Privacy notice – Hydro Go

Your privacy in Hydro Go

This supplement gives general information about the mobile app Hydro Go. For further information about privacy at Fortum, please read our main privacy notice.

• For Fortum employees
• For Maintenance Partners

The main purpose of the Hydro Go app is to increase safety in your work at Fortum’s plants by providing the ability to check-in and check out at plants automatically. Knowing who is at plants is important in case of emergency situations so our Dispatch Center can inform rescue personnel who are currently located at the plant. Checking in and out of plants is mandatory regardless of if using the app or not based on Fortum’s internal work descriptions/agreement with Fortum’s maintenance partner. The app will provide convenience and safety by not forgetting to do so.

What information do we collect?

• Contact details and Security data: Name, phone number, and email as registered in your Fortum AD account is used for knowing who is checked in at the plants
• Location data: Geofencing location data that is a “virtual circle” surrounding the plant area.
• Time and attendance data: The time and date for check-in and for check-out from the plant.
• User added plant visit data: an optional note field in the app for plant information.
• Technical data: troubleshooting data and statistical data.

We do not collect any location data apart from the above described.

How do we use that information?

• Access management: Name, phone number, and email as registered in your Fortum AD account is used for knowing who is checked in at the plants
• Security and Safety event management: Geofencing data is used for automatically checking you in at a plant, or if you’re not using automatic check-in to notify you not to forget checking in or out when entering or leaving a plant. The exact location is unknown, only that you are somewhere in the plant area as defined by the geofence. The app will only know the plant name, not the location itself.
• Time and attendance data: The purpose of the 18 hours is safety-related in case the Dispatch Center needs to contact the people recently been at the plants. The check-ins at plants, and all information related to them, are stored for 18 hours after leaving a plant and then deleted.
• User added plant visit data: When checked in there is an optional note field in the app where added information related to the plant visit can be used. This data is also deleted 18 hours after checkout from the plant.
• Technical data: For troubleshooting and statistical purpose, we collect anonymous information such as check-ins and check-outs on plants, the brand/model/operating system of your mobile device, and aggregated statistics on the usage of different views in the Hydro Go App. For this, we use the Google Analytics Service. The anonymous statistical data is used to improve the App and, most of all, improve safety for people at plants by making sure we utilise the check-in/check-out functionality in a good way.

We do not collect any location data apart from the above described.

Who has access to the data?

The information collected as described above is visible for the Dispatch Center’s authorized employees for them to be able to act in case of emergency.

How long is the data stored?

The check-ins at plants, and all information related to them, are stored for 18 hours after leaving a plant and then deleted. The purpose of the 18 hours is safety-related in case the Dispatch Center need to get in contact with the people that have been recently at the plants.

Your registered Fortum AD account is maintained as long as you are working at Fortum or as a service partner to Fortum. The account will be deleted when leaving Fortum or the Service Partnership with Fortum.

How do we collect the information?

The information collected in the app is sent to our Amazon Web Services Cloud solution as described above and then removed accordingly.

Do we share that information?

The information is not shared outside of the Dispatch Center’s authorized employees. If we would see from the anonymised data that the usage of the check-in/check-out functionality is not sufficient for maintaining personnel safety at plants that anonymous statics data can be used to improve the process and people behaviour related to safety at plants.

What safeguards are in place?

The communication between the App the cloud encrypted.

What are your choices?

In the app, you can select not to do automatic check-in/check-out. In this case, you will have to check in and check out manually. You will get a reminder when arriving and leaving a plant.

If not using the app at all, you will have to call the dispatch center to check in and out, but we prefer some of the above not to overload the dispatch center with phone calls.

Additional information

For employees, the controller of your personal data is the local Fortum company you have an employment relationship with and Fortum Corporation.

For Maintenance partners, the controller of your personal data is typically the local Fortum company with which the company you work for is conducting business and Fortum Corporation.

You can address any further questions and comments regarding your privacy to our dedicated privacy team at privacy [at] fortum [dot] com.