DATA PROTECTION

Analysing and developing the use of websites

We use cookies on the websites of Mining Finland to collect data about the use of our websites and the devices and browsers of users of our websites. We use cookies to analyse the use of our websites.

Processing personal data

Mining Finland processes any personal data you have provided carefully and lawfully, while ensuring the proper protection of data.

Privacy policy

Data controller: Mining Finland registered association, reg. number 224.017

Contact person in matters related to the register: Aleksi Salo (aleksi.salo@miningfinland.fi), +358407293613 

Name of the register: Membership register

Purpose of and legal grounds for processing personal data:  The maintenance of membership information for the association´s activities; collecting registration information of the members for Mining Finland events; delivering public information of the members to customers and stakeholders.

Article 6.1e of the EU General Data Protection Regulation (GDPR) provides legal grounds for processing: Processing is necessary to carry out tasks concerning public interests, and processing concerns data about a person’s position, tasks, and their carrying out in a public organisation, business association, or other similar entity, and processing is in line with public interests and correctly proportional to the purpose of processing.    

During sales and marketing events, data is only collected with the explicit consent of the person  (article 6.1a of the GDPR).

Data content of the register and groups of personal data: Membership data and data about contact persons and actions carried out are saved in the register. The register is mainly maintained in a data system provided by an external service provider. Data can also be processed using other communication tools (e.g., Lyyti, Webropol, newsletters sent via email).

Data collected about contact persons:  Location, contact information, name, profession, the content of meetings/messages and activities briefly, possible cooperation projects, and their progress. All data is based only on professional interaction. No data about personal traits and other such qualities is collected.  

Storage period for personal data or, if this is not possible, criteria for defining the storage period: Membership data will be maintained as long as the company is a member of the association and will be erased within six months after the membership has ended or at any time upon the member´s request. 

Regular sources of data: Data is provided by the members directly or is copied from their public www-pages. 

Recipients of personal data or groups of recipients: Data is processed only by people who work in the management of the Mining Finland association.  

Information about the transfer of data to third countries and protection used (including information about the existence or non-existence of the Commission’s decision on the sufficiency of data protection), and opportunities to obtain a copy or information about content: No data is transferred from the register outside the EU or EEA

Principles of register protection (manual material and electronic processing: The system supplier ensures the technical protection of data in cooperation with the Mining Finland Association. The use of the system is protected with a username and password, and only appointed persons of the organisation can use the system. All data is processed confidentially.

Rights of data subjects​​​​​​​: Data subjects have the right to access their data and request their data to be rectified.  On grounds related to a specific personal situation,  data subjects have the right to object to the processing of their personal data.  Nevertheless, the data controller can continue to process data on significant and justified grounds. If the aforementioned grounds do not exist, data subjects can request their personal data to be erased. If a data subject considers their data to be inaccurate, processing can be restricted in order to verify the accuracy of the data.  

If processing is based on consent  (article 6.1a) or explicit consent (article 9.2a), information about the right to withdraw consent at any time: Membership data is processed with the explicit consent of data subjects; they have the right to withdraw their consent at any time by sending a notification to the data controller via email to the contact person of the register.  

Right to file a complaint with the supervisory authority: Data subjects have the right to file a complaint with the supervisory authority of the member state in which their permanent place of residence or business is or in which the suspected breach of the GDPR has taken place. If the data controller has refused the right to access personal data or to have the data rectified, data subjects can file a complaint with the Finnish Data Protection Ombudsman. 

Office of the Data Protection Ombudsman

Visiting address: Ratapihantie 9, 6th floor, 00520  Helsinki   

Postal address: P.O. Box 800, FI-00521 Helsinki, Finland   

Tel.: +358 29 56 66700    Fax: +358 29 56 66735    

Email: tietosuoja@om.fi  

Information about the existence of automated decision-making, including profiling, and significant information about the processing-related logic, at least in these cases, and the significance of specific processing and any consequences for data subjects:  No automated decision-making is used.