Register and Privacy Policy

This is the Pop & Jazz Conservatory Foundation sr’s register and data protection policy in accordance with the Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Completed 30.11.2020. Latest change 26.09.2024.

  1. Controller
    Pop & Jazz Conservatory Foundation sr
    Muotoilijankatu 1B
    00560 Helsinki
  2. Contact person responsible for the register
    Pia Bondestam, Head of Administration, (Data Protection Officer)
  3. Name of the register
    Pop & Jazz Conservatory Marketing Register
  4. Purpose of the register
    The personal data collected will be used for:
    Customer authentication and access rights management. To deliver subscriptions to registered users and to maintain and develop customer relations.
  5. Legal basis and purpose of the processing of personal data
    The legal basis for the processing of personal data under the EU General Data Protection Regulation is.
  • the person’s consent (documented, voluntary, individualised, informed and unambiguous)
  • a contract to which the data subject is a party
  • law
  • the exercise of a public function, or
  • legitimate interest of the controller (e.g. customer relationship, employment relationship, membership).

The purpose of processing personal data is to contact customers, maintain customer relations and marketing.

The data will not be used for automated decision-making or profiling.

  1. Data content of the register
    The data stored in the register includes: the name of the person, the company/organisation, if any, contact information (telephone number, e-mail address, address), website addresses, IP address of the network connection, information on ordered services and changes thereto, billing information, other information related to the customer relationship and ordered services.

The information collected is kept for the duration of the customer relationship and for marketing purposes for two (2) years after the customer relationship has been established.

  1. Regular data sources
    The data stored in the register is obtained from the customer through, for example, messages sent via web forms, email, telephone, social media services, contracts, customer meetings and other situations where the customer discloses their data.
  2. Regular data disclosures and data transfers outside the EU or EEA
    No data is regularly disclosed to other parties. The data will not be transferred outside the EU or EEA.
  3. Principles of register protection
    The register is handled with care and the data processed by the information systems are adequately protected. When the data is stored on Internet servers, the physical and digital security of the hardware is adequately ensured. The controller shall ensure that stored data, server access rights and other information critical to the security of personal data are treated confidentially and only by employees whose job description includes this.
  4. Use of cookies
    We use cookies on our website. cookies. A cookie is a small text file that is sent to and stored on a user’s computer, which enables a website operator to identify frequent visitors to the website, to facilitate the log-in of visitors to the website and to allow the compilation of aggregate data about visitors. Cookies do not harm users’ computers or files. Our website uses cookies to identify and speed up the process of visitors logging on to our services.
    If a user visiting our website does not want us to receive the above information through cookies, most browsers allow you to disable the cookie function. This is usually done through your browser settings.
    However, please note that cookies may be