Privacy in the operations of the Finnish Landlord Association
This privacy statement describes how the Finnish Landlord Association processes personal data.
1. DATA CONTROLLER
The Finnish Landlord Association
00100 Helsinki, Finland
+358 9 1667 6421
Business ID: 1597607-3
For any questions regarding the processing of personal data, please contact managing director Sanna Hughes (firstname.lastname@example.org)
2. PURPOSE OF PROCESSING OF PERSONAL DATA
We only process personal data that is necessary for us to conduct our operation. We process personal data for the following purposes:
We process personal data primarily for the purpose of tending to member relations and providing member services. Our member services include lobbying for our members. For this particular purpose, the processing of personal data is based on the Associations Act and on an agreement between us and a member. To provide better service for our corporate and support members, we also process their contact information. The processing of contact information is based on our legitimate interest.
We also process personal data for the purpose of event management. Any processing of personal data related to event management is based on an agreement between us and the person attending the event. Any sensitive information related to events (such as special diets) are processed only by consent of the person in question.
We also process personal data to provide information about us and our membership benefits or to provide membership services. In addition, we process personal data for the purposes of research and member surveys. In this case, the processing of personal data is based on our legitimate interest to provide information as part of our services and to market services provided by us or by our partners. You can opt out of the processing of your personal data for direct marketing purposes at any time.
We also process personal data in order to tend to and improve our stakeholder relations. For stakeholders, the processing of personal data is based on our legitimate interest to provide them information of our operations, to protect our interests, and to map out potential partners.
We also process personal data to ensure the functionality and security of our member services and webpages, to improve the quality of member services and webpages, and to develop our operations. In this case, the processing of personal data is based on our legitimate interest to secure the functionality and security of our services and to have sufficient information to improve and manage our operations.
Other purposes for which we have been given consent
We also may process personal data for other purposes provided that we have been given consent by the relevant data subjects. Consent may be withdrawn at any time.
3. DATA TO BE COLLECTED
We collect and process the following groups of personal data in our operations:
• Basic information, such as name, contact information (street address, phone number, e-mail) and date of birth or business ID
• Membership-related information, such as membership number, joining and resignation date, membership type, membership payment information and invoicing address, number of apartments owned by member
• Positions of trust in the association or information related to other assignments
• Information related to events and service use
• Calls/e-mails to our advisory service and related documents thereof
• Information stored while using the webpages, such as user names and passwords, log data, cookie data (user’s IP address and device metadata)
• Other information determined case-by-case and collected based on consent given
• Direct marketing opt-outs and other opt-outs
Personal data is primarily collected directly from the person when joining as a member, signing up for an event, or engaging with us in other ways. Personal data is also collected in conjunction with visiting our webpages. We may also update address information using Posti’s address register. Any stakeholder information is primarily collected from public sources.
4. DATA RETENTION
The Finnish Landlord Association collects information from members at the time of joining the association and while engaging with the Finnish Landlord Association during their membership. Moreover, member address information is updated four times per year based on information from Posti’s address register.
Personal data is stored for as long as it is deemed necessary for the purposes set out in the privacy statement.
Relevant member information is stored for the full duration of the membership. After the membership or an event organized by us has ended, we retain the data for the duration and in the scope required to comply with our legal obligations or what is deemed necessary for the purposes of, for example, invoicing, debt collection, or legal action.
Contact information for corporate and support members, personal data stored for stakeholders and any data collected based on consent is removed upon request by a relevant person.
Cookies are small text files that Internet browsers store on the user’s device.
Service-enabling or service-improving cookies
Users may use their browser settings to specify which cookies are allowed in the service. If you consider disabling an option, please note that some cookies may be necessary for certain services to function properly.
6. DISCLOSURE OF DATA
We may disclose personal data to our partners for the purpose of marketing membership benefits.
In principle, the data is not transferred outside the EU or the EEA. If our partner transfers data outside the EU or the EEA, we ensure that the personal data is sufficiently protected by using standard contractual clauses or by ensuring that our partner is a company or organization with a Privacy Shield certification.
7. DATA PROTECTION
We process all personal data with respect to your privacy under all circumstances. We use appropriate measures to protect the data and expect the same from our contractors and partners to whom the data is transferred or disclosed.
Access to the data is only available to those that require it for the purpose of carrying out their duties. The data is stored in electronic systems and protected with user-specific IDs, passwords, and access rights. The data register is backed up regularly. Paper documents are stored securely and protected from external access.
8. RIGHTS OF THE DATA SUBJECT
All data subjects whose data we process are entitled to review their information and demand correction or removal of any erroneous or inaccurate information. However, personal data erasure requests can be fulfilled only if no legal grounds exist for processing the information.
In certain cases the person whose data we process may have a legal right to object or restrict the processing of personal data or to transfer the data stored by us from one system to another. Transferring data from one system to another means data subject’s right to have their personal data provided to them in an organized, commonly used, machine-readable format and to transfer that data to another data controller.
All data subjects whose data we process are also entitled to opt out of direct marketing. The decision to opt out may be made at the time of providing the personal data or at any later time. If required, we also store any personal data access restrictions of which we are notified.
If the processing of data is based on consent, the person who has given consent may withdraw it at any time. We then cease to process the data unless we have other grounds to do so.
Any requests related to exercising your rights can be sent to email@example.com. You may exercise your rights free of charge.
If you feel that any of our actions related to the processing of your personal data are not appropriate, you may file a notice of appeal to the office of the data protection ombudsman.
9. AMENDMENTS TO THE PRIVACY STATEMENT
We reserve the right to amend the privacy statement as required. An up-to-date privacy statement is always available at associatation