Controller, contact person and data protection officer
Name of the register:
The contact information registry of Business Tampere Oy, a business and development company in the Tampere urban region.
In addition to our own contact information registry, we collect data for the joint Corporate Customer Relationship Management System (Yritys-CRM) personal data registry of the City of Tampere, Business Tampere, and Visit Tampere. You can find its own registry description here (in Finnish).
Controller:
Tampereen kaupunkiseudun elinkeino- ja kehitysyhtiö Business Tampere Oy, (Business ID 2252888-5), Kelloportinkatu 1 B, 33100 Tampere, www.businesstampere.com
Data Protection Officer:
Reija Nykänen
Administrative Director
Business Tampere
reija.nykanen@businesstampere.com
tel. +358 40 800 7676
The personal data is processed to ensure the quality and coverage of the service provided by Business Tampere, to communicate Tampere region business news, to support location activities of new enterprises in Tampere region, business relations management, and sharing relevant information to local businesses. In addition, the register supports research and statistical development. Receiving recurrent newsletter on business services and events is based on data subject’s consent.
The lawfulness of processing is based on data subject’s consent, contract execution or legitimate interests of the controller. The legitimate interest is based on customership management and creation and promotion of Business Tampere’s services, including event organization, promotion and photographing. Personal data is processed only to the extent required to successfully execute Business Tampere services and that data subjects may reasonably assume. Photographing in the non-public event is communicated to the participants, and if an individual will be photographed, a written consent will be done. Photos are used for promotion, marketing and communication purposes by Business Tampere, media and Business Tampere’s partners.
Collected personal data types are: name, (including prefix), title, name of the company / organization, department, business id, categorization (i.e. industry), grouping (i.e. email groups), address, phone number, email address, webpages, language, any additional info submitted by the data subject (e.g. gender, citizenship, work history, education), client account’s history information (e.g. contacts with the customer), possible email / mail prohibition.
Collected groups of data subjects are: Tampere region enterprises, enterprises to be induced to Tampere region, and other Business Tampere partners (enterprises, organizations, communities and individuals).
Data is received from data subjects; enterprises, communities and individuals. In addition data is collected from: Tilastokeskus, Suomen Tehomax, Finder, Kaupparekisteri, Yritystietojärjestelmä and Verohallinto.
Will data be transferred outside EU / EEA?
The personal data can be accessed by the controller i.e. Business Tampere employees, registered users of the photo bank, yritystietopalvelu and Tampere Business Ecosystems, and relevant personnel of the service provider. The personal data can be transmitted on event co-organizators and funders of publicly funded projects. Inserting and updating data is primary done by the Business Tampere personnel.
The agreements made with the service providers ensure that the GDPR requirements and other relevant data processing requirements are met, if a service provider is involved with processing.
The personal data will not be disclosed to third parties, however, an exception can be done, if the third party offers a specific knowledge or benefit to the enterprise. The personal data will not be disclosed for commercial purposes.
Personal data will not be transferred outside EU / EEA unless it is required to fulfill processing purpose or technical requirements. In such cases, the transfer will be conducted based on Commission’s decision on level of protection and appropriate safeguards will be provided by the controller / processor, and on a condition that data subject rights and effective legal remedies for data subjects are available.
Data will be retained as long as customer related activities are valid, data will not ne archived. Data related to events will be disposed after the event, when no longer needed.
ERDF- ja ESF-projects and other public funded projects will comply with the retention time defined by programming period and by funders.
You have the following rights as the data subject:
- right to receive information on personal data processing
- right of access (right to make information request)
- right to rectification
- right to erasure (right to be forgotten)
- right to restriction of processing
- right to data portability
- right to object
- right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects
If you would like to use your rights as data subject, you need to send written request to the Data Protection Officer.
If you feel your rights have been breached, you have the right to contact national supervisory authority (Data Protection Ombudsman) to make complaint (http://www.tietosuoja.fi/fi/index/yhteystiedot.html).
We will not use data for automated decision-making or profiling individuals.
We do not collect personal data about the users of the Business Tampere website. Cookies are only used to monitor and analyze the user traffic on the website.
Google Analytics collects data on how the Business Tampere website is used. The compiled usage statistics include the number of page requests and visitors, average number of pages loaded, average time spent on the website and the most popular pages.
Leadfeeder collects behavioral data of all website visitors which includes; pages viewed, visitor source and time spent on the site. The visitor IP address is collected to detect the company and geographic location. Leadfeeder only shows company visits; all users visiting from residential IP addresses are automatically filtered out. All visit data is aggregated on the company level.
We use the data to have an understanding of what the users of the Business Tampere website want and how to best provide them with the information and services they need. We do not collect or record your name or address, so such information cannot be used to identify you.
The register is protected by infrastructure and access rights. Business Tampere controls the access management of the register. Access is granted role based to Business Tampere employees and to technical support.
The servers, provided by service provider, are located in EU / EEA area, in a safeguarded and fire protected data center.