Privacy policy

The privacy policy tells how Sähkökilta collects, retains and uses personal data required for the operation of the guild.

Privacy Policy

This is the privacy policy of Sähkökilta ry. It complies with the Finnish Personal Data Act (Sections 10 and 24) and the General Data Protection Regulation (GDPR) of the EU. Written on 25 May 2018. Last modified on 29 January 2019.

1. Data controller

Sähkökilta ry, Korkeakoulunkatu 3, 33720 Tampere, Finland


2. Data controller’s representative

Kaisa Vornanen

Chair of the Board


3. Register’s administrator

Paju Virtanen


4. Name of the register

Membership register of Sähkökilta ry.

5. Legal basis and purpose of the processing of personal data

List of the association’s members under section 11 of the Associations Act.

6. Data content of the register

The data entered into the register consists of the member’s full name, home municipality, e-mail address, and degree programme.

7. Regular sources of data

The collected data is obtained either from the members themselves or from the Student Union of Tampere University.

8. Disclosure of data

The data may be disclosed to the board and personnel of Sähkökilta ry.

9. Principles of data protection

The contents of the register are protected and processed with due care.

10. Right of access to data and right to rectification

Persons included in the membership register have the right to know what information has been collected from them and entered into the register and to request the rectification of incorrect data. The request to access data must be made in writing to the register’s administrator.

Data security

General information

The Guild keeps a membership register and has a related privacy policy (a document that defines the data controller, data processor, and the purpose of the collection of data). The Guild is the data controller of the membership register. The Guild may change the place where the personal data is stored, but the authority to process data must remain with the Guild even if the storage of data is outsourced.

GDPR update

Key principles:

  • the collected data must be necessary,
  • the data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

Data subjects (guild members) have the right to access their data. In the event of a data leak, the Guild has a duty to notify both the authorities and the member(s) concerned within 72 hours.

We use cookies

This website uses cookies only for necessary purposes such as saving settings on the user's device or for keeping track of user sessions.