Search

About us

Privacy policy

On this page you can find HyTe ry's privacy policy (in Finnish).

Contents

  1. INTRODUCTION
  2. PERSONAL DATA CONTROLLER
  3. PURPOSE AND BASIS OF PROCESSING PERSONAL DATA
  4. DATA CONTENT OF THE REGISTER
  5. PERSONAL DATA STORAGE PERIOD.. 4
  6. REGULAR DATA SOURCES
  7. REGULAR DATA TRANSFER AND DATA TRANSFER OUTSIDE THE EU OR THE EUROPEAN ECONOMIC AREA (EEA)
  8. REGISTER PROTECTION
  9. THE RIGHT OF THE DATA SUBJECT TO OBJECT TO THE PROCESSING OF PERSONAL DATA (RIGHT TO OBJECT)
  10. OTHER RIGHTS OF THE DATA SUBJECT RELATED TO THE PROCESSING OF PERSONAL DATA

10.1 The data subject’s right to access information (right of inspection)

10.2 The data subject’s right to demand rectification, erasure or restriction of processing

10.3 The data subject’s right to transfer data from one system to another

10.4 The data subject’s right to complain with a supervisory authority

10.5 Other rights

  1. CONTACT
  2. COOKIES

 

1. INTRODUCTION

This document provides information on the processing of personal data by the General Data Protection Regulation. The statement was last updated on 6th August 2025. This document is a translation of the original Finnish version: HyTe ry:n tietosuojaseloste.

2. PERSONAL DATA CONTROLLER

Personal data controller

HyTe ry (formerly EJY RY)
Business ID: 1953125-8
Kauppamiehentie 6
02100 Espoo
www.hyte.fi

Data protection officer contact details

tietosuojavastaava@hyte.fi

3. PURPOSE AND BASIS OF PROCESSING PERSONAL DATA

The basis for processing personal data is the contractual relationship between the data subject and HyTe ry, the obligation under the Associations Act to maintain a membership list, HyTe ry’s legitimate interest, the data subject’s consent, an assignment given by the data subject or other relevant connection. The data subjects include the contact persons of HyTe’s member associations, other associations, and authorities, as well as volunteers involved in HyTe’s activities and customers of HyTe’s projects and services.

Personal data may be processed for the following purposes:

  • Managing, implementing, developing and monitoring partnerships, memberships, volunteering, customer relationships, customer service, events and other activities, as well as related communications and marketing.
  • Analyzing, grouping and reporting partnerships, customer relationships and volunteering.
  • Collecting and processing customer, partner and volunteer feedback and satisfaction data.
  • Conducting surveys and opinion polls.

4. DATA CONTENT OF THE REGISTER

The following information may be stored about the registered person, including but not limited to the following, which are necessary for the register:

Basic information

  • first and last names, nickname
  • contact information (address, work phone number, mobile phone number, personal email address, work email address and other necessary contact information)
  • employer’s name, industry and contact information
  • title and position at the workplace
  • area of responsibility at the workplace
  • degree
  • special diet
  • language

Information related to customer service, use of services, volunteering and other relevant connections

  • Start and end times of relevant connections.
  • Information related to the use of services.
  • Information related to the use and purchase of services.
  • Information related to invoicing and collection.
  • Event and user analysis information.
  • Marketing and communication implementation information and its use in various communication channels, such as newsletters and direct messages.
  • Content and data generated by the data subject themselves, such as customer feedback, and additional information provided by the data subject, such as customer-related wishes, satisfaction data, interests or other similar information (e.g. material and communications produced on social media related to the data controller).
  • Prohibitions, restrictions, consents and other choices (e.g. direct marketing permissions and information related to marketing targeting).
  • Anonymous data collected through cookies and web analytics: behavioral data (e.g. page views, clicks, scrolling, duration of visit), device data (such as operating system, browser, screen resolution and device model), location (general location such as country or city but not exact address), age, gender and interests, if the user has accepted the website’s cookies and the data is available. For more information on cookies, see Chapter 12.
  • Data related to data processing, such as the date of storage and data source. Information on changes to the information specified above.

Depending on the function or working method, information on life situation and other aspects may be collected in the interest of the customer in order to carry out effective customer work, to map the need for service and to search for service forms. This information includes:

  • personal identity code
  • labor market situation
  • financial situation
  • life situation
  • health situation
  • family situation
  • housing situation
  • information on checking the criminal record extract (volunteers working with children)

5. PERSONAL DATA STORAGE PERIOD

HyTe ry utilizes electronic data processing and registry programs to maintain data, carry out surveys, collect event registrations and send newsletters. In addition, filled-in forms are collected manually, such as membership applications of associations.

HyTe stores the basic information of its members, volunteers, partners and customers, as well as personal data related to customer relationships, in its contact registers until the relationship between the data subject and HyTe can be considered to have ended.

For customer relationships, the expiration date is determined by the data subject’s last service contact or contact, to which 2 years are added.

Some of the data may have to be stored for longer than this for reasons arising from legislation. Data may be deleted at the customer’s request or due to the end of the customer relationship.

HyTe ry stores functional cookies collected during the use of the services for the duration of the online service session. For more information about cookies, see Chapter 12.

6. REGULAR DATA SOURCES

Personal data is collected from the data subject themselves by telephone, post, email or similar means, as well as from HyTe’s systems in connection with registration and use of services, or from other similar notifications made to HyTe during a cooperation or customer relationship. In addition, personal data may be collected, among other things, from digital services related to HyTe’s operations, where information about the registered person is available.

Personal data may also be collected and updated from generally available data sources, such as data sources provided by associations, unions and authorities, as well as from public or private registers and data sources providing information services (e.g. the Finnish Patent and Registration Office).

The prohibition of direct marketing is recorded in separate notifications from the data subject (e.g. the unsubscribe link in newsletters).

7. REGULAR DATA TRANSFER AND DATA TRANSFER OUTSIDE THE EU OR THE EUROPEAN ECONOMIC AREA (EEA)

As a general rule, we do not transfer the data in the register to external parties, with the exception of situations where HyTe ry has separately agreed on the processing of personal data with another organization (for example, the authority coordinating hospital volunteers receives contact information for hospital volunteers).

If necessary, data can be transferred with the customer’s permission to parties acting in the customer’s interest, either to obtain customer-specific benefits or to expand service types. We follow a strict confidentiality and transfer policy regarding sensitive data.

Event participants regularly receive information about the people who participated in the event or training (for example, name, email).

HyTe does not transfer personal data outside the European Union or the European Economic Area.

HyTe uses the following service providers:

  • Microsoft (email, Teams, cloud services)
  • Clara customer relationship management system
  • Webropol survey tool
  • Mailerlite newsletter program
  • Google Analytics
  • Social media channels (META, LinkedIn and YouTube)

8. REGISTER PROTECTION

Designated people are authorized to use the system containing personal data. Each user has their own username and password for the systems.

The data is collected in databases that are protected by firewalls, passwords and other technical means. There are various levels of access rights, and each user is given sufficient access to perform the task, but as limited as possible.

The databases and their backups are located in locked premises, and only certain pre-designated people can access the data. Paper materials are stored at HyTe ry’s premises at Kauppamiehentie 6, in locked premises, in locked storage locations, which are only accessible to persons who have been specifically granted access.

We store personal data at least for the duration of the cooperation relationship, taking into account the requirements of the legislation and authorities, including accounting legislation, special legislation concerning data subjects’ data and archiving requirements. The controller regularly assesses the necessity of storage, taking into account applicable legislation. In addition, the controller takes reasonable measures to ensure that no personal data of the data subjects that are incompatible with the purposes of the processing, outdated or incorrect are stored in the register. The controller corrects or destroys such data without delay.

HyTe ry adheres to a strictly regulated duty of confidentiality. Information concerning an individual is only disclosed due to a statutory reporting obligation, for example, at the customer’s own request or at the request of an authority based on the law.

9. THE RIGHT OF THE DATA SUBJECT TO OBJECT TO THE PROCESSING OF PERSONAL DATA (RIGHT TO OBJECT)

The data subject has the right, on grounds relating to his or her particular situation, to object to processing operations concerning him or her. The data subject may submit a request to object to the processing of his or her data in accordance with Section 10 of this Privacy Policy. In the request, one must identify the particular situation to which the request relates. Based on which he objects to the processing, HyTe may refuse to implement the request for objection on the grounds provided for in the law.

10. OTHER RIGHTS OF THE DATA SUBJECT RELATED TO THE PROCESSING OF PERSONAL DATA

10.1 The data subject’s right to access information (right of inspection)

The data subject has the right to inspect what information about them has been stored in HyTe’s contact information register. The inspection request must be made in accordance with section 10 of this privacy policy. The right of inspection may be denied on the grounds provided for in the law. The exercise of the right of inspection is, in principle, free of charge.

10.2 The data subject’s right to demand rectification, erasure or restriction of processing

To the extent that the data subject can act on his/her own initiative, he/she must, without undue delay, upon becoming aware of the error or upon discovering the error himself/herself, rectify, erase or supplement any incorrect, unnecessary, incomplete or outdated data in the register.

To the extent that the data subject is unable to rectify the data himself/herself, the data subject may demand rectification, erasure or restriction of processing of the incorrect, unnecessary, incomplete or outdated data. The request for rectification must be made in accordance with section 10 of this privacy policy.

The data subject also has the right to demand that the controller restrict the processing of his/her personal data, for example, in a situation where the data subject is waiting for HyTe’s response to a request for rectification or erasure of his/her data.

10.3 The data subject’s right to transfer data from one system to another

To the extent that the data subject has himself/herself submitted data to the customer register that is processed on the basis of the data subject’s consent or instruction, the data subject has the right to receive such data, as a rule, in a machine-readable format and the right to transfer this data to another data controller.

10.4 The data subject’s right to complain with a supervisory authority

The data subject has the right to complain with a competent supervisory authority if the data controller has not complied with the applicable data protection regulations in its operations. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman, www.tietosuoja.fi.

10.5 Other rights

If personal data is processed based on the data subject’s consent, such as for marketing purposes, the data subject has the right to withdraw his/her consent by notifying HyTe of this following section 11 of this privacy policy.

11. CONTACT

In all questions related to the processing of personal data and in situations related to the exercise of one’s own rights, the data subject must contact HyTe ry by email at tietosuojavastaava@hyte.fi, by post at HyTe ry, Kauppamiehentie 6, 02100 Espoo, or by arranging a meeting in advance at the association’s office at Kauppamiehentie 6, 02100 Espoo.

If necessary, HyTe ry may ask the data subject to specify their request in writing, and the data subject’s identity will be verified before taking any other measures.

12. COOKIES

We use the so-called cookie function in our online services. When using the online service, the user (visitor) of the online services can give their consent to the use and storage of cookie files related to the online service under the following.

Cookies are used, among other things, for measurement and research purposes to determine the type and amount of use of the online service. A cookie is a small text file sent to and stored on the user’s computer, which helps HyTe to recognize frequent visitors to the website. Cookies allow us to continuously improve the content of our online services. Cookies do not harm users’ computers or files. Cookies do not allow the user to view or copy data from the user’s terminal device’s storage device, such as the hard drive.

Cookies other than those necessary for the proper functioning of the service are used only with the visitor’s consent.

For more information about cookies, see www.aboutcookies.org.

About us

Events

All current events

HyTe ry

Address: 

Kauppamiehentie 6,

02100 Espoo

Services:

HyTe @social media

@hyvinvointiterveys

#hytery

Facebook Twitter Linkedin Instagram
HyTe ry
Powered by  GDPR Cookie Compliance
Tietoa evästeistä

Tällä sivustolla käytetään evästeitä käyttäjäkokemuksen parantamiseksi sekä analytiikkaan ja markkinoinnin kehittämiseen. Eväste on pieni tekstitiedosto, joka tallennetaan tilapäisesti käyttäjän kiintolevylle.