Privacy statement of the contact information register system of Business Tampere (Tampere Region Economic Development Agency Tredea)
1 REGISTER NAME Contact information register system of Business Tampere (Tampere Region Economic Development Agency Tredea)
2 CONTROLLER Tampere Region Economic Development Agency Tredea (Business Tampere, Business ID 2252888-5), Kelloportinkatu 1 B, 33100 Tampere, www.businesstampere.com
3 PERSON RESPONSIBLE FOR THE REGISTER
The data protection officer of Business Tampere is Merja Telenius.
Acting Office Manager
+358 40 800 7340
The tasks of the person include
- making sure that the customer register system is used appropriately
- assigning access rights
- taking care of the data protection of the information system
- seeing to it that instructions are provided on using the system and that sufficient training is organised for the users
The responsible person can provide more detailed information about the register and is in charge of facilitating registered persons’ right to receive, inspect and correct information about themselves.
4 PURPOSE OF THE REGISTER
The purpose of the system is to keep a register of the companies in the Tampere Region, the companies being attracted to the region and other partners of Tredea (companies, organisations, corporations and private persons) to facilitate the business service, maintain cooperative relationships and distribute useful information to companies in the region. The information in the register is used to ensure the quality and coverage of the business service provided by Tredea, to distribute news that improves the entrepreneurial environment of the Tampere Region and to attract new companies to the region. The register also supports research and statistical activities. The sending of so-called marketing messages concerning business services and events is based on the consent of the receiver.
5 DATA CONTENT OF THE REGISTER
The data content consists of the following business data: - first name and surname (and prefix) - title - company/corporation name (and department) - company business ID - profile information (classification, such as the company’s field of business) - grouping information (such as mailing groups) - address information - telephone number (landline and mobile) - e-mail address - website addresses - contact language - additional information provided by the customer - customer history, log data (e.g. contacts with the customer) - possible ban on mailing (e-mail and post)
6 REGULAR SOURCES OF DATA
The information is received directly from companies, corporations and private persons. Public sources, such as Statistics Finland, are also used.
7 REGULAR DISCLOSURE OF DATA
Personal data is not regularly disclosed outside of the company. Exceptions can be made in cases where it is considered that a third party can offer companies special information or advantage. Under no circumstances is personal data disclosed for commercial purposes or to commercial parties. As a rule, data is not transferred outside the EU or EEA unless it is necessary for the purpose or technical implementation of the processing of personal data. In that case, the requirements of the personal data legislation are complied with.
8 INTERNAL USE OF THE REGISTER
The register is used by the personnel of Business Tampere. Tredea’s own personnel is primarily responsible for entering the data in the register and updating it. Access to the register requires a personal username and password. A username is provided when a person is granted access rights. The access rights are terminated when the person leaves the position due to which he/she was granted the access rights. In the same connection, the user ID is also deleted.
9 COMBINING THE REGISTER WITH OTHER REGISTERS
The contact information register is designed solely for Business Tampere’s use. It is updated based on data provided by the customer, publicly available information (such as websites) and data received from Statistics Finland.
10 PROTECTION OF THE REGISTER
The data included in the register is only available to Business Tampere. The system functions on the external servers of Business Tampere’s service provider, access to which is limited to technical maintenance personnel. The servers are located in a fireproof server room that is guarded around the clock.
11 STORAGE, ARCHIVING AND DISPOSAL OF THE DATA FILE AND REGISTER INFORMATION
The contact information is recorded in a data system, where it is stored for a period of time that is sufficient for the operations. The data is not archived separately. The enrolment information relating to events is deleted when it is no longer necessary. In ESF and ERDF projects as well as other publicly funded projects, the data storage times required by the programme season in question and the financier are followed.
12 RIGHTS OF THE DATA SUBJECT
The data subject has the right to inspect their registered data. You can ask the register contact person for your data by e-mail (contact information in this privacy statement). If you want to inspect a specific piece of data, specify in the message as to what data you want to inspect.
The data subject has the right to receive from the controller the personal data concerning them in a generally used transfer format in order to submit them to another controller, the right to be notified of a data security breach concerning their data if the breach is likely to cause a great risk to the rights and liberties of the individual, and the right to complain to a supervising authority if they hold that the controller violates the data protection regulation. The data subject also has the right to oppose the processing when the processing is based on points (e) or (f) of Article 6(1) of the data protection regulation.
13 CORRECTING INFORMATION
Company information is checked biannually from the materials of Statistics Finland and, if needed, on company websites. The person or company who is the subject of the information can submit a written request to correct the information to the person responsible for the register.
The data subject has the right to demand the correction or deletion of their incorrect personal data. Tell the register contact person (contact information in this privacy statement) what data you want to be corrected and indicate the correct data. The data subject has no right to demand the deletion of data the controller is legally obligated to store.
14 REGISTER ADMINISTRATION
As the controller, the responsible person has the power of decision over the register, making decisions on
- preparing the register description and description of file
- using the register, specifying the data content and purpose, granting access rights, informing registered persons, facilitating the right of inspection, correcting information and disclosing information
- the register’s system-technical maintenance
- protecting the register and organising data security, archiving and disposal
- designating the person responsible for the register and their tasks
Register activities are carried out by persons in Tredea’s employment.
15 INTERNAL INSTRUCTIONS AND TRAINING FOR REGISTER ACTIVITIES
The internal instructions for register activities are prepared separately. Personnel training is planned separately.
Office Manager (act)
+358 40 800 7340