Privacy policy

Controller

Finnish Forest Association
Salomonkatu 17 A
00100 Helsinki
info@smy.fi, +358 9 685 0880
Business ID code 0288770-9

Contact person

Elena Ramsurrun
Finnish Forest Association
Salomonkatu 17 A
00100 Helsinki
elena.ramsurrun@smy.fi, +358 9 685 0880

Name of register

Customer register of the Finnish Forest Association

Purpose of use of personal data

The purposes for which we use personal data most commonly include the following: management and maintenance of customer relationships; communication with and messages to customers, such as newsletters; marketing to strengthen the customer relationship; development of services and activity; processing of orders; organising of events; and billing and invoicing.

We process the data according to the principles laid down in the EU’s General Data Protection Regulation, in order to

  • fulfil contracts made with the data subject
  • handle the data submitted by the data subject on the basis of his/her consent
  • further our legitimate interests, such as developing our activity
  • comply with our statutory obligations, such as the obligation to store documents laid down in the Accounting Act

In connection with publishing articles, information about events, competition results, etc., we process and publish personal data and photographs where it is possible to identify individuals.

Period of storing personal data

We store customer data for as long as necessary for the purposes listed above, and for a reasonable period thereafter.

Data stored in the register and regular sources of data

Among other data, we collect the following data and their amendments on the data subjects:

  • name and contact details (postal address, telephone number, e-mail address)
  • name, contact details and field of operation of the organisation represented
  • position and job description
  • demographic data (such as occupation, language used in communications, gender)
  • data on customer relationship (such as information on participation, orders, billing, payments and products, as well as feedback and communications received)
  • in connection with event registration, date of birth and information on allergies and other comparable information
  • data on marketing and related measures
  • communications addressed to the data subject and actions related to them
  • other data collected with the consent of the data subject
  • data related to the content of the digital services of the Finnish Forest Association, as well as that related to the use of the content and cookies

We mainly collect the data from the data subjects themselves at the start and during the customer and stakeholder relationship, and when the data subject orders a service from us, uses our applications and products or registers for or participates in events organised by us. We also receive personal data from our stakeholders and from public sources of data.

Handing over of data

We do not sell, transfer or hand over personal data to third parties except in the following cases.

We may transfer and share the personal data of customers participating in events organised by the Finnish Forest Association among other participants and organisers of the event in question.

We may share personal data among our cooperation partners, with whom we carry out joint projects and market them.

We may hand over customer data to third parties at the customer’s consent. We may share personal data with third parties who provide services to us, including software services, technical management of personal data, communication and various campaigns. In sharing the data, we will not allow the party in question to use the data for purposes other than providing the relevant service.

We may hand over personal data at the request of a court of law or on the basis of a statutory request from another authority.

Transferring data outside the EU or the European Economic Space

In processing personal data, we may use service providers who may have access to personal data outside the EU or the EES. In such cases we will ensure the due protection of personal data by making sure that there exists a legal basis for transferring the data, such as the Privacy Shield arrangement approved by the EU.

Principles of protecting the register

The data in the customer data register can only be accessed and used by those officials of the Finnish Forest Association and other designated persons who are required to do so on the basis of their work duties and who have the requisite user identification. We employ the necessary means of technical data security, such as firewalls and passwords.

Rights of the data subject

Among other things, the data subjects may at any time

  • request access to their personal data and request that the data be rectified or erased, as well as request a restriction of processing or object to the processing, and request that data be moved to another processing system
  • inspect and, where necessary, rectify the data concerning them in the register. A request for this shall be submitted to the register controller in writing.
  • to the extent that the processing of personal data is based on the consent of the data subject, withdraw the consent
  • lodge a complaint regarding the processing of personal data with the supervisory authority

Updating of this privacy policy

The Finnish Forest Association may update this privacy policy as and when its activity is reorganised, the principles and recommendations of data protection are changed or legislation is amended. The updates become effective on the publication of the updated privacy policy.