University of Helsinki Calendar Services Ltd Register and Privacy Policy

This is a combined register description and information document for customers, potential customers and website users of the University of Helsinki Calendar Services Ltd in accordance with Sections 10 and 24 of the Personal Data Act (523/1999) and Articles 12 and 13 of the EU General Data Protection Regulation (679/2016).

Data controller

Name: University of Helsinki Calendar Services Ltd.
Address.
Telephone: 02941 22942

E-mail: almanakka@helsinki.fi

Internet: almanakka.helsinki.fi

2. Contact person for matters concerning the register

Name: Stefan Kajanus
Postal address: PL 14, 00014 University of Helsinki
E-mail address: almanakka@helsinki.fi

3. Name of the register

University of Helsinki Calendar Services Ltd. customer and marketing register

4. Purpose of processing personal data

Personal data is processed in connection with contacting, dealing with, ordering, invoicing, collecting, reporting, marketing and other measures related to customer care.

The purchase and transaction data processed in the register may also be used to target marketing activities and customer communications. Personal data is also processed in connection with the sending of the University Almanac Office newsletter and the Calendar World newsletter, as well as in connection with events.

5. Data content of the register

The persons whose data may be processed are customers of the University of Helsinki Calendar Services Ltd, potential customers, contact persons or employees of an employer organisation that is or has been a customer, persons who have been in contact with the controller, visitors to the website of the University of Helsinki Calendar Services Ltd (University Almanac Office) or persons who have given marketing consent.

The register may process data that is necessary for the purpose of the register, for example, in the following categories of data:

  • Basic customer information, such as name and contact details (address, email address, telephone number) and other information related to the subscription and customer relationship management.
  • Contact details relating to customer service, company employees and services, newsletter subscription, information about transactions on the company's website and other similar categories of data.

The register does not contain any information considered sensitive.

Regular data sources

The data relating to the individual are obtained on a regular basis:

  • From the person himself/herself when contacting us, registering for a service, in connection with a purchase transaction by e-mail or by other similar means.
  • With consent, from the individual in connection with a visit to the website or other personal or digital interaction.

7. Regular disclosures of data

We will never disclose personal data to third parties.

8. Transfer of data outside the EU or EEA

In some very rare circumstances (e.g. where our service provider's servers are located outside the EU or EEA), we may also need to transfer personal data we collect to countries outside the EU or EEA where the level of data protection may not be recognised as adequate by the European Commission (such as the USA).

In such cases, adequate data security and processing of the register will be ensured by the EU-U.S. Privacy Shield arrangement, or by contractual means using model clauses approved by the EU Commission. All your data is safe.

9. Principles of register protection

Manual data: our archives contain print quantity notifications and other information relating to orders that we receive from our customers by post each year. These are stored in a locked cabinet and destroyed within five years.

Electronically stored data: access to the system containing customer data is restricted to employees whose job entitles them to handle customer data. Each user has his/her own user name and password for the system. The data is collected in documents and databases protected by firewalls, passwords and other technical means.

10. Right to access and modify data in the register

The data subject has the following rights, the exercise of which should be requested by sending an e-mail to almanakka@helsinki.fi with the subject line "Request for review of personal data".

  • Right of access.
  • Right to rectification: the data subject may request the rectification of inaccurate or incomplete data concerning him/her.
  • Right to object: the data subject may object to the processing of personal data if he or she considers that the personal data have been unlawfully processed.
  • Right to object todirect marketing: the data subject has the right to object to the use of the data for direct marketing.
  • Right of erasure : The data subject has the right to request the erasure of data if the processing is no longer necessary. If the data subject does not wish to have the data deleted, we will process the request for deletion, after which we will either delete the data or provide a reasoned justification why the data cannot be deleted.
  • Data retention period: please note that the controller may have a legal or other right not to delete the requested data. Such a right may, for example, be for the performance of a contract in order to provide the service you have purchased. The controller is also obliged to keep the accounting records for the period specified in the Accounting Act (Chapter 2, Section 10) (10 years).
  • Cancellation of marketing communications and marketing refusal: the customer has the right to refuse the use of his/her data for direct electronic marketing by using the unsubscribe link in the newsletter or by contacting our customer service directly.