Stakeholder register privacy policy
Updated: 15.6.2018
1. Registrar | CSC – Finnish IT Сenter for Science Ltd Business ID: 0920632-0 www.csc.fi (hereinafter referred to as "we" or "CSC") | |
2. Contact person for register-related matters | Minna Lappalainen
Data Protection Officer Marita Pajulahti | |
3. Name of register | CSC stakeholder register | |
4. What are the legal bases and purpose for processing personal data? | The basis for processing personal data is CSC's legimate interest based on a customer relationship, supplier relationship, cooperation relationship or other relevant connection. The purpose of processing the personal data is to:
A data subject has the right to block direct marketing targeted at him or her. | |
5. What data do we process? |
| |
6. Where do we get the data from? | We acquire data primarily from the following sources:
In addition, personal data may be collected and updated – for use in the ways described in this privacy policy – based on data obtained from publicly available sources, authorities or other third parties within the bounds of the applicable legislation. The updating of this kind of data is carried out either manually or using automated methods. | |
7. To whom do we hand over the data? Do we transfer the data to outside the EU or EEA area? | Your personal data will not be handed over. We also use companies located in countries outside the European Union or European Economic Area, including the United States, to process your personal data. These companies process personal data to, for example, offer infrastructure and IT services, communication technology services or other services. In these cases, the EU-U.S. Privacy Shield arrangement will be applied to ensure adequate data security and register processing, or a contract consisting of standard clauses approved by the European Commission will be in place. As the stakeholder relationship ends, the person's data will be removed from the register as soon as processing it becomes unnecessary. | |
8. How do we protect the data and how long do we hold it for? | The only persons authorised to use the systems containing personal data are those employees of our company who have the right to process personal data on the basis of the work they carry out. Each user has their own user ID and password for the systems. We store the personal data for as long as it is needed for the purposes for which it was acquired. We regularly assess the need for storing data, taking into account the applicable legislation. In addition, we take reasonable measures to ensure that the personal data on data subjects stored in the register is not contradictory to the data processing purposes, out of date or inaccurate. Where such data is identified, it is either corrected or destroyed without delay. | |
9. What are your rights as a data subject? | As a data subject, you have the right to inspect the data about yourself that has been saved to the stakeholder register and to demand the correction of inaccurate data or its removal, provided that there is a legal justification for its removal. You also have the right to withdraw your consent or change it. As a data subject, you have the right under the General Data Protection Regulation (as of May 25, 2018) to object to the collection of your data or to request that it be restricted and to make a complaint about the processing of personal data to the supervisory authority. As a data subject, you also have the right, at any time and without cost, to object to data processing, wherever it relates to direct marketing. | |
10. Who should I contact? | All enquiries and requests regarding this privacy policy should be made in writing or in person to the contact person specified in section two (2). | |
11. How do we use cookies on our website? | Under the Information Society Code (917/2014), cookies are used on this website without violating the service user's protection of privacy. Cookies are used to collect metrics and for research purposes in order to study the type and volume of use. Cookies are not used to link website visitors to personal data or contact details. Cookies are not used to examine or copy the user's terminal equipment data. Data collected by cookies include:
Our website uses Google Analytics cookies. The data collected by these cookies is transferred to and saved on Google servers, some of which may be located outside the EU. Should they wish, users can disable cookies in their browser settings, but this may interfere with site function and is not recommended. | |
12. Changes to privacy policy | If we make changes to this policy, we will display the changes in this privacy policy document, including the dates on which they were made. If the changes are significant, we may inform people about these changes in some other way, such as by email or by publishing a notification on our website. We recommend that you visit our website regularly and pay attention to any changes to this privacy policy. |