Finnish Enterprise Agencies’ data protection policy: this is how we process your personal data
1. Who we are and what this page is
This data protection policy (hereafter “policy”) explains the practices that we, the Finnish Enterprise Agencies (hereafter “we”, “us”, “our”) as data controllers have in place with regard to our services, for the purposes of protecting personal data. We operate in Finland, with business identity code 1099574-2 and registered address Lautatarhankatu 10, 00580 Helsinki.
Pursuant to the General Data Protection Regulation of the European Union (“GDPR”), we would like to inform the users of our website and/or services, as well as current and potential partners, about the way we process their personal data, in a concise, transparent, easily understandable manner, using clear and plain language. Protecting your privacy is important to us, and we are obliged to inform you about the way we collect, handle and disclose (when necessary) your personal data. Our aim is to make our website and services a safe and protected environment for the users.
By continuing to use our website, you consent to the collecting, using and disclosing of your personal data (jointly referred to as “processing of personal data”) according to this policy. In case you have any questions regarding our data protection policy even after reading the below information, we encourage you to get in touch with us.
2. Contact details of the data protection officer
Our data protection officer Anna Laaksonen (email@example.com) will answer any queries regarding this policy.
3. Our personal data registers
We may process your personal data for different purposes and therefore using partly different registers.
4. What personal data we collect and process
(a) directly from yourself or through the services you use
We collect and process your personal data when you provide us with said data through your user account (registered on our website), when you fill in a form available on the website, or when we are in contact in any other way or when fulfilling our contractual obligations. The following categories of data, among others, are processed in our registers: name, email address, place of residence, plans for starting an enterprise and work situation.
We collect at least the necessary basic information (name and email address) from the user accounts of registered users. Without this data (“mandatory data”), we cannot accept your registration on our website, nor offer our services to you. Additionally, you can voluntarily share other personal data (“voluntary data”) with us through your user account.
(b) using cookies
– Google Analytics, read more: https://policies.google.com/privacy?hl=en-GB
When applicable, we also use public sources in order to ensure, for example, that the data is accurate and up-to-date. Furthermore, we may add you as a recipient of our newsletter using your consent in connection with introduction of our digital tool and with downloading our Entrepreneur Guide. The Entrepreneur Guide is available for download on the Finnish Enterprise Agencies and Suomen Yrittäjät (the Finnish SME interest and service organization) websites.
5. The purposes and legal basis for our processing of personal data
We process personal data in accordance with this data protection policy primarily for the purpose of offering our services and thus fulfilling a contractual obligation, but also for reporting, statistics, research and developing purposes, and for the purpose of informing about our products and services. Therefore, we process personal data based on the following legal grounds:
to fulfil contractual obligations, to satisfy our legal obligations, legitimate interest and the user’s consent.
Our legitimate interest comprises especially raising awareness about our products and services, and developing our operations.
On the aforementioned legal basis, we use the data collected from our website, in sum, for the following purposes:
- to ensure that the content of the website will be displayed to you and your computer in the most efficient form;
- to fulfil the contractual obligations derived from the agreements reached between both parties;
- to grant you access, if desired, to the interactive functions of our service;
- to notify you about changes in our service;
- for the purposes of customer service;
We collect and process only personal data that is necessary for our operations and for serving you or your organisation.
We may disclose personal data to other parties:
- with your consent, to other networks of the Finnish Enterprise Agencies;
- when required in order to offer our services and thus fulfil our contractual obligations;
- when our partners (IT support, for example), as per our order, process personal data on our behalf and following our instructions (we require that all such partners commit to policies that are equivalent to those we have in place);
- anonymized for research use; and, additionally,
- when we deem that the disclosure is indispensable in order to, among other things, execute our rights, ensure safety or, for example, respond to requests from authorities.
With your consent, we may also disclose information to other parties.
We will not transfer your data outside the EU or the European Economic Area.
7. Data transfer on the internet
Unfortunately, transferring data on the internet is not completely secure. Therefore, you will be liable for the data transfer yourself. Once we have received your data, we will follow strict safety procedures and apply safety measures, in order to prevent any inappropriate access to your data. However, we cannot guarantee that the data you transfer to us is completely secured from misuse by third parties. Once you have gained access to specific features of the website, you are the sole responsible for keeping your log-in data safe and private. We demand that you do not reveal your log-in data to anyone.
8. External services
We may use applications and content tools from third parties in certain parts of our website. When using such applications or content tools, these third parties may obtain your personal data, for example, when you are logged in the services in question.
9. Storing of personal data
We process personal data in accordance with each purpose and only during the time it is necessary for the use. We would like to remind you that we are bound by legal obligations which may require that we store the data even after our agreement with you has ended. Furthermore, it is important to observe that, if necessary, we may keep personal data that is essential for statistical purposes, but which cannot be used to identify, directly or indirectly, any individual users.
10. Your rights as a data subject
As a data subject, you have the right to:
- access your personal data: through your user account, you can review the majority of the data you have entrusted to us, but you can also contact us in order to check what other data about you has possibly been stored;
- rectify your data: you can correct and update the information you provided to us through your user account, but if you cannot change the data you wish to rectify, you can contact us and request that the incorrect details be corrected.
- erasure of your data: when the purpose of use of your personal data is no longer in effect, we will erase your data. Moreover, you have the right to request the erasure of your data;
- restriction of processing: you can contact us and request the restriction of processing of your personal data, in so far as is legally possible;
- object to the processing of your data: we have created the mechanisms through which users can object to the processing of their personal data, in so far as is legally possible. The subject can, for example, freely revoke the consent he or she had previously granted, bearing in mind, in any case, that we have no influence over the services of any third party.
- data portability: you can contact us if you need to transfer your details from our system to another one, and we will attempt to provide the data in such a form which enables the transfer to the other system.
Regrading all the aforementioned items, please note that your rights might be limited when it comes to such personal data which:
- is indispensable for the execution of the purposes of use detailed in this policy;
- must be stored pursuant to legislation; or for which
- we must satisfy additional obligations (related to regulatory control by authorities, for example).
Although we strive to operate pursuant to data protection legislation in every respect, you can contact, if needed, our data protection officer, or file a complaint with the relevant supervisory authority (more information at http://tietosuoja.fi/en/home).
We also utilise your personal data automatically to ensure the quality of our processes (for example, targeting publicity). However, we do not make individual decisions based on your personal data.
12. Links and other websites
This policy does not concern third-party websites (regardless of possible links to said websites), because we do not have any influence over such websites or their data protection policies.
13. Policy updates
We review this policy regularly, and eventual updates are published on this page. The content of this policy was last updated on 10 November, 2021.