Register and Data Protection Statement

On this page you will find the association’s register and Privacy Statement.

Member register description

Register and Data Protection statement

This is a register and Privacy Statement prepared by the Aurora Borealis Association for development and culture. The leaflet is in accordance with the personal data Act (sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Drawn up on 19.3.2020.

  • Registrer

Aurora Borealis Association for development and culture

Taitoniekantie 11 b 19, 40740 Jyväskylä 

auroraborealis.development@gmail.com

Contact person responsible for the register

Fund manager Nelli Niemistö

auroraborealis.development@gmail.com

Name of the register

Register of members of the association.

  • Legal basis and purpose of processing personal data

The legal basis for processing personal data in accordance with the EU General Data Protection Regulation is a legitimate interest of the controller. The purpose of processing personal data is to maintain the member register and to provide member benefits. The data is not used for automated decision-making or profiling.

  • Data content of the register

The data stored in the register are: the person’s name, address, email and information about paid membership fees.

  • Regular sources of information

The data stored in the register are obtained from the member after the member has paid the membership fee to the association.

  • Regular disclosure and transfer of data outside the EU or EEA

The data will not be released to third parties.

  • Principles of register protection

Care is taken when processing the register and the data processed by the information systems are properly protected. When registry data are stored on Internet servers, the physical and digital security of their hardware is taken care of appropriately. The controller ensures that stored data, server access rights and other data critical to the security of personal data are treated confidentially and only by the controller.

  • Right of inspection and right to request correction of data

Every person in the Register has the right to check their data stored in the register and to require the correction of any incorrect information or the completion of incomplete information. If the person wishes to check the data stored about him or her or to request rectification of the data, the request must be sent electronically to the controller. The controller may, if necessary, ask the applicant to prove his or her identity. The controller will respond to the customer within the time period laid down in the EU Data Protection Regulation (usually within one month).

  • Other rights related to the processing of personal data

A person in the Register has the right to request the deletion of personal data concerning him or her from the register (the”right to be forgotten”). Data subjects also have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests must be sent electronically to the controller. The controller may, if necessary, ask the applicant to prove his or her identity. The controller will respond to the customer within the time period laid down in the EU Data Protection Regulation (usually within one month).