TIEKE Finnish Information Society Development Centre
Työpajankatu 13, 2nd floor
00580 Helsinki, Finland
mikko.eloholma@tieke.fi
+358 44 491 8296
We process personal data in connection with subscribing to the Data Spaces Alliance Finland newsletter on the basis of the data subject’s consent (General Data Protection Regulation, Article 6(1)(a)).
The newsletter is sent by email approximately every two months and contains information on, among other things, data spaces and related events. Subscribers’ names, organizations and email addresses are stored. Subscribers may unsubscribe at any time via the “unsubscribe” link included in each newsletter.
We process personal data when an organisation applies for membership in Data Spaces Alliance Finland. The personal data processed include the names, roles, organisations, and email addresses of the person signing the application and the organisation’s contact persons. The legal basis for processing is legitimate interest.
We primarily inform the contact persons of Alliance members by email about upcoming meetings (approximately four times per year) and other events and campaigns related to the Alliance’s activities. All members also receive the Alliance’s newsletter.
As a rule, personal data is processed by employees of TIEKE in the performance of their duties in accordance with this privacy notice.
The data controller may procure services related to the processing of personal data from personal data processors. In such cases, we ensure that the processors act in accordance with the data controller’s instructions and this privacy notice. Information on personal data processors is available from the data controller upon request.
In connection with processing, personal data may be transferred outside the European Union or the European Economic Area. In such cases, we ensure that the recipient country has been deemed to provide an adequate level of data protection by the European Commission, that the transfer is carried out using the European Commission’s standard contractual clauses, or that another transfer mechanism compliant with the GDPR is applicable.
In all transfer situations, our obligation is to ensure that any transfer of personal data is carried out on lawful grounds and with an adequate level of protection.
We ensure information security and the confidentiality, integrity, and availability of personal data through appropriate technical and organisational measures in accordance with generally accepted industry standards. Data are primarily stored in electronic form.
Personal data are protected by, among other measures, firewalls, physical security of facilities, access control, user access rights, and, where appropriate, encryption technologies. Personal data are protected against unauthorised access and unlawful or accidental processing. Personal data are processed only by designated employees of the data controller and by specifically designated personal data processors.
We do not make decisions based solely on automated processing, nor do we carry out profiling based on the personal data we process.
Personal data are retained for as long as necessary for the delivery of the newsletter or the provision of membership services. Thereafter, personal data are deleted no later than one year after the end of the processing purpose.
You have the right to be informed about the purposes and methods of processing your personal data.
You may ask us questions regarding the processing of personal data at any time using the contact details provided at the beginning of this notice.
You have the right to know whether we process personal data concerning you. If we do, you have the right to obtain a copy of such data, unless we have a lawful basis for refusing to exercise this right.
If the personal data concerning you that we process are inaccurate, you may request that we correct the data.
If we correct data at your request, we are obliged, where possible, to inform all recipients to whom the data have previously been disclosed.
In certain circumstances, you have the right to have your personal data erased.
You have the right to object to the processing of your personal data carried out by us at any time on grounds relating to your particular situation.
In such cases, we may no longer process your personal data unless there are compelling and legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defence of legal claims.
If you believe that the personal data concerning you that we process are inaccurate, are being processed unlawfully, or you have objected to the processing of your data, you may request that we restrict the processing of your personal data.
In such cases, we may process your data only:
If we restrict processing at your request, we are obliged, where possible, to inform all recipients to whom the data have previously been disclosed.
If you have any questions about the processing of your personal data, you can contact the data controller using the contact information at the beginning of the statement.
If you believe that your personal data has been processed unlawfully, you have the right to file a complaint with the Data Protection Ombudsman.
Office of the Data Protection Ombudsman (Finland)
Visiting address: Lintulahdenkuja 4, 00530 Helsinki
Postal address: P.O. Box 800, 00531 Helsinki
Email: tietosuoja(at)om.fi
Telephone switchboard: +358 29 566 6700
Registry: +358 29 566 6768
