and alteration as well as from unauthorised access or transmission of the personal data. In organising the protective measures, the available technical options and their costs are taken into account in relation to specific risks related to the processing of data and the delicate nature of the processed personal data.

Aisti Health ensures that the personnel participating in the processing of personal data are committed to upholding the appropriate degree of confidentiality or that they are bound by the appropriate statutory professional secrecy.

Additional information on the data protection and security principles of the Aisti Health wellbeing assessment may be requested at

Erasing or returning personal data

Aisti Health processes and stores personal data as long as it is considered necessary for the cooperation between Aisti Health and the service subscriber. Upon the termination of the cooperation between Aisti Health and the service subscriber, Aisti Health shall erase, or when the service subscriber’s separate instructions so require, return the personal data it has processed on behalf of the service subscriber and the copies thereof, provided that Aisti Health is not bound by a legal obligation to retain the personal data.