The application of EU’s General Data Protection Regulation (GDPR) began on 25 May 2018. The objective of the GDPR is, among other things, to strengthen natural persons’ rights and liberties, address the global aspect of data protection and to increase the efficiency of implementating control of data protection rules. The operations and services of Archinfo Finland (Arkkitehtuurikeskus ry.) comply with the requirements of the new regulation.
Communications are an essential part of Archinfo Finland’s operations, which is why we control a filing system for personal data. In accordance with the principles of the GDPR, we undertake to process personal data responsibly: we only collect the data we need, keep it only as long as we need it, and, in the event of a personal data breach affecting our filing system, notify the supervisory authority immediately.
All data subjects in our filing systems will be able to access the data we keep about them and to change it, or have it removed if they so wish, unless there is a legal ground, associated with, for example, archiving, for keeping data. If you want to find out what data concerning you we have in our filing system, send a data request to arch(at)archinfo.fi. In the message, tell us your name and connection with Archinfo Finland. We will provide you with an account of the data concerning you we have in our possession within a month.
We continually develop and update our data protection practices and want to keep distributing information concerning news and events in the field architecture.
Archinfo Finland / Arkkitehtuurikeskus ry
Malminkatu 30, 5th floor, 00100 Helsinki, Finland
Business ID: 2470851-3
Name of filing system: Archinfo Finland’s contact details register
Contact person: Miina Jutila, arch(at)archinfo.fi, tel. +358 40 585 4135
- What data we collect and why
- How we use and keep data
- The rights of data subjects
Why we collect personal data and what we use it for
Communications are an essential part of Archinfo Finland’s activities and the reason we control a filing system for personal data. The processing of personal data is based on an employment relationship, a contractual relationship, the data subject’s permission or another objective connection.
The filing system includes personal data of subscribers to Archinfo Finland’s architecture-related notifications and communications, users of Archinfo Finland’s online services, and people who have signed up for or participated in events organised by Archinfo Finland or who have in other ways expressed their willingness to receive architecture-related information.
The address register also contains contact details of culture and media representatives. Communication with them is one of Archinfo Finland’s core functions.
The contact details register is used for sending newsletters, communications and invitations related to architecture, as well as for professional communication and service. Personal data may also be processed for the purpose of carrying out surveys and questionnaires.
Data we collect
Our filing system contains the person’s name and email address.
In addition, a person’s data may include:
- the organisation the person represents and its field of business
- the person’s profession or title
- street address
- postcode, town or city and country
- telephone number
- website URL
- language of communication
- the person’s professional specialisation
- information on the person’s participation in Archinfo Finland events
- the person’s responses to Archinfo Finland’s questionnaires and surveys
- other information related to the relationship between the person and Archinfo Finland
- time of data storage and log data
- prohibitions, limitations, permits and other selections
How we collect data
Data is mainly obtained directly from the data subjects themselves by email, in person, by telephone or via a personal data form. Data subjects provide their data, for example, when notifying Archinfo Finland of their willingness to receive its messages, ordering services from Archinfo Finland, registering as users of online services administered by Archinfo Finland, or when signing up at events organised by Archinfo Finland.
Additionally, the contact details of culture, media and public administration representatives is copied in the filing system from public lists and websites to enable communication.
How we process data
Personal data is not disclosed to parties external to third parties acting on behalf of Archinfo Finland or participating in the production of Archinfo Finland services.
Data is kept in a contact information management application administered by a third-party service provider. The service provider is contractually obligated to ensure lawful data protection of personal data.
As a rule, personal data is not transferred or disclosed to parties outside the European Union and the European Economic Area. If this is necessary for the technical implementation of the services, it will only be done if an adequate level of data protection can be ensured contractually.
Our service providers, personal data processors and partners are committed to ensuring an adequate level of data protection for personal data in accordance with EU regulations and legislation.
How long data will be kept
We only keep data for as long as it is necessary for the purpose of architecture-related communications, professional contact, the service relationship or the meeting of contractual obligations, but always in compliance with current legislation.
Data subjects have the right to
- receive an account of their personal data kept in a filing system within one month of a data request
- request the correction or transfer of their data or the limiting of its use
- demand the removal of their personal data from the filing system, providing there is no legal ground for keeping it
- withdraw permission to process their personal data
- prohibit electronic communications and newsletters via a link at the end of each message or by sending an email to arch(at)archinfo.fi
- obtain information on any data breach affecting their data
- file a complaint with a supervisory authority if they consider their personal data to have been processed incorrectly.
Any request for inspection or rectification, and other requests, must be sent to the data controller in writing, either by mail or email. The controller may require the data subject to prove their identity.
How we protect personal data
The security of the filing system and personal data is ensured, for example, with a firewall, the protection of the IT areas, access control, user rights and encryption technologies. Personal data is protected against unauthorised access and unlawful or accidental data processing.
Personal data is processed only by third parties that maintain or develop services by order of Archinfo Finland. They identify themselves in the systems by using their personal usernames and passwords.
How cookies are used on our website
Cookies are used on the websites administered by Archinfo Finland. A cookie is a small text file that the browser stores on the user’s device. Cookies contain an individual identifier that makes it possible to identify a terminal device that has been used for visiting a website.
The purpose of cookies is to offer faster and smoother use of websites for the user.
Cookies and the information they help to collect is used for analysing the use and usability of an online service, to improve its security, monitor its use and for service development.
The user cannot be identified solely on the basis of cookies.