1. Data Controller

Data Controller                          Economy and youth TAT (later TAT)
Business ID                                   0202391-9
Address                                         Eteläranta 10, FI-00130 Helsinki
Telephone                                    +358 (0)50 372 1869
Contact person                            Sanna Heino


  1. The name of the registry

The privacy statement of the Economy and youth TAT’s Meeting, event and training production.

  1. The purpose of processing personal data

The purpose of processing of personal data is direct communication related to events, training events and meetings (informing participants) as well as optimising space arrangements and catering. In addition, data is utilised in the communications and marketing of TAT’s other services.

  1. Data content of the register

The personal data in the register consists of the registration data of events, training events and meetings organised by TAT. We process the following personal information of our employees and customers in the register

  1. Retention period of personal data

Customer register information is retained during the meeting, training or event, as well as one month after it has ended, except for events for which the retention period of participant data is specified by law.

The information contents of the customer registers (excluding special diets) are added to TAT’s customer relationship management system after the meeting, training or event with the customer’s consent.

After the termination of the customer relationship, the data is retained for marketing purposes, unless the person requests the deletion of the data.

The timeliness and necessity of the data are reviewed at regular intervals. Outdated or unnecessary data is deleted.

The data is not used for automated decision-making or profiling.

  1. Regular sources of information

Information about customers and employees is obtained from registrations for meetings, training or events. In connection with the registration, permission is requested separately to store customer data for further marketing and communication.

  1. Regular transfer of data outside the EU or the European Economic Area

Customer registers of TAT events, training events or meetings are not disclosed to third parties, and data is not transferred outside the EU or the EEA.

However, an exception to this is TAT’s customer relationship management system with servers located in the United States. Customer personal data may be transferred within limits permitted by the Personal Data Act. TAT has ensured an adequate level of data protection in the system through agreements or otherwise as required by the Personal Data Act.

Partners and subcontractors may process personal data from customer registers only to perform customer relationship management or maintenance tasks performed at the request of TAT. TAT always ensures that partners do not process transferred personal data for any other purpose.

  1. Registry security principles

Data is collected and processed in systems and registries protected by firewalls, passwords and other technical means. The systems are located in locked and guarded premises, and only persons with defined rights can access the data. Access to the register is granted only to persons who need the information in order to carry out their duties. Access to the register requires a user ID for systems and customer databases. The administrator also determines the level of access to be granted to users. A personal password is required to launch the application. The use of the register and logins are monitored. Paper documents are stored in locked cabinets or archived in an archive vault.

  1. Rights of the data subject

TAT guarantees data subjects all their rights under the legislation concerning the processing of their personal data. The data subject has the right to, in accordance with applicable data protection legislation, at any time:

The data subject must submit their request for the exercise of the above right in writing to TAT in accordance with this privacy statement. TAT may ask the data subject to clarify the request in writing and to verify their identity before processing the request. TAT may refuse to execute the request on the grounds provided for by the applicable legislation. As the data controller, TAT will respond to the data subject within the time limit set by the EU General Data Protection Regulation, generally within one month, unless we indicate otherwise.

The data subject also always has the right to lodge a complaint with the Finnish supervisory authority or the supervisory authority of the EU member state of your permanent place of residence or employment, if they consider that TAT has not processed personal data in accordance with applicable data protection legislation.

The Office of the Data Protection Ombudsman

Address:                                 P.O. Box 800, FI-00521 Helsinki
Address:                              Ratapihantie 9, 6th floor FI-00520 Helsinki
Switchboard:                                        +358 (0)29 56 66700
Email:                                 tietosuoja@om.fi