Data protection

 

Analysing and developing the use of websites

We use cookies on the websites of Mining Finland to collect data about the use of our websites and the devices and browsers of users of our websites. We use cookies to analyse the use of our websites.

We use Snoobi Analytics to measure and generate reports of the use of our websites to develop the user experience, content and business activities.

By default, the following data about page loads is saved in Snoobi:

  • URL
  • Page name
  • Screen size and the number of colours
  • Device type and browser version
  • Device/browser language
  • The user's cookie identifier (valid for at most 10 years)
  • The session's cookie identifier (valid for at most 30 minutes)
  • Character encoding used on the page
  • IP address

 

Processing personal data

Mining Finland processes any personal data you have provided carefully and lawfully, while seeing to the proper protection of data.

 

Privacy policy

Data controller: Mining Finland registered association, reg. number 224.017

Contact person in matters related to the register: Harry Sandström (harry.sandstrom@saco.fi), +358400709899 

Name of the register: Membership register

Purpose of and legal grounds for processing personal data:  The maintenance of membership information for association´s activities; collecting registration information of the members for Mining Finland events; deliver public information of the members to customers and stakeholders.

Article 6.1e of the EU General Data Protection Regulation (GDPR) provides legal grounds for processing: Processing is necessary in order to carry out tasks concerning public interests, and processing concerns data about a person’s position, tasks and their carrying out in a public organisation, business association or other similar entity, and processing is in line with public interests and correctly proportional to the purpose of processing.    

During sales and marketing events, data is only collected with the explicit consent of the person  (article 6.1a of the GDPR).

Data content of the register and groups of personal data: Membership data and data about contact persons and actions carried out are saved in the register. The register is mainly maintained in a data system provided by an external service provider. Data can also be processed using other communication tools (e.g. Lyyti, webropol, newsletters sent via email).

Data collected about contact persons:  Location, contact information, name, profession, the content of meetings/messages and activities briefly, possible cooperation projects and their progress. All data is based only on professional interaction. No data about personal traits and other such qualities is collected.  

Storage period for personal data or, if this is not possible, criteria for defining the storage period: Memebership data will be maintained so far the company is a member of the association and will be erased within six month after the membership has ended or any time upon member´s request.    

Regular sources of data: Data is provided by the members directly or is copied from their public www-pages. 

Recipients of personal data or  groups of recipients: Data is processed only by people who work in the management of Mining Finland association.  

Information about the transfer of data to third countries and protection used (including information about the existence or non-existence of the Commission’s decision on the sufficiency of data protection), and opportunities to obtain a copy or information about content: No data is transferred from the register outside the EU or EEA

Principles of register protection (manual material and electronic processing: The system supplier ensures the technical protection of data in cooperation with Mining Finland Association. The use of the system is protected with a username and password, and only appointed persons of the organisation can use the system. All data is processed confidentially.

Rights of data subjects​​​​​​​: Data subjects have the right to access their data and request their data to be rectified.  On grounds related to a specific personal situation,  data subjects have the right to object to the processing of their personal data.  Nevertheless, the data controller can continue to process data on significant and justified grounds. If the aforementioned grounds do not exist, data subjects can request their personal data to be erased. If a data subject considers their data to be inaccurate, processing can be restricted in order to verify the accuracy of the data.  

If processing is based on consent  (article 6.1a) or explicit consent (article 9.2a), information about the right to withdraw consent at any time: Membership data is processed with the explicit consent of data subjects,  they have the right to withdraw their consent at any time  by sending a notification to the data controller via email to the contact person of the register.  

Right to file a complaint  with the supervisory authority: Data subjects have the right to file a complaint with the supervisory authority of the member state in which their permanent place of residence or business is or in which the suspected breach of the GDPR has taken place. If the data controller has refused the right to access personal data or  have the data rectified, data subjects can file  a complaint with the Finnish Data Protection Ombudsman. 

Office of the Data Protection Ombudsman

Visiting address: Ratapihantie 9, 6th floor, 00520  Helsinki   

Postal address: P.O. Box 800, FI-00521 Helsinki, Finland   

Tel.: +358 29 56 66700    Fax: +358 29 56 66735    

Email: tietosuoja@om.fi  

Information about the existence of automated decision-making, including profiling, and significant information about the processing-related logic, at least in these cases, and the significance of specific processing and any consequences for data subjects:  No automated decision making is used