Register and data protection statement in accordance with the Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR)
Completed: 6.5.2021
1. The controller
TaTU Tampere ry
2. Contact person responsible for the register
Rauhaniemi Service Manager, tel. 050 552 0882, kati.viitala@rauhaniemi.net
3. Name of the register
TaTU Tampere ry's customer and marketing register
4. Legal basis and purpose of the processing of personal data
The legal basis for processing personal data under the EU General Data Protection Regulation is.
- the voluntary, documented consent of the person
- a contract to which the data subject is a party; or
- the legitimate interest of the controller (customer relationship, employment relationship, membership).
The purpose of processing personal data is to contact customers, maintain customer relations and marketing.
5. Data content of the register
The data stored in the register includes: the name, gender, contact details, date of birth, e-mail address if requested, city of residence, information on purchased services, other data related to the customer relationship and ordered services.
The data is kept in the register for the duration of the customer relationship and is deleted if the customer so wishes.
6. Regular sources of information
The information stored in the register is obtained from customer meetings, messages sent via web forms, email, telephone and other situations where the customer provides their information.
7. Regular disclosures and transfers of data outside the EU or EEA
We share your personal data with the following parties:
- With the police to investigate crimes.
- Marketing-related assignments for partners who analyse, print or distribute marketing material.
Data may also be transferred outside the EU or EEA by the controller.
If we disclose your data to our partners, they act as processors under a cooperation agreement. By means of the agreement, we oblige our partners to act in accordance with the Personal Data Act (Articles 10 and 24) and the EU General Data Protection Regulation (GDPR). The cooperation partners are not authorised to use the data in the register for any other purpose than the assignment agreed with TaTU Tampere ry.
8. Principles of register protection
The register is handled with care and the data processed by the information systems are adequately protected. Where the data are stored on Internet servers, the physical and digital protection of the security shall be adequately ensured.
TaTU Tampere ry ensures that stored data, server access rights and other information critical to the security of personal data are treated confidentially and only by employees who are authorised to do so. to whom it is assigned. Employees who process customer registration data are bound by confidentiality obligations.
9. Right of inspection and right to request correction of information
Every person in the register has the right to check the information stored in the register and to request that any inaccurate or incomplete information be corrected or completed. If a person wishes to check data stored about him or her or to request that it be corrected, the request must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity.
The controller will respond to the customer within the time limit set by the EU General Data Protection Regulation (usually within one month).
10. Other rights relating to the processing of personal data
A person in the register has the right to request the deletion of personal data concerning him or her from the register. The data subject also has other rights rights under the EU General Data Protection Regulation such as the restriction of the processing of personal data in certain circumstances. Requests should be sent in writing to the controller. The controller may request if necessary, ask the applicant to prove his or her identity.
The controller will respond to the customer within the time limit set by the EU General Data Protection Regulation (usually within one month).
11. Changes to data protection practices
TaTU Tampere ry may make changes to this Privacy Policy and related information.
