Data protection and terms and conditions
This privacy statement also serves as the description of file (the Finnish Data Protection Act (1050/2018)).
1. Controller
Edistysmielisen tutkimuksen yhdistys ry (in the future: E2 Research), Business ID: 2058184-2. Kalevankatu 4, 3rd floor FI-00100 Helsinki
2. Contact person for register-related matters
Karina Jutila tel. +358 (0)50 5515 36 karina.jutila(at)e2.fi.
3. Name of register
- Stakeholder and communication register
- Research register
- Member register
4. Purpose of the processing of personal data
E2 Research is a multidisciplinary research institution that engages in research, offers specialist services, and uses data to support the development of the society toward a more democratic, equal, and sustainable direction. E2 Research processes datasets in order to carry out research that supports the society in various ways.
This description of file applies to those who subscribe to the bulletins of E2 Research and the members of the association. E2 Research collects personal data for its communication register in order to provide information on upcoming events, publications, and activities of E2 Research. The communications are sent via email to the persons included in the communication register.
The personal data of the members of the association are collected for the management of memberships-related matters. Persons included in the membership register are also included in the communication register.
E2 research also collects and processes personal data for conducting research. Most commonly, the purpose of processing personal data is to send out various surveys to individuals participating in the research, arrange research interviews, or schedule observational study appointments.
In addition to communication purposes, personal data is collected as part of the research data. Research data is anonymized or pseudonymized, and personal data is not processed for identification purposes.
We also process the information of our partners, interest groups, and visitors to our website.
The legal basis for the processing of personal data is provided by the following subsections of the General Data Protection Regulation of the EU:
- a) you have consented to the processing of your personal data for one or more specific purposes;
- b) the processing is necessary for the execution of an agreement to which you are a party, or for the performance of measures preceding conclusion of an agreement at your request;
- f) the processing is required for the realization of the legitimate interests of the controller or a third party, except where your interests or fundamental rights and freedoms requiring the protection of personal data supersede such interests.
5. Data content of the register
The communication register contains the name and email address of the subscriber.
The membership register may also include the mailing address and professional title of the member of the association and the name of their employer. The communication and membership register may also contain other public information pertaining to the employer.
E2 Research may process the personal data of the research subjects such as name, email address or gender.
Processing of personal data while conducting research does not require identification of the data subject, and data is not collected for identification purposes in the research. Identification of an individual may be possible, although not probable, for example, with additional information provided by the data subject. The data controller cannot directly identify individuals from the data held in the research dataset.
6. Regular sources of data for the register
The personal data in the communication register is received from the data subjects themselves, for example through the registration link on the website of E2 Research or through joint ventures. A data subject can also request the addition of their personal data directly to the communication register during an event organized by E2 Research, for example.
The data in the membership register is collected during the registration of a member.
The information in the research register has been obtained from the individuals participating in the research themselves.
E2 Research may also utilize publicly available sources of information, such as the websites of companies or agencies. When communication materials are sent, E2 Research requests permission to store the email address to their register and also provides the option to remove said information from the register.
7. Regular disclosure of data and transfer of data outside EU or EEA
E2 Research discloses information included in the communication register to Liana Technologies that acts as a processor of personal data, and which handles the technical processes required to send the communication materials. LianaMailer and LianaPress operate in accordance with EU data protection legislation. Further information on Liana Technologies and GDPR: https://www.lianatech.fi/tietosuojaseloste.html (in Finnish).
The information in the membership register is only available to E2 Research. This information is not disclosed further.
8. Erasure of data
Data is removed from the communication register at the request of the data subject. The request for erasure of data must be sent to e2(at)e2.fi.
9. Data storage period
Personal data is stored for as long as necessary for the realization of the purposes specified in this privacy statement.
10. Principles of register protection
Personal data is kept confidential. The data network and hardware of E2 Research on which the communication and membership registers are stored are protected by a firewall and other technical measures deemed necessary. The information in the data network is only accessible to and used by persons who are entitled to do because of their work.
11. Right of review
The data subject has the right to review any data pertaining to them included in the register The request is made in writing or in person at the premises of the controller, (the Data Protection Act 1050/2018) at the address specified in section 1.
12. Right to request the correction of data
The data subject has the right to request the correction of incorrect data included in the register. The request is made in writing (the Data Protection Act 1050/2018) using the address specified in section 1.
13. Other rights concerning the processing of personal data
The data subject has the right to prohibit the processing of personal data pertaining to them within the framework of the Data Protection Act (1050/2018). The prohibition is issued in writing using the address specified in section 1.