Content »
 

Description of file and privacy statement

This document consists the description of file and privacy statement of Business Development Centre Ltd. Helsinki Region North (Keski-Uudenmaan Kehittämiskeskus Oy Keuke) in accordance with the Finnish Personal Data Act (sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Drawn up May 21, 2018. Last revision October 30, 2020.

1. Controller

Keski-Uudenmaan Kehittämiskeskus Oy Keuke
Puuvalonaukio 2
FI-04200 Kerava
keuke(at)keuke.fi

2. Person in charge of the register

Elina Pekkarinen, elina.pekkarinen(at)keuke.fi, tel. +358 (0)50 5492 213

3. Name of the register

The customer and stakeholder register of Business Development Centre Ltd. Helsinki Region North.

4. Legal basis and purpose of processing personal data

The legal basis for the processing of personal data under the EU General Data Protection Regulation is

  • Data subject's consent
  • Agreement to which the data subject is party
  • Performance of customer work for municipalities, cities, the government, development companies, vocational institutions, or other similar organizations

Legitimate interest of the controller: The controller's legitimate interest consists of tending to the customer relationship and providing and producing services related to the activities of the organization, including the organization of events. Personal data shall only be processed to the extent necessary for the realization of the above-mentioned purposes and in a manner that can be reasonably expected by the data subjects as they provide information.

Data is primarily collected from companies, communities, and private individuals within the scope of the controller’s services. In addition, data shall be collected from websites, other public sources of data, and other sources available to the controller's administrator.

Personal data is processed for the purposes of communicating with customers, maintaining customer relationships, providing municipal services, provision of information, etc. Data shall not be used for automated decision-making or marketing profiling.

5. Data content of the register

The data stored in the register consists of: name of the data subject, position, company/organization, contact information (telephone number, email address, address), website addresses, IP address of network connection, accounts/profiles on social media platforms, information on purchased services and changes thereof, invoicing information, other information pertaining to the customer relationship and purchased or provided services. In addition, the register is used to store the date of birth and personal identity code of job applicants along with information pertaining to their unemployment, as well as the date of birth and personal identity code of students along with information pertaining to their studies.

Data shall be deleted 10 years after the last customer transaction.

6. Regular sources of information

Data stored in the register is received from the customers via messages sent through online forms, email, telephone, social media channels, agreements, meetings with customers, and other situations where a customer provides information pertaining to them.

In addition, personal data may also be collected and updated for the purposes described in this privacy statement on the basis of information received from publicly available sources and authorities or other third parties subject to applicable legislation. Such information is updated manually or through automatic means.

7. Regular disclosure of data and transfer of data outside EU or EEA

Data is not regularly disclosed to other parties. Corporate information may be published within the services provided by the organization (for example, in a company directory).

Personal data may be transferred to co-organizers of events and the financiers of publicly funded projects or other similar public administration representatives only to the extent necessary or insofar as has been separately agreed with the customer.

In general, data shall not be disclosed outside EU/EEA countries. In individual cases contact information may be disclosed to cooperating partners.

Personal data shall not be disclosed for marketing purposes.

8. Data protection principles

The register is handled with due diligence and the information processed using information systems is protected appropriately. Where register data is stored on servers connected to the Internet, the physical and digital information security of the equipment used is ensured in an appropriate manner. The controller shall ensure that the stored information as well as the access to the servers and any other information that is critical in terms of the security of personal data is handled confidentially and only by such workers in whose job description these tasks are included.

9. Right of access and right of rectification

Each data subject included in the register has the right to review the information pertaining to them stored in the register and to request the rectification of any incorrect information or the completion of any incomplete information. If a data subject wishes to review the information pertaining to them stored in the register or to request rectification of said information, they must send their request to the controller in writing. Where necessary, the controller may ask the person submitting the request to verify their identify. The controller shall respond to the customer within the time specified in the EU General Data Protection Regulation (generally within one month).

10. Other rights pertaining to the processing of personal data

Data subjects have the right to request the erasure of data pertaining to them from the register (“the right to be forgotten”). Data subjects also have all other rights specified in the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. All requests must be sent to the controller in writing. Where necessary, the controller may ask the person submitting the request to verify their identify. The controller shall respond to the customer within the time specified in the EU General Data Protection Regulation (generally within one month).

 
 
 

Contact us

Do not hesitate to contact us and book a free appointment! You can also contact us using the contact form below.

 






 
 

Jätä tämä tyhjäksi


 
 

Join the mailing list »

 

Keski-Uudenmaan Kehittämiskeskus Oy

Business Development Centre Ltd. Helsinki Region North
Puuvalonaukio 2D, 2. krs, 04200 Kerava

Display on the map »

 

icon-phone.png

050 341 3210

icon-email.png

keuke@keuke.fi

 
 
© Keski-Uudenmaan Kehittämiskeskus Oy 2017 | login Synergia Foxy
 
Products in cart: 0  / Make an appointment »  / Cancel request