Registrar:
Arcada Student Union – ASK (Business ID: 2000708-2), asken.fi
The Student Union of Diaconia University of Applied Sciences O’Diako (Business ID: 2034849-3), odiako.fi
The Student Union of Haaga-Helia – Helga (Business ID: 2075366-7), helga.fi
Student Union of Humak University of Applied Sciences HUMAKO (Business ID: 2040777-2), humako.net
The Student Union of Laurea University of Applied Sciences Laureamko (Business ID: 2067397-4), laureamko.fi
Student Union of Metropolia University of Applied Sciences METKA (Business ID: 2165831-1), metkaweb.fi
The Student Union of the Turku University of Applied Sciences – TUO (Business ID:2045784-1), opiskelijakunta.net
Student Union of JAMK University of Applied Sciences – JAMKO (Business ID: 2038383-8), jamko.fi
Contact Person in Matters Relating to the Register:
Marianna Rantanen
marianna.rantanen@humako.net
044 257 8884
Jani Mäntysaari
jani.mantysaari@helga.fi
045 850 4280
Data protection officer:
Vellu Taskila
vellu.taskila@samok.fi
050 389 1013
Name of the registry:
Lime CRM Member Registry
Purpose for processing personal data:
A ‘list of members of the association’ within the meaning of section 11 of the Associations Act (503/1989). At the same time the member registry will function as the CRM system of the student unions’ joint online shop. When applying for membership students will be asked to agree to the processing of their data.
Student’s name
Personal identification code
Date of birth
Address information
Place of domicile
Student ID
National student number
E-mail address
Phone
Institution of Higher Education
Campus
Degree programme
Starting and termination dates of studies
Study entitlement status
Semester registration status
Type of study entitlement
Classification of study entitlement
Paid membership period
Date of termination of membership
Status of membership
Joining date
Membership renewal date
Path to membership
Payment date
Payment method
Language
Sticker relinquished
Card type
Marketing licence
Online shop or order and purchase history
Observations recorded in the system
Data storage period:
Information be kept at the latest for 13 months from the termination of the membership period.
Regularly used information sources:
The students give their information with an online form. Information relating to customership comes from the student unions’ joint online shop, which is operated by Treanglo Oy.
Regular disclosure of data:
As necessary, information may be released to the provider of the member ID or student card.
The online shop shall receive information about the period of validity of a membership so that the student may purchase products or services at a member price. The online store also has access to data released by the student.
If, through an offer made by a student union, the student also becomes a member of some student association, the information will be released to the association concerned.
With the consent of a member, personal data may be disclosed as a technical record to the student union’s collaborating partners for direct marketing purposes. Collaborating partners will not disclose personal information to third parties.
Transfer of data outside the EU or EEA:
Information will not be released or transferred outside the EU or the European Economic Area (EEA).
Principles of registry protection:
The registry is electronic.
Only the student union’s designated employees and those in a position of trust, and the employees and trusted persons of organisations contracted by the student union, or associated with it, will have the right to use the member registry. The registry has different user levels so that a user is only given those administration and browsing privileges for data that is necessary for his/her task. In addition, each user has a personal username and password, which are required when signing in. Participation in user training and the signing of a user contract is required of the person receiving a username. Other necessary organisational security methods are also employed.
The technical protection of the registry and interfaces has been agreed with system suppliers. The member registry retains a log entry of procedures that have carried out.
Checking and updating of data:
The identity of the student is verified electronically when joining as a member. The student can log in with a personal user name and a password. After logging in, the student can control that their information is correct and make corrections if necessary.
By making a separate request, it is possible for this student to receive a personal link to all the information held about them in the registry.
Other rights concerning the processing of personal data:
It is possible for this student to refuse direct marketing.
The student has the right to transparency about the processing of personal data, to be forgotten, to transfer data from the system to another, to limit or forbid the processing of information and to submit a complaint to the supervisory authority.
The student may at any time change their consent regarding the processing their data.
Because registrars have a statutory obligation to maintain a list of members, this means that forbidding the processing of information, or “becoming forgotten”, is in practice resignation from membership. However, the student may also forbid the processing of part of his/her data. Additionally, part of the information is mandatory for receiving a member identifier (username) and for use of the benefits and services that this gives access to.
Supervisory authority’s contact information:
Office of the Data Protection Ombudsman
Visiting address: Ratapihantie 9, 6th floor FI-00520 Helsinki
Postal address: P.O. Box 800, FI-00521 Helsinki
Switchboard: +358 (0)29 56 66700
E-mail: tietosuoja(at)om.fi
Report form for deviation in data protection
According to the EU data protection measure, security breaches must be reported within 72 hours of its detection. This form is part of the student’s data protection process.