1. Controller, contact person and data protection officer
Name of the filing system (register): Smart Tampere Ecosystem program customers
Controller: Tampereen kaupunkiseudun elinkeino- ja kehitysyhtiö Tredea Oy, (Business Tampere, ID 2252888-5), Kelloportinkatu 1 B, 33100 Tampere, www.businesstampere.com
Data Protection Officer:
050 4861 253, firstname.lastname@example.org
2. Purposes of personal data processing
The lawfulness of data processing is based on legitimate interests of the controller and data subject’s consent.The register is used to manage and communicate Smart Tampere program and maintain customer relationships of the Smart Tampere development program by the City of Tampere. The register’s data is used to send the Smart Tampere newsletter and inviting partners to events hosted by the Business Tampere / City of Tampere.
3. Data content of the register
Collected data consists of the following information: name of the organization, name, email address and phone number of the contact person. Events in which catering is provided, information about allergies are collected and the data will be disposed after the event. Data is received from data subjects; enterprises, communities and individuals when executing program’s activities, like co-creation projects, events, meetings and newsletter subscriptions. In addition, data is collected from organizations’ websites, social media and internet search engines serve as sources of information. Photographing in the non-public event is communicated to the participants and photos are used for Smart Tampere promotion, marketing and communication purposes.
4. Disclosure of the personal data, Will data be transferred outside EU / EEA?
The personal data can be accessed by the controller i.e. Business Tampere employees, Smart Tampere development program employees, coordination and stakeholder groups, and relevant personnel of the service providers.The list of invitees and participants are handed over to the events co-producers (various ministries and the Office of the Electoral Commission) to send invitations and information about the event. The disclosed data is the name of the organization, name of the person and either email address of postal address. The personal data can be transmitted on event co-organizators, when the event management requires that.
Personal data will not be transferred outside EU / EEA except of the data related to the newsletter subscriptions, which are processed in the US. Transfer will be managed by the Privacy Shield method.
The agreements made with the service providers ensure that the GDPR requirements and other relevant data processing requirements are met, if a service provider is involved with processing.
We will protect your personal data from unauthorized processing, accidental loss, destruction or damage. The data recipients respectively have the responsibility to process the disclosed data according to the GDPR requirements.
5. Storage limitation
The personal data filled in by the data subject will be retained during the development program period and archived according to the archiving plan.
6. Rights of the data subject
You have the following rights as the data subject:
- right to receive information on personal data processing
- right of access (right to make information request)
- right to rectification
- right to erasure (right to be forgotten)
- right to restriction of processing
- right to data portability
- right to object
- right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects
If you would like to use your rights as data subject, you need to send written request to the data protection officer.
If you feel your rights have been breached, you have the right to contact national supervisory authority (Data Protection Ombudsman) to make complaint (http://www.tietosuoja.fi/fi/index/yhteystiedot.html).
7. Security of processing
The filing system is protected by infrastructure and access rights. Business Tampere will co-operate only with such ICT partners, which fulfil the needed information security level e.g. on server location and access restriction. Business Tampere controls the access management of the register. Access is granted only to technical support and Business Tampere employees working for the community program.