Privacy

NAME OF REGISTER

Contact person register for the Helsinki Events Foundation’s Taidelahjat application process

CONTROLLER

Helsinki Events Foundation, Kaasutehtaankatu 1, 00540 Helsinki, Finland, Business ID 0224232-9, eventshelsinki.fi

PERSON IN CHARGE OF REGISTRY MATTERS

Communications Manager Laura Gottleben, tel. +358 50 468 7243, laura.gottleben@eventshelsinki.fi

PURPOSE OF PERSONAL DATA PROCESSING

The primary purpose of this personal data register is to provide a contact person register for the Art Gifts application at the Helsinki Festival event organised by the Helsinki Events Foundation. The register contains personal data concerning the contact persons and performers that have signed up for the Helsinki Festival Art Gifts event. In addition to the contact person’s basic information, information may be collected from contracts and permits (such as photography), service use and service areas as well as information required for service production and management.

The contact person data contained in the register may be processed for the following purposes:

  • the organisation and management of the Helsinki Fest event
  • the implementation, development and maintenance of services for event performers.
  • the planning and implementation of festival research related to the event
  • publicity, communications, marketing, sales promotion and market research related to the services and products of Helsinki Festival
  • the operational business needs of Helsinki Festival, such as the implementation of the service process, invoicing and reporting
  • the planning and development of Helsinki Festival business activities
  • service communications and advertising based on service contracts for the contractual partners of Helsinki Festival’s electronic business
  • The legal bases for processing personal data are as follows:
  • the implementation of measures related to a contractual relationship or legitimate interest
  • consent given by the data subject

DATA CONTENT OF THE REGISTER

The database may contain the following information:

  • names
  • addresses
  • phone numbers
  • email addresses
  • notes on direct marketing permissions and restrictions
  • other information required for service use

REGULAR SOURCES OF DATA

The data in the register are collected from:

  • the data subject him/herself
  • The organisation for which the data subject is a contact person
  • with the data subject’s consent, from third parties

STORAGE TIME

The controller stores the personal data for as long as is necessary to fulfil the aforementioned purposes, unless legislation requires that personal data be stored for longer.

For organisations, the storage of the data subject’s personal data is connected to the duration of time that the data subject in question acts as a representative of the organisation.

When the data are no longer required in the manner described above, the data will be removed within a reasonable time.

REGULAR DISCLOSURES OF DATA AND TRANSFER OF DATA OUT OF THE EU AND EEA

Personal data are not disclosed to third parties unless required by compelling legislation.

Personal data may be transferred out of the European Union or the European Economic Area using standard clauses approved by the European Commission or other legal transfer protocol, for example, when required for the technical implementation of services or communication.

However, personal data may be disclosed with the personal consent of the data subject.

REGISTER SECURITY

The register is in an automated data processing format. Access rights to the register are reserved for those persons employed by the controller and other specified persons that need the data in their work and have user IDs and passwords at their disposal.

RIGHTS OF THE DATA SUBJECT

The data subject has the right to review and demand the rectification of their data, receive a copy of their personal data, restrict the sending of electronic marketing messages and offers as well as the use of their personal data for direct marketing purposes.

The data subject has the right to cancel their consent concerning the processing of personal data. Cancelling the consent may influence the implementation of measures as per the contractual relationship.

The data subject also has the right, in situations specified in the General Data Protection Regulation, to request a restriction of or otherwise oppose the processing of their personal data.

Should they wish to exercise the rights mentioned above or receive further information concerning the processing of the personal data, the data subject may contact the person in charge of registry matters mentioned earlier.

The data subject has the right to appeal to the controlling authority if they feel that the processing of personal data does not comply with legislation.

(Updated on 23 June 2021)