Privacy Statement

Business Tampere Privacy Statement

Name of the register (filing system):

Business Tampere Contacts

Controller:

Tampereen kaupunkiseudun elinkeino- ja kehitysyhtiö Tredea Oy, (Business Tampere, Business ID 2252888-5), Kelloportinkatu 1 B, 33100 Tampere, www.businesstampere.com

Data Protection Officer:

Merja Maijala
Project specialist
Business Tampere
merja.maijala@businesstampere.com
tel. +358 50 486 1253

Purposes of personal data processing 

The personal data is processed to ensure the quality and coverage of the service provided by Business Tampere, to communicate Tampere region business news, and to support location activities of new enterprises in Tampere region. In addition, the register supports research and statistical development. Receiving recurrent newsletter on business services and events is based on data subject’s consent.

The lawfulness of processing is based on data subject’s consent, contract execution or legitimate interests of the controller. The legitimate interest is based on customership management and creation and promotion of Business Tampere’s services, including event organization, promotion and photographing. Personal data is processed only to the extent required to successfully execute Business Tampere services and that data subjects may reasonably assume. Photographing in the non-public event is communicated to the participants, and if an individual will be photographed, a written consent will be done. Photos are used for promotion, marketing and communication purposes by Business Tampere, media and Business Tampere’s partners.

Data content of the register 

Collected personal data types are: name, (including prefix), title, name of the company / organization, department, business id, categorization (i.e. industry), grouping (i.e. email groups), address, phone number, email address, webpages, language, any additional info submitted by the data subject, client account’s history information (e.g. contacts with the customer), possible email / mail prohibition.

Collected groups of data subjects are: Tampere region enterprises, enterprises to be induced to Tampere region, and other Business Tampere partners (enterprises, organizations, communities and individuals).

Data sources 

Data is received from data subjects; enterprises, communities and individuals.  In addition data is collected from: Tilastokeskus, Suomen Tehomax, Finder, Kaupparekisteri, Yritystietojärjestelmä and Verohallinto.

Disclosure of the personal data 

Will data be transferred outside EU / EEA?

The personal data can be accessed by the controller i.e. Business Tampere employees, registered users of the photo bank and yritystietopalvelu and relevant personnel of the service provider. The personal data can be transmitted on event co-organizators and funders of publicly funded projects. Inserting and updating data is primary done by the Business Tampere personnel.

The agreements made with the service providers ensure that the GDPR requirements and other relevant data processing requirements are met, if a service provider is involved with processing.

The personal data will not be disclosed to third parties, however, an exception can be done, if the third party offers a specific knowledge or benefit to the enterprise. The personal data will not be disclosed for commercial purposes.

Personal data will not be transferred outside EU / EEA unless it is required to fulfill processing purpose or technical requirements. In such cases, the transfer will be conducted based on Commission’s decision on level of protection and appropriate safeguards will be provided by the controller / processor, and on a condition that data subject rights and effective legal remedies for data subjects are available.

Storage limitation 

Data will be retained as long as customer related activities are valid, data will not ne archived. Data related to events will be disposed after the event, when no longer needed.

ERDF- ja ESF-projects and other public funded projects will comply with the retention time defined by programming period and by funders.

Rights of the data subject 

You have the following rights as the data subject:

  • right to receive information on personal data processing
  • right of access (right to make information request)
  • right to rectification
  • right to erasure (right to be forgotten)
  • right to restriction of processing
  • right to data portability
  • right to object
  • right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects

If you would like to use your rights as data subject, you need to send written request to the Data Protection Officer.

If you feel your rights have been breached, you have the right to contact national supervisory authority (Data Protection Ombudsman) to make complaint (http://www.tietosuoja.fi/fi/index/yhteystiedot.html).

Automated individual decision-making 

We will not use data for automated decision-making or profiling.

Security of processing 

The register is protected by infrastructure and access rights. Business Tampere controls the access management of the register. Access is granted role based to Business Tampere employees and to technical support.

The servers, provided by service provider, are located in EU / EEA area, in a safeguarded and fire protected data center.