Why is my data being collected?
Contact information is collected for customer relationship management, contacts, and customer communications. Contact information is required in order to communicate with customers and authorities on current issues and changes in the Blood Service’s products and services. We also need up-to-date contact information for critical, high-speed communications. Data is collected concerning customer representatives on the basis of a legitimate interest of the Blood Service, as provisioned by the EU General Data Protection Regulation. In the case of training and other events, consent forms the basis of the processing of such data.
What data is collected about me?
We only collect data necessary for communication purposes, such as name, company, title and possible specialism, e-mail address, company telephone number, and postal address. In addition, data provided by the person in question, on issues such as special dietary preferences, is collected for training sessions and other events.
How is my data obtained?
The contact details originate from the registered persons themselves, or the official representative of the organisation.
Why is my data processed?
For the purposes of customer communications and contacts with regard to the products and services of the Blood Service, as well as the management and coordination of various occasions and events.
Is my data disclosed to parties outside the Blood Service? If so, why and where?
Contact information is not submitted or transferred to third parties, and is not accessible to parties outside the blood service, aside from information system suppliers who have access to the systems for technical reasons.
Is my data transferred outside the EU?
The information systems and their servers are located within the EU, which means that data is not transferred outside the EU.
How is my data protected?
The processing of the data is restricted to persons responsible for customer communications within the Blood Service. They have received training on the use of information systems and information security and data protection measures. Access rights to the information systems are secured by passwords and/or reliable automatic authentication. Our contracts with the suppliers of information systems include provisions on data protection practices, such as confidentiality and the destruction of data.
Is my data used for profiling or automated decision-making?
Your data will not be used for profiling or automatic decision-making.
For how long is my data stored?
The information is kept in the registry until the person notifies us that he or she would like the data deleted from the registry, or the organisation notifies a change of contact person. Data is checked in customer meetings to ensure that it is up to date. In addition, incorrect and outdated contact information is deleted. Participants in training are deleted from the register once the management of the transaction (feedback and invoicing) has been completed.
How can I review my data and rectify any inaccurate information?
Access to and rectifications of data can be requested by submitting a request for data or request for rectification using the form available on the Blood Service website, or by sending a message to asiakakaspalvelu(at)veripalvelu.fi. Contact information can also updated by calling the Blood Service, tel. +358 29 300 1010.
Can I request the erasure of my data or object to the use of my data?
The erasure of data may be requested or prohibited by sending a message to asiakakaspalvelu(at)veripalvelu.fi or by contacting the Blood Service by telephone, tel. +358 (0)29 300 1010.
Can I lodge a complaint with the authorities?
If you feel that the processing of your personal data is not lawful, you may lodge a complaint with the competent supervisory authority.
Finnish Red Cross, Blood Service
FI-00310 Helsinki, Finland
tel. +358 29 300 1010
Person in charge of the filing system:
Hannele Sareneva, Head of Department, tel. +358 29 300 1798