The Controller is legally obligated by the data protection regulation to comprehensively inform the data subjects.
This statement fulfills the obligation of informing.
Visit Tampere Ltd
Kelloportinkatu 1 B
Data Protection Officer
p. +35840 800 7676
2. Purposes of personal data processing
The personal data is processed solely for pre-determined purposes, which are as follows:
- informing about our services
- maintaining customer relations
- maintaining collaborative relations
- supervising the usage of the photo bank.
The lawfulness of processing is based on data subject’s consent, contract execution or legitimate interests of the controller. Personal data is processed only to the extent required to successfully execute Visit Tampere services and functions and that data subjects may reasonably assume. Photographing in the non-public events is communicated to the participants, and if an individual will be photographed, a written consent will be done. Photos are used for promotion, marketing and communication purposes by Visit Tampere, media and Visit Tampere’s partners. The site uses an Xandr Segment pixel to collect the following information: username, segment ID, and timestamp.
The third-party cookie ID is the only personal information that is stored. The information is retained for 90 days, during which time it may be used for remarketing advertising
3. Data Content of the Register
Collected groups of data subjects are: newsletter recipients, photo bank registrees and those who have given Visit Tampere a photo release, Kokousnet.fi partners, Visit Tampere clients and potential clients.
Collected personal data types are:
- name, (including prefix)
- name of the company / organization (and department)
- business ID
- categorization (i.e. industry)
- grouping (i.e. email groups)
- phone number
- e-mail address
- client account’s history information (e.g. contacts with the customer)
- any additional info submitted by the data subject
- possible email / mail prohibition
- additional info submitted by the data subject as background for requesting to register to the photo bank
- additional info submitted by the data subject of possible food allergies
4. Data Sources
Data is received from data subjects themselves as they register to a service via a web form, while using the service or participating in an action online requiring the data. In addition data is collected form the data clients themselves in client and sale events, fairs and competitions. Additionally, data is collected selectively within the confines of the law from the civil registry and other public registries. Data is collected from the following sectors: accommodation and catering; information and communication; art, entertainment and recreation; public administration and national defence; obligatory social insurance; operation of international organizations and organs.
5. Data Processing and Disclosure
The personal data can be accessed by the controller i.e. Visit Tampere employees, registered users of the photo bank and relevant personnel of the service provider. The personal data can be transmitted on event co-organisators and funders of publicly funded projects. Non-disclosure obligation is followed by all data processors. Inserting and updating data is primary done by the Visit Tampere personnel. If any manual material is printed form the register, it will be stored in a locked space accessed only by the data controller.
6. Data transfer outside EU / EEA
Personal data will not be transferred outside EU / EEA unless it is required to fulfill processing purpose or technical requirements. In such cases, the transfer will be conducted based on Commission’s decision on level of protection.
In such cases, adequate information security and register processing will be provided by the EU – U.S. – Privacy Shield arrangement or by contract.
7. Storage limitation
Data will be retained as long as customer related activities are valid. Data subjects registered on our marketing list are able to exit the list via a link attached to every marketing e-mail we send.
8. Rights of the Data Subject
You have the following rights as the data subject:
- right to receive information on personal data processing
- right of access (right to make information request)
- right to rectification
- right to erasure (right to be forgotten)
- right to restriction of processing
- right to data portability
- right to object
- right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects
The data subject has the right to cancel the consent to data processing at any time.
If you would like to use your rights as data subject, you need to send written request to visittampere (at) visittampere.fi.
If you feel your rights have been breached, you have the right to contact national supervisory authority (Tietosuojavaltuutettu) to make complaint (http://www.tietosuoja.fi/fi/index/yhteystiedot.html).
9. Security of Processing
The register is protected by infrastructure and access rights. Visit Tampere controls the access management of the register. Access is granted role based to Visit Tampere employees and to technical support.
The servers, provided by service provider, are located in EU / EEA area, in a safeguarded and fire protected data center.
10. Automated individual decision-making
We will not use data for automated decision-making or profiling.