Suomen Yrittäjät event register privacy statement

This privacy statement has been replaced by a new one in January 2021. You can find Suomen Yrittäjät’s current privacy statement here »

1. Controller

The register is maintained by the entrepreneurial association named in the registration instructions, either:

Suomen Yrittäjät ry,
Suomen Yrittäjät regional association, or
Suomen Yrittäjät local society.
The contact details of the person responsible for the event register can be found in the registration instructions. Secondary contact details for the register:

Suomen Yrittäjät ry / Karri Ruuskanen
PL 191
00251 Helsinki
Suomen Yrittäjät switchboard tel. 09 229 221

2. Data subjects

Enrolled event attendees

3. Basis and purpose for maintaining the register

The legal basis for the processing of personal data is the contractual relationship between the controller and the data subject. Data processing for the event and marketing is based on the controller’s legitimate interest, and, for marketing, on the consent of the data subject.

Personal data are only processed for purposes defined in advance, which are the following:

  • providing information about an event
  • invoicing for an event
  • gathering feedback on an event
  • marketing of similar events

We market Suomen Yrittäjät membership to businesses that attend events.

4. Data stored in the register

The event register contains both company data and business contacts.

  • name
  • contact details
  • invoicing details
  • membership in the association

If the nature of the event so requires, we ask for:

  • allergy information
  • date of birth
  • professional title

5. Data subject’s rights

You have the following rights. If you have questions about exercising them, contact the contact person named in the event’s enrolment instructions.

Right of inspection and rectification

You have the right to check the personal data we store about you. If you notice any inaccuracies or defects in your data, you can ask us to correct or complete the data correctly.

Right of objection

You have the right to object to the processing of your personal data at any time if you feel that we have processed your personal data unlawfully or that we do not have the right to process some of your personal data.

Right of withdrawal

With email marketing, you can always refuse to be the recipient of marketing efforts any longer.

If you feel that processing some of your data is not necessary for our tasks, you have the right to ask us to erase such data. We will process your request, after which we will either erase your data or provide you with a justified reason the data cannot be erased. If you disagree with our decision, you have the right to file a complaint with the Data Protection Ombudsman (guidelines on how to file a complaint here). You also have the right to demand that we restrict the processing of controversial data until the matter is resolved.

Right of appeal

You have the right to file a complaint with the Data Protection Ombudsman if you feel that we violate existing data protection legislation when we process your personal data (guidelines on how to file a complaint).

6. Regular sources of data

The data are collected from the data subject when registering for an event.

7. Regular disclosure of data

We do not sell or rent data from the event register to third parties. We disclose data to third parties only in the following cases:

  • We may disclose data subjects’ data to third parties if the data subject has given his or her consent.

8. Duration of processing

Personal data shall be kept in the event register for as long as necessary for the purpose of processing.

9. Processors of personal data

  • The data in the event register are processed by the persons in the association responsible for the event and the employees of Sypoint Oy, owned by Suomen Yrittäjät ry, in accordance with current data protection legislation.
  • Personal data may be processed by event subcontractors, such as catering services.
  • Personal data may be processed by service providers responsible for transaction invoicing, such as accountants’ offices.

By means of contractual arrangements, we ensure that personal data are processed in accordance with the applicable data protection legislation and otherwise appropriately.

The following tools may be used to collect data from the event register:

  • Event form on the Yrittäjä website (Drupal)
  • Webropol
  • Lyyti
  • GoToWebinar
  • Shopify

10. Transfer of data outside the European Union

As a rule, we choose secure data centres in Europe as data storage sites.

Some of these service providers may back up data outside the European Union/European Economic Area in the United States. The data are backed up to protect your data even in situations where the main servers fail.

Privacy Shield

We ensure that our service providers have joined the EU–US Privacy Shield, the aim of which is to ensure the security of EU citizens’ data processing in the US.

11. Cookies and browsing monitoring

We may collect data on the data subject’s terminal device using cookies and other similar technologies, such as the local browser repository. A cookie is a small text file that the browser stores on the data subject’s device. Cookies often contain an anonymous, unique identifier that allows us to identify and calculate the browsers used to visit our website.

Some cookies are essential for the functionality of the website. Some cookies are used to measure the number of visitors and analyse the use of the site in order to improve our service. We can also use cookies to target advertising. Cookies enable us to provide website visitors with content that best serves their needs.

Third parties may set cookies on the data subject’s device when the data subject visits our services in order to record the number of visitors to different websites. “Third parties” refer to bodies other than Suomen Yrittäjät ry, such as providers of measurement and monitoring services.

We ask for consent to use targeting cookies, performance cookies and functional cookies. At any time, the data subject has the right to withdraw cookie consent or to change his or her own cookie settings. Cookie settings can be changed via the link below.

Our services may also contain links to other websites and social networks, but we are not responsible for the privacy policies or content of these external websites. We recommend that you read the privacy terms and conditions of these services.

12. Privacy protection terms for mobile applications

Our mobile apps, which are made available to you through, for example, Apple App Store, Google Play or Microsoft Store, are subject, in addition to this privacy statement, to the terms and conditions of the service provider in question. In addition, the data subject must accept the application terms of use.

Updated June 2020