fbpx

Data Protection register

Register notification

Registrar controller and contact person

EsTT office

Address: Niittyrinne 4, 02270 Espoo, Finland
tel. +358 (0) 102013201
Office email: toimisto@espoontelinetaiturit.fi 

Register of members, trusts and affiliates / Marketing Registry

Data subjects

Our register handles the personal data of members of Espoon Telinetaiturit, and its former members, as well as the contact persons of its affiliated organizations and trustees.

In addition, the register handles the personal data of persons attending / having attended trainings and events organized by Espoo Telinetaiturit.

Purpose and use of the processing of personal data

The purpose of our register is to manage, maintain, develop and market the information of registered members and trustees during their membership or term of office, as well as the management of expired membership documentation in personal data systems. For those who have participated in the training and events organized by Espoo Telinetaiturit, there will also be direct marketing targeted at individual groups.

The processing of personal data is based on:

1. The statutory obligation of Espoo Telinetaiturit is to maintain a membership register for its members
2. With respect to the agreement partners (cooperation partners) for the performance of the contract and any other legitimate interest of the controller. The interest of the controller in agreement situations is the control of financial claims and liabilities.
3. For trustees, the registration shall be based on regulations of the Associations Act.
4. Consent with regard to the marketing register.

Personal data processed:

The register handles the personal and contact details of members of Espoo Telinetaiturit trusts and officers, as well as any other information necessary for membership or participation in training and events.

This data includes:

  • The full name of the member
  • Postal address
  • Telephone
  • Email address
  • Web address
  • Chairperson
  • Executive Director
  • Secretary
  • Custodian / treasurer
  • E-Invoice or invoicing email – Responsibilities by role and job tasks

Information to be collected from participants:

  • name
  • email address
  • date of birth (for shipping companies only)
  • food allergies (only for events with catering) (justifiable for the vital interest of the data subject, i.e. health)

Regular sources of data

Personal information is collected from members, registered individuals and participants themselves.

Protection of personal data and security

Digitally processed personal information is protected and stored in the Hoika member data system, the access to which is restricted to those who need such information to perform their job duties. These individuals have access to personal usernames and passwords. Personal data is protected from outside access.

Regular disclosure and transfers of personal data

As a rule, data is not disclosed to third parties. The exception is the disclosure of participant lists to training providers, subscribers or trainers. Personal data will be disclosed to the registry administrator or contact person designated by the organizer. Personal data may be transferred to other system administrators when changing a registry service provider. A partner of the controller, who is responsible for the technical maintenance and processing of the personal data file, may transfer personal data in accordance with the applicable privacy laws and this data protection statement.

Retention period of personal data

Member data will be kept in the register for as long as the registered member is a member or agreement partner of Espoon Telinetaiturit and for the agreement claim liability period. After termination of a membership, personal data will be retained for a maximum of ten years.

Agreement data shall be retained for a minimum of three years and a maximum of ten years from the expiry of the limitation period. Participants’ personal data will be retained for a maximum of ten years after their last participation.

Consent based data will be retained until the consent is revoked.

There is no time limit for the retaining of competition results.

Rights of the data subject:

The data subject has the right to object at any time to the processing of their personal data for direct marketing purposes. The data subject may also give Espoon Telinetaiturit ry consents and prohibitions to channel-specific direct marketing. In addition, the data subject is, in principle, entitled at any time, in accordance with the applicable data protection law, to: – be informed of the processing of their personal data;
– have access to their own data and to verify the personal data processed by Espoon Telinetaiturit ry;
– require the rectification and completion of inaccurate or incorrect personal data;
– require the deletion of their personal data;
– withdraw their consent and object to the processing of their personal data, insofar as the processing of the personal data is based on the data subject’s consent;
– object to the processing of their personal data on the basis of their specific personal situation, in so far as the processing of personal data is justified by the legitimate interest of Espoon Telinetaiturit
– receive their personal data in machine-readable form and transfer such data to another data controller, the processing of such personal data by the Espoon Telinetaiturit, with the consent of the data subject, is carried out automatically;
– require the restriction of the processing of their personal data.

