This page describes the requirements of The Finnish Personal Data Act (523/1999) sections 10 and 24, and the requirements of the EU General Data Protection Regulation (GDPR) (679/2016) in Articles 12 and 14, which applies to handling Personal Data.
Company / Registry Administrator
Name: Sodankylän elokuvafestivaali ry
Address: Liisankatu 5 C 00170 Helsinki
Business ID: 6628536
Service Address: www.msfilmfestival.fi
Name: Milja Mikkola
Whose data is being collected?
Information of the users visiting the service is collected, used and edited to aid in customer relationship management, delivery of services, direct marketing, distance selling and customer contact. Additionally, the data can be used for statistical and business development purposes.
Description of the personal data being handled
The user’s IP-address along with metadata of the hardware they are using while visiting the service.
The register may include following information of users
- User level (customer, employee, administrator)
- Service Usage Information (messages, orders, purchases)
Who else / what systems handle data?
Rights of the data subject
- Right to access
- Right to object
- Right of erasure
- Right to appeal
- Right to restrict direct marketing
A more detailed description of the rights can be found in this article: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ%3AL%3A2016%3A119%3ATOC
General information about cookies and their use
A cookie is a small piece of data, that is sent to your computer or mobile phone browser from a website’s computer and is stored on your device’s hard drive as file.
Cookies that enable or improve your services
The user can adjust the settings in their browsers, and choose which cookies are allowed to be used. Before switching the function off, it should be noted that sometimes cookies may be necessary for some services to operate properly.
- Cookie settings in Chrome
- Cookie settings in Firefox
- Cookie settings in Internet Explorer
- Cookie settings in Safari
We use technical and organisational security tools to protect personal information against unauthorised access, disclosure, disposal or other unauthorised processing.
The use of secure server solutions, firewalls, network traffic encryption technologies, encrypted keys, data encryption and the monitoring of usage.
The use of safe devices, appropriate access control, controlled distribution of access permissions and the control of their use. Guidance for personnel involved in handling Personal Data and the careful selection of subcontractors. All data handlers are bound by confidentiality agreements.
The disclosing of information
Information will not be disclosed outside of the Service, excluding the third parties mentioned in this document, and unless required by the law.
The transfer of Personal Data outside of the EU or EEA
In principle, personal data is not transferred outside of the EU or EEA. However in cases where data is transferred, it is ensured that the partner is a Privacy Shield -registered company or corporate body.
Data retention policy
We only retain information of the user for as long as it is needed and required by the current legislations.
Data Protection Supervisor: http://www.tietosuoja.fi/fi/index.html
EU Regulation: https://eur-lex.europa.eu/legal-content/FI/TXT/?uri=OJ%3AL%3A2016%3A119%3ATOC