1. Controller and contact details | PAM Porvoo Region Section Association. PAM Borgånejdens avdelning rf 188 | |
· Petri Pasanen | |
· puheenjohtaja@pam188.fi | |
2. Name of the personal register | Register of members and contacts | |
3. Grounds for the right of access | Legal basis for the processing of personal data by the trade union in the register of members and contacts: | |
Legal basis for the processing of personal data by the trade union in the register of members and contacts: | |
· Marketing: a legitimate interest | |
· Training and events: agreement (registration), consent | |
· Organisational activity: contract (membership, acceptance of an organisational or representative position) | |
· Organising activities: consent | |
4. Uses | The purpose of the Trade Union is to work for the improvement of the economic, social and legal status and quality of life of employees, students, self-employed persons and self-employed persons working in the service and related sectors, and the unemployed, in the ways described in Article 2 of the Statutes of the Trade Union. | |
| |
In the course of its activities, the trade union processes personal data of its members and non-members for the following purposes. | |
| |
Managing member relations and organisational activities: | |
· Membership management, member services and advice, and feedback handling | |
· Operations, management, analysis and development | |
· Communication, campaigns and marketing | |
Planning and implementing activities and services: | |
· Providing and developing activities and services, such as | |
· Training and events | |
· Providing member benefits | |
· Identification of members | |
· Verification, reporting, statistics and analysis of service and events. | |
| |
Information security: | |
· Ensuring the availability, integrity, confidentiality, reliability and continuity of data. | |
· Risk management and the prevention, detection, resolution and follow-up of irregularities and problems. | |
· Ensuring legal certainty and fulfilling obligations under the law and public authorities’ regulations. | |
5. Data content | As registered in the register of members and contacts, the following are processed. | |
information on categories of personal data: | |
| |
Members | |
· Members of the trade union | |
Non-members | |
· Former members | |
· No members | |
| |
The following types of data are processed in order to carry out the tasks and purposes described above: | |
· Identifying and unique data such as membership number | |
· Contact | |
· Membership details, such as type of membership, trade union, workplace | |
· Information on positions of trust and representation | |
· Service and event information | |
6. Use of cookies | The trade union uses cookies on its online services to provide services and to facilitate the use of services. Cookies and data collected from the web service are also used to analyse and develop the use of the web service and services, to improve usability and ensure data security and for marketing purposes. | |
| |
You can block the use of cookies in your browser settings. However, cookies are necessary for the functioning of online services, so the trade union does not guarantee the functionality of all services if cookie functionality is not enabled. | |
7. Regular sources of information | The personal data in the register of members and contacts is primarily obtained from the data subject himself/herself, which is provided by the PAM Association on the basis of an affiliation agreement. In addition, data is obtained directly from the data subject himself/herself. | |
The PAM Association maintains data quality by updating personal data from information services such as the Postal Address Information Service. | |
8. Recipients or categories of recipients | Personal data will not be disclosed to third parties. | |
Personal data will not be transferred or disclosed outside the EU or EEA. | |
9. Automatic decision-making | No automated decisions within the meaning of the EU General Data Protection Regulation are made in the activities of the trade union. | |
10. Right of inspection | The data subject can check what information has been stored about him or her. The data subject must provide sufficient identification information about himself or herself in the request for inspection. The request for inspection must be submitted electronically or signed in writing. | |
11. Portability of personal data | The data subject may request personal data concerning him or her which he or she has provided on the basis of a contract or consent. At the request of the data subject, such data may also be transferred to another controller who is able to receive such personal data in a secure manner. The data subject shall provide sufficient identification of himself/herself in the request for inspection. The request should be submitted | |
electronically or in writing with a signature. | |
12. Right to rectification | The data subject may request that incorrect or incomplete data be corrected or supplemented by electronic means or in writing by means of a signed request for rectification. | |
In the request, the data subject must provide sufficient identification information about him/herself and describe the data to be rectified. | |
| |
The request for rectification must be submitted electronically or signed in writing. | |
13. Right of restriction | The data subject may request restriction of the processing of his or her personal data in accordance with Article 18 of the EU Data Protection Regulation. | |
| |
The data subject must provide in the request sufficient identification information about him/herself and identify the data to be restricted. The restriction request must be submitted electronically or signed in writing. | |
14. Consents and prohibitions on direct marketing (right to object) | The data subject may give the trade union consents and prohibitions in relation to direct marketing and surveys as follows: | |
Consents | |
· direct mail marketing | |
· mobile direct marketing | |
Bans | |
· direct marketing by mail | |
· telemarketing | |
· survey questionnaires by post, telephone or telegram | |
| |
The use of cookies on the website of the trade union is informed and consent is requested upon accessing the website. | |
| |
The user of the web service may refuse the cookies necessary for the production of the web service by setting their browser preferences. In this case, however, the functionality of the web services cannot be guaranteed. | |
| |
The prohibitions and consents do not apply to member communications that do not include marketing. | |
15. Retention periods and destruction of personal data | Only data on active members and those who use the services of the trade union are kept. | |
| |
The data will be deleted when the legal basis or the need for the use ceases or the data is no longer necessary for the purpose for which it was collected. | |
| |
For training and events, event data will be deleted when the need for processing and use is removed. | |
16. Principles of register protection | The Department ensures the security of personal data through comprehensive technical, physical and administrative safeguards. Personal data may only be processed by authorised persons. The integrity and reliability of the data is ensured and the data is available for the purposes for which it is needed. Data security is ensured from the design of the processing of personal data at all stages of the life cycle of the processing of personal data, up to the secure destruction of the data. Through comprehensive agreements and guidelines and adequate controls, the ETUC also ensures the secure processing of personal data by those working on behalf of the ETUC. | |
17. Right of appeal to the supervisory authority | The data subject has the right to lodge a complaint with the Data Protection Authority about processing operations that he or she considers unlawful. For more information on the right to complain | |
on the implementation of www.tietosuoja.fi. | |