Privacy policy statement for groups associated with TELA’s operations
Privacy policy statement according to the EU’s Data Protection Regulation.
Controller
Finnish Pension Alliance TELA
Salomonkatu 17 B
00100 Helsinki
Contact person for matters concerning the register:
Register name
Groups associated with TELA’s operations.
Purpose of the processing of personal data
TELA is an advocacy organization. Its activities are closely linked with various bodies. These bodies have their own closed extranet pages for their activities. Access to extranet pages is managed by means of usernames.
As part of TELA’s operations, we compile statistics associated with pension providers’ investment activities into a separate statistical system. Access to the system is restricted to persons nominated by the members. These nominated persons have separate access to the statistical system.
Basis for the processing of personal data
The processing of personal data is based on the consent given by data subjects.
Categories of data subjects concerned
- users of TELA’s Extranet
- users of TELA’s statistics system
Contents of the register
For system users:
- name
- email address.
Regular data sources
Personal data are collected with the data subject’s consent, in accordance with the employer’s or the person’s own account, from the persons themselves.
Recipients of personal data
TELA does not disclose information for use outside its own activities, except when law requires that.
Period for which personal data are stored, or the criteria used to determine that period
Personal data are stored for as long as the person is involved in TELA’s activities.
Rights of data subjects
Data subjects have the right to request access to their personal data and the right to request the rectification or erasure of data or restriction of the processing.
Automatic decision-making
Personal data are not processed automatically. Nor are they used for automatic decision-making.
Right to withdraw consent
Data subjects have the right at any time to withdraw the consent they have given to the processing of their personal data.
Right to lodge a complaint to the supervisory authority
Data subjects have the right to lodge a complaint to the Data Protection Ombudsman if they consider that the processing of their personal data violates the General Data Protection Regulation.
Protection of personal data
The register is maintained and protected by various technical and organizational measures. Access to the data is limited by user credentials.
The third-party personal data processor (CRM system administrator) is responsible for protecting the register in accordance with a personal data processing agreement.