The data subject must submit a request for the exercise of the aforementioned right in accordance with the “Contact” section of this privacy policy.

Espoon Telinetaiturit may ask the data subject to clarify their request in writing and to verify the identity of the data subject before processing the request. Espoon Telinetaiturit may refuse to execute the request on the grounds provided by the applicable law.

The right to complain to the supervisory authority

Every data subject shall have the right to complain to the relevant supervisory authority or to the supervisory authority of the European Union member state where the data subject is resident or their place of work, if they considers that their personal data has not been processed in accordance with applicable data protection practices.

Required information

For the trustees of the association (Espoon Telinetaiturit ry), the information required by the Associations Act (name, title, contact information) (Associations Act). Agreement entities:

Basic data about the agreement partner, information required for credit collection (credit). Allergy information for those involved in events (vital benefit to the data subject). Other information required by third parties to arrange anevent (to be reported upon registration). (Conclusion of agreement).

Consequence of non-disclosure

One cannot be elected to a position of trust without the disclosure of mandatory data.

Data is also received from member associations and the registration system

The data provider is a member association, which discloses the data of its own trustees and officials. Data is obtained from member associations, which are independent controllers. The data will be collected from the information provided in participant registrations. Notifications of these registrations are made for the first time when you are in contact with the registrant.

Contact

Requests for the exercising of a data subject’s rights, questions about this privacy policy and any other communications should be made to the following email address: toimisto@espoontelinetaiturit.fi.

Changes to this privacy policy

This privacy policy may be updated from time to time, for example, as the law changes. This announcement was last updated on January 12, 2020.

PRIVACY POLICY CONCERNING CAMERA SURVEILLANCE

Name of the register

Camera surveillance in address Vitikka 4, 02630 Espoo

Registrar controller

Espoon Telinetaiturit ry

y-tunnus: 0460107-3

Contact person of this register

Executive Director Olli-Pekka Lintula

Niittyrinne 4, 02270 Espoo
toiminnanjohtaja@espoontelinetaiturit.fi

The purpose and basis of the processing

The cameras are used to monitor the safety of the use of the sports facilities. Appropriate signage indicates use of the surveillance.

The purpose and basis of the processing is to investigate the safety and health of persons working on the premises and to investigate property damage.

Data content of the register

Surveillance cameras are digital, in use 24 hours a day and recorded onto an online data storage. Surveillance cameras do not record speech.

Regular sources of data

The source of information is the image captured by  the cameras

Regular disclosures and transfers of data

The data stored by the cameras is not routinely disclosed to anyone. Upon request, data recorded by the cameras will be released to the police or another authority. Data can be passed on to health care providers and insurance companies in case of an accident.

Data will not be disclosed outside the EU or the European Economic Area.

Registry security principles and data transfer

The surveillance control centre is located in a surveillance cabinet, which is restricted to certain people only. The data is retained for about 2 months, after which time the data is deleted.

Data subjects rights concerning the register

A data subject has the right to verify their data and to request the deletion of the said data.

The data subject shall have the right to verify the information concerning him/ her which is stored in the register. The data verification request is subject to a charge if less than one year has passed since the previous request for verification.

The data subject shall have the right to demand the deletion of any data entered in the register concerning him or her. The controller may refuse to carry out such a removal on the grounds provided by law or on the basis of the duties and rights of the controller.

Right of the data subject to lodge a complaint with the supervisory authority

The data subject shall have the right to appeal to the competent supervisory authority if the controller has not complied with applicable data protection rules.

Contacting for the utilisation of rights

In the case of a request for verification and deletion of information, the request shall be submitted in writing and signed by the registry administrator. The request for verification must be made in person to the controller. If necessary, the controller may ask the customer to clarify their request in writing and to prove their identity.