Privacy statement

Data controller
The Finnish Lifelong Learning Foundation (0116589-4). You can contact us either by email to info(at)kvs.fi or by telephone to +358 40 860 9184. The Financial Manager of the foundation is responsible for data protection matters. You can find out up-to-date contact details on our website www.kvs.fi

Personal register
Customer and stakeholder register.

Information about subscribers to topical bulletins and newsletters is stored directly with the service provider (MailChimp). Invoicing and payment information is stored directly in software produced by the accountancy firm (Talenom Oyj), and purchases made by credit card directly in the software of the service provider (Nets Oy). Purchases made from the online store are stored directly in the software of the service provider (Booky.fi). Correspondence is stored in the email and document management system (Microsoft O365).

The purpose of the use of data
Data is used to manage customer relationships such as invoicing and taking care of cooperation with stakeholders like the sending of topical bulletins, invitations and other communication.

We use personal data only for our own activities, and we do not offer the personal data we use and its contents to third parties.

Information necessary for organising events like name and dietary requirements may be disclosed outside the foundation, such as to companies providing catering services and training services.

The Finnish Lifelong Learning Foundation is an institution involved in cultural history and one of Finland’s oldest organisations, and much research into its operations has been carried out. For this reason, data may be used for research purposes, but in such a way that the identity of individual persons is not known to the researchers.

In invoicing systems, personal data is disclosed to the accountancy firm and may also be disclosed to debt collection companies.

Data collected
The collection and maintenance of personal data is always based on a two-way agreement, customer relationship or other agreed forms of cooperation. Data is collected and maintained only for the provision and development of an agreed service. The only data that is collected from persons is that which the Finnish Lifelong Learning Foundation needs in order to provide agreed services. No extra personal data is collected.

Personal data may be used by the Finnish Lifelong Learning Foundation for direct marketing and the sending of topical bulletins and newsletters, only with the permission of the person concerned. Stakeholder personal data is, in particular, the person’s first name and surname, title, position, postal address, telephone number, email address and organisation and, with regard to newsletters, categories of newsletter subscribed to and, with regard to events, registrations and special dietary requirements. Data is always obtained from the data subject him/herself.

Data concerning the management of customer relationships is, in particular, invoicing information, selected payment methods and information and correspondence concerning payment and debt collection. Data may be collected and updated from the data controller’s other registers, the Population Information System, credit information registers and other similar public or private registers or data sources providing information services.

Data protection
For us, privacy and the rights of the individual are core values of our operations.

We protect our data so that only persons who must have access to it in order to carry out their jobs can see and process it. Our personnel observe the obligation to secrecy in all personal data-related content. We train our personnel regularly in amendments to, principles of and procedures in legislation concerning data protection and data security. Paper material is located in locked facilities or cabinets. Temporary and working hours lists are stored in locked filing cabinets and are destroyed by companies specialised in the destruction of private material after they have been used.

We ensure the technical data security of data materials and services. Databases in which data from registers is stored are protected by firewall, passwords and other technical means. We monitor our data protection and are continually developing our practices.

Regular data disclosure and data transfer outside the European Union or European Economic Area
Data is not regularly transferred to third parties outside the European Union or European Economic Area. If a business function, the communication of which is sent to a data subject, is disclosed to a third party, the register data may also be disclosed to that party in the country where the third party is situated. When transferring the data, the data controller ensures through contractual arrangements a sufficient level of data protection as required by legislation.

Checking and correcting data
A data subject has the right to check the data concerning him/her stored in the register. A request to check data must be sent either by email or signed in writing to the Finnish Lifelong Learning Foundation. Such a request may also be presented in person at the office of the data controller. A request may be made free of charge once per year. Requests will be answered no later than within three months of their presentation. The data is then disclosed only to the data subject him/herself and must be collected from the office of the Finnish Lifelong Learning Foundation. Before disclosure of the data, the data subject must prove his/her identity with acceptable picture ID.

A data subject has the right to refuse to allow his/her data to be used, and the right to demand that incorrect data be corrected by contacting the data controller.

The keeping of data
The necessity of data in the register is assessed regularly, once per year. Data is immediately destroyed once the personal data becomes unnecessary in terms of the purpose of the register, for example if subscription to the newsletter ends.

A data subject has the right to ask for data concerning him/her to be erased, as long as the law does not require it to be kept. For example, data concerning payment transactions is kept for as long as is required by the Accounting Act.

A data subject may block or delete cookies using his/her browser settings. Further information about the cookies that we use.

Last updated 19 June 2018