Search Menu

Stakeholder Register privacy statement

The stakeholder register of the Blood Service consists of the contact persons for blood donor groups, contact persons and voluntary organisers of blood donation sessions, retired employees of the Blood Service, contact information for partners in blood donation, communication and marketing activities, and visitors at the Blood Service.

Why is my data being collected?

Your data is collected for the purposes of contacting and communications. If you are a contact person of a blood donor group (BloodGroup), we require your data for communication related to blood donation visits and for sending you our various communication materials. The personal data of contact persons for blood donation sessions are also needed for purposes of contacting. We process the names and contact information of volunteers working at blood donation sessions for the eventuality that they are needed to handle insurance claims.

If you are a retired employee of the Blood Service, we will send you invitations to our events and communication materials, such as the Pisara and Avun Maailma magazines. If you are our cooperation partner, we need your contact information for purposes of communication and for sending you our materials.

If you are a visitor on our property, we want to ensure both your own safety and the safety and secrecy obligations of the Blood Service and our subtenants. In the case of visitors, personal data is collected on the basis of a legitimate interest of the Blood Service, as provisioned by the EU General Data Protection Regulation.

What data are collected about me?

We store your contact information only for the purposes of communication and only to the extent you wish to provide us: name, phone number, email address, address. For contact persons of blood donor groups, we also store the name of their represented organisation. With the exception of visitors on our property, the provision of personal data is voluntary and based on consent of the data subject.

From visitors on our property, we collect their name, organisation, name of host, purpose of visit, time of visit, and signature. By signing, visitors accept to comply with the instructions on confidentiality detailed in the visitor form. The provision of data is a prerequisite for the visit. Visitors are also subjected to video surveillance for purposes of security.

How is my data obtained?

Contact information and the identification information of visitors are obtained from the data subjects. Video recordings are obtained from the video surveillance system.

Why is my data processed?

Your contact information is processed for purposes of communication. The identification information of visitors is needed to ensure the corporate security of organisations operating on the property and the safety of the visitors.

Is my data disclosed outside the Blood Service? If so, why and where?
Contact information are not disclosed or transferred to outsiders, nor can they be accessed by third parties.
The identification information of visitors may be disclosed to representatives of subtenants of the Blood Service, insofar as they concern their visitors.

Is my data transferred outside the EU?

The information systems and their servers are located within the EU, which means that your data will not be transferred outside the EU.

How is my data being protected?

The processing of data is restricted to those professionals whose duties so require. They have received training on the use of information systems and information security and data protection measures. Access rights to the information systems are secured by passwords and/or reliable automatic authentication. Printed documents are stored in locked containers. Our contracts with the suppliers of information systems include provisions on data protection practices, such as confidentiality and the destruction of data.

Is my data used for profiling or automated decision-making?

Your data will not be used for profiling or automatic decision-making.

For how long is my data stored?

Contact information is stored for approximately two years after the final instance of contact.
Identification information of visitors is stored for two months. Video surveillance records are stored for one month. If a security concern requiring investigation arises during the storage period, the data may be stored for the duration needed by the investigation.

How can I review my data and rectify any inaccurate information?

You may request access to and rectifications of your data by submitting a request for data or rectification using the form available on the Blood Service website. You may also update your contact information by calling the Blood Service, tel. +358 (0) 29 300 1010.

Can I request the erasure of my data or object to the use of my data?

You may request the erasure of your data or object to their processing by calling the Blood Service, tel. +358 (0) 29 300 1010.

The identification information of visitors and video recordings may not be erased even upon request, as these are required for purposes of security. However, they will be erased automatically after their storage period.

Can I lodge a complaint with the authorities?

If you feel that the processing of your personal data is not lawful, you may lodge a complaint with the competent supervisory authority.

Contact information

Finnish Red Cross, Blood Service
Kivihaantie 7
FI-00310 Helsinki, Finland
tel. +358 29 300 1010
info(at)veripalvelu.fi

Person in charge of the filing system:

Willy Toiviainen, Director, Communications and Human Resources, tel. +358 29 300 1830