1 Policies for protection of personal data
The Student Union of Åbo Akademi University (ÅAS) is committed to protecting the privacy of the users of its services and observes in its operations the legislation concerning privacy protection, other legislation, and best privacy practices. This privacy statement describes the practices concerning the collection and processing of personal data at ÅAS. “Personal data” is information that can be connected to a specific person.
This privacy statement applies when ÅAS is the controller of the personal data file and when we refer to the application of this privacy statement in connection with the use of ÅAS’ services.
If you do not accept the practices described in this privacy statement, we do not recommend that you submit your personal data to ÅAS.
1.1 What information do we collect?
ÅAS may collect information of its users necessary for the purposes defined in this privacy statement. The purpose determines what kind of information is collected of the users in different situations.
1.2 Information you provide
When registering for an event, booking a space, registering your interest for a position of trust, or signing a contract with ÅAS, you will be asked for necessary information.
This information may include:
- E-mail and other contact information
- Information about diets and allergies
- Account number
- Request for table placement
- Membership in and / or positions of trust within one or more associations
- Other information that you have provided or that has been disclosed with your consent
2.2 Personal information provided to ÅAS
In accordance with the Universities Act 558/2009 (§ 46), all students at a university who have been admitted to study for a lower or higher university degree, except for students who participate in commissioned education, are members of the student union. The university monitors that the membership fee is paid.
To check for union membership, ÅAS has access to Åbo Akademi University’s (ÅAU’s) student register. The personal information in ÅAU’s student register that ÅAS has access to is:
- Student number
- Contact information (Telephone number, postal address)
- Attendance status / Student union membership status
- Faculty affiliation
ÅAS does not have access to contact information of persons with protected identity.
ÅAS cannot edit the information in ÅAU’s student register.
3 Why do we process personal data?
We process your personal data for one or more purposes which are listed below.
3.1 Controlling of Student Union membership
To study at a university, one needs to be a member of its student union (Universities Act 558/2009 (§ 46)). A student union membership also entitles certain discounts and services. The physical student card, which a student union member can order, is provided with a validation sticker from the union office as proof of union membership.
Positions of trust such e.g., student representative or member of union council also require union membership.
3.2 Communication and recruitment
ÅAS task is to appoint student representatives to various working groups and bodies within and outside of ÅAU. Since ÅAS is the interest organization for students at ÅAU, ÅAS is also responsible for informing elected student representatives about matters that affect them in their assignments.
3.3 Event arrangements
ÅAS receives personal registrations for events both arranged solely by ÅAS, and to events organized in collaboration with other parties. ÅAS also sends out invitations to some events.
3.4 Rental agreements
ÅAS rents out housing and social spaces. ÅAS also lends equipment.
4 Disclosing personal information
ÅAS does not disclose personal information to third parties.
4.1 Sub- and service providers and partners
For the arrangement of various events, ÅAS can hire service providers. Agreements with partners can also be entered into to provide other services.
These external parties may not use personal information for purposes other than those described in this data protection description and for the purposes established by ÅAS. ÅAS obliges them to keep personal information secret and take sufficient measures to ensure the security of the information.
4.2 Disclosure of personal data based on mandatory legislation
Personal information can be disclosed due to requirements set by an authority or requirements enforced by law.
5 Ensuring that the information is up to date
We ensure the accuracy of the personal information we have by deleting unnecessary information and updating outdated information.
Please note that it is your responsibility to update the personal information you have provided to us if there are changes.
6 How we protect your personal information
We especially focus on data protection and information security when we plan, provide and maintain our services. We use appropriate physical, technical, and administrative protection methods to protect your personal data against misuse. We have appointed people with special responsibility for data protection and information security. We restrict access to systems and databases that contain personal data, and they may only be used by selected persons who need and are authorized to process personal data in their work.
We implement data protection and information security through preventive risk management and by taking data protection and information security into account when planning and when training our employees. We also regularly check that our services comply with the current requirements. We manage risks of misuse of data and other corresponding risks by considering the probability of risks and the nature of the data being protected.
When providing services and when processing personal data, ÅAS can engage subcontractors and service providers. In that case, we ensure through agreements and other arrangements that your personal data is processed in accordance with the legislation, good data protection practices and this data protection description.
7 For how long do we save your information?
We store your data in accordance with applicable law and only for as long as it is necessary for carrying out the purposes set out in this privacy statement. We delete your personal data when the reason for processing of personal data has ceased.
8 Your rights
By law, you have the right to access the information we have collected about you. In addition, you have the right to demand that incorrect, incomplete, unnecessary, or outdated information be corrected or deleted.
You can exercise your right by sending us a request to the contact information provided below.
9 Changes to this privacy statement
ÅAS continuously develops its services and may from time to time make changes to this data protection description without prior notice. Changes may also be due to changes in legislation. We recommend that you read this privacy statement from time to time to learn about any changes to it.
10 Who is the data controller and who can I contact?
The person responsible for the register is the Student Union of Åbo Akademi University, Tavastgatan 22, 20500 Åbo.
If you have questions about privacy protection, you can contact our data representative by e-mail at firstname.lastname@example.org. You can also use the postal address Åbo Akademis Studentkår, Tavastgatan 22, 20500 Åbo.
Please note that for information security reasons, we may need to verify your identity before we can fulfill your request.