fbpx Skip to content

Privacy notice of customer and stakeholder data of the Finnish Centre for Animal Welfare

1. Controller

Natural Resource Center / Finnish Centre for Animal Welfare, Latokartanonkaari 9, 00790 Helsinki

2a. Controller’s responsible person

Leading expert Satu Raussi

2b. Contact person in the matter and contact details of the data protection officer

Contact person: Senior expert Tiina Kauppinen, kirjaamo@luke.fi

Data protection: tietosuoja@luke.fi

3. Name of register

Cooperative and stakeholder data

4. Purposes and the legal grounds for processing

The purpose of personal data processing is stakeholder communication. We use the personal data register to send press releases, newsletters and invitations and to communicate and market various events. We process personal data in matters related to managing stakeholder networks, such as measuring stakeholder satisfaction and responding to feedback. With the help of the register, we
develop the eläintieto.fi website and social media channels, and target relevant content to different stakeholders.

The processing of personal data is based on compliance with the legal obligation of the controller according to Article 6, paragraph 1, subparagraph c of the EU General Data Protection Regulation (2016/679).

The right to process personal data is based on compliance with the legal obligation of the controller as defined in article 6 section 1(c) of the GDPR (2016/679).
According to § 1 of the Government Decree on the Natural Resources Institute Finland (715/2014), the task of the institute is to produce information on the state and development of animal welfare, and to act as a contact point referred to in Article 20 of the Council Regulation (EC) No. 1099/2009 on the protection of animals at the time of killing.

The right to process personal data is based on consent of the data subject as defined in article 6 section 1(a) of the GDPR (2016/679).

5a. Type of personal data in the register

We may collect and process the following data:
Work/regular email address

  • First and last name
  • Information about requests to send regular messages or information ordered by the person
  • Data entered in contact forms
  • Survey responses

Data subjects may be processed on the basis of their email addresses so that they receive relevant content from the Centre.

We may process the following personal data when using or developing services:

  • IP address or other identification
  • Data collected through cookies
  • Data collected about the use of the eläintieto.fi website as offered by Google Analytics

We also obtain personal data related to the use of social media services, such as Facebook, Twitter, YouTube and Instagram. Social media services define what kind of data they offer to their users and at what intervals.

We use Google Analytics and cookies to collect data about visits to the eläintieto.fi website in order to develop the site and target relevant content to visitors. Google Analytics can be disabled by following the service provider’s instructions (support.google.com).

5b. Regular sources of data

Primarily, we collect personal data from data subjects in conjunction with contact requests and order forms. We may collect data about customers from public sources and registers.

6. Regular disclosure of data

We do not disclose any personal data.

7. Transfer of data outside the EU/EEA

No personal data is transferred outside the EU or EEA.

8. Storage period

Data collected for a register is only stored as long as and to the extent as is necessary in relation to the original purposes, described in Section 4, for which the data was collected. Registered personal data must be erased when there no longer are legitimate grounds for processing. Event attendance lists are destroyed after the event ends.

9. Protection principles of register

Servers and active devices are located in protected and monitored facilities. Data is processed in systems with some devices located in Luke’s facilities and some in service providers’.

Registered data is protected against unauthorised viewing, modifying and erasing. Protection is based on access control, personal user IDs and restricted access rights. Rights to view and modify data have been restricted in accordance with the tasks of each employee. Information about any changes can be seen in the revision history. The correctness of data is verified by means of mechanical and manual controls at different stages of data processing. Backup copies and physical security measures are used to ensure that no data is lost.

Any register-related data on paper is protected by means of access control and locked archives.

10. The data subject’s rights

Data subjects have rights towards their personal data that are based on the legitimate grounds of data processing. More information about the rights of data subjects and their fulfilment is available at the Office of the data protection ombudsman website https://tietosuoja.fi/en/rights-of-the-datasubject.

The rights of data subjects are based on articles 15–22 of the EU GDPR (2016/679).

11. Using data for automated decision-making, incl. profiling (articles 13.2(f) and 14.2(g) of the GDPR)

Data may be used for automatic targeting of marketing.

12. Changes to this privacy notice

We may change this privacy policy, for example, if there are changes in our operating methods or systems or in general data protection recommendations. We may also need to make changes as a result of legal amendments. Any changes enter into force after we have published our revised privacy policy.

Updated on 12 August 2022