Register and privacy statement
This is the register and privacy statement of Aallon Tekoälyseura ry in accordance with the Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Prepared on January 18, 2024. Last modified on January 18, 2024.
1. Data controller
Aallon Tekoälyseura ry, AYY (Housing), PL 69, 02150 Espoo
team@aaltoai.com
2. Contact person responsible for the register
NGUYEN DUC ANH, finances@aaltoai.com
3. Name of the register
The association's personal data register
4. Legal basis and purpose of processing personal data
The legal basis for processing personal data in accordance with the EU General Data Protection Regulation is - The person's consent to the storage of their data for purposes necessary for the association's activities.
The purpose of processing personal data is to maintain contact in the association's activities, manage system access rights, calculate AYY's membership numbers, and issue access passes. The data is not used for automated decision-making or profiling.
5. Data content of the register
The data stored in the register includes: the person's name, active membership status, AYY membership status, contact details, and login details for the systems of Aallon Tekoälyseura ry. The data is stored for the duration of the person's membership.
6. Regular sources of data
The data stored in the register is obtained from the customer, for example, from messages sent via web forms, by email, by telephone, and from agreements.
7. Regular disclosure of data and transfer of data outside the EU or EEA
Data is not regularly disclosed to other parties or published for other purposes. Data is stored and processed within the EU.
8. Principles of register protection
The register is processed with care and the data processed using information systems is protected appropriately. When register data is stored on Internet servers, the physical and digital security of the equipment is ensured in an appropriate manner. The controller ensures that the stored data, server access rights, and other information critical to the security of personal data are handled confidentially and only by those whose job description includes such tasks.
9. Right of access and right to request correction of data
Every person in the register has the right to check their data stored in the register and to request the correction of any incorrect data or the completion of any incomplete data. If a person wishes to check the information stored about them or request a correction, the request must be sent in writing to the controller. If necessary, the controller may ask the person making the request to prove their identity. The controller will respond to the customer within a reasonable time.
10. Other rights related to the processing of personal data
A person in the register has the right to request the deletion of personal data concerning them from the register ("right to be forgotten"). Similarly, data subjects have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the controller. If necessary, the controller may ask the person making the request to prove their identity. The controller will respond to the customer within the time limit specified in the EU General Data Protection Regulation (usually within one month).