Privacy policy

1. CONTROLLER

Name: COSS – the Finnish Centre for Open Systems and Solutions
Address: PL 35, 33101 Tampere
Contact: +358 40 649 2922, Itk@itk-konferenssi.fi

2. Contact person for the register

Name: Sini Kilpinen
Address: PL 35, 33101 Tampere
Contact: +358 40 649 2922, sini.kilpinen@coss.fi

3. DATA PROTECTION OFFICER

Oy Tawasta OS Technologies Ltd.
PL 82
33101 TAMPERE
info@tawasta.fi

4. DATA HANDLER

ITK Conference participant register.

5. Purpose of the register

Personal data is needed/used for orders, refunds, invoicing, returns, communication, transactions, customer surveys, service development, reporting, marketing (with the customer's consent), and other customer relationship management activities.

6. CONTENT OF THE REGISTER

Name, email address, phone number, job title, organization.

7. Sources of information

ITK Conference CRM system, Participants

8. REGULAR DISCLOSURES OF DATA AND TRANSFERS OF DATA OUTSIDE THE EU OR EEA

Personal data is used for creating personalized conference passes, providing services, statistics, billing, customer service, and marketing (with consent). 

COSS does not transfer personal data to countries outside the European Economic Area (EEA) or the European Union (EU). 

Personal data is shared with ITK Exhibition exhibitors only if the customer provides consent.


9. Register security

The register is secured with usernames, passwords, and a firewall. Access to the customer relationship system is granted only to employees authorized to process customer data. Each user has their own username and password in the system.

10. RIGHT TO INSPECT AND REQUEST CORRECTION OF DATA

Every individual in the register has the right to inspect their stored information and request correction of any erroneous or incomplete data. Requests to inspect data or request corrections should be sent in writing to the data controller. The data controller may request proof of identity if necessary. The data controller will respond to the customer within the time frame set by the EU General Data Protection Regulation (typically within one month).

11. OTHER RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA

Individuals in the register have the right to request the removal of their personal data from the register ("right to be forgotten"). They also have other rights as per the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests should be sent in writing to the data controller. The data controller may request proof of identity if necessary. The data controller will respond to the customer within the time frame set by the EU General Data Protection Regulation (typically within one month).