This is a privacy statement in accordance
to EU General Data Protection Regulation
(2016/679, “GDPR”) and Finnish Privacy
Law (2018/1050).

  1. Registrar
    The registrar is DIMECC Oy (company ID
    2179030-4, addr. Åkerlundinkatu 8, 33100
    Tampere).
    The responsible registrar keeper and
    primary contact is Harri Kulmala (addr.
    Åkerlundinkatu 8, 33100 Tampere,
    phone +358408406380, email
    harri.kulmala@dimecc.com).
  2. Purposes and basis of processing
    The basis of processing personal
    information is the legitimate interest of
    DIMECC Oy. The purposes of processing
    personal information are:
  1. Data to be recorded in the register,
    regular data sources and data storage
    The following data is recorded in the
    register:

We process personal information as long
as is necessary for purposes laid out in
clause 2. By default, information is stored
for 3 years, but any sensitive information is
removed immediately after intended use
has expired.
The register information is gathered
regularly from the registered persons
through phone, internet, meetings or
similar means. The information is recorded
as given and updated upon declaration
from the registered to the registrar.
Personal information can also be gathered
and updated from commonly available
sources, such as company web pages,
trade register and other public and private
registers.
We remove any registered personal
information upon request if there is no
based and necessary reason to maintain
such information.

  1. Disclosure of information
    The following parties have access to the
    registered information: named DIMECC
    and Triuvare employees (Triuvare is
    DIMECC’s IT outsourcing partner).
    DIMECC may disclose event participant
    information to its partners to ensure event
    success (i.e. venue and catering partners).
    The registered information is not disclosed
    to third parties, or outside the European
    Union or the ETA.
  1. Data subject’s rights
    You have the following rights regarding
    your data, the requests of which are made
    to the registrar keeper (contact information
    in clause 1).
    Right of review
    You have the right to review any personal
    information registered, correct any false
    information, and complement any missing
    information.
    Right to object
    You have the right to object the use of your
    personal information whenever, should you
    feel that we have used your information
    illegally or that we have no right of use to
    your information. The right to object does
    not extend to contractual enforcements (i.e.
    mandate contract) or when processing of
    your information is necessary due to a legal
    obligation (i.e. accounting obligations).
    Direct marketing ban
    You have the right to deny direct marketing
    at all times. We do not sell or otherwise
    assign your personal information to third
    parties so they could target direct
    marketing towards you.
    Right to removal
    Should you feel that the processing or use
    of some of your personal information is not
    necessary for us to fulfil the purposes
    outlined here, you have the right to request
    the removal of such information. We
    process all removal requests, after which
    we either remove said information or give a
    basis for why the information cannot be
    removed. Should you disagree, you can at
    all times file a complaint with the data
    protection commissioner.

Right of complaint
You have the right to file a complaint with
the data protection commissioner if you feel
that we are at any time not complying with
the applicable data protection legislation
while processing your personal
information.

  1. Automatic decision making and profiling
    We do not use our registry for automatic
    decision making or profiling of registrees.
  2. Registry protection principles
    All electronic information is kept in
    information systems owned by DIMECC Oy
    or its subcontractors. These systems
    employ both technical and programmatic
    means to comply with data protection and
    information security.
    Only personnel authorized to process
    personal information have access to the
    registry system. Each user has their own
    username and password, and information
    is gathered into databases protected by
    firewalls, passwords and other technical
    means. The databases and any backup
    copies are kept in locked areas, accessible
    only by known and trusted persons.
  3. Cookies
    The registrar uses cookies on its webpage.
    A cookie is a small text file which the
    internet browser saves to the user’s device.
    The user can in their browser settings
    choose to accept or deny the use of
    cookies. The user can also prompt the
    browser to inform them of cookies being
    used on the webpage, whereupon the user
    can choose to accept the cookies on an
    individual basis. The refusal of cookies may
    affect the use of the registrar webpage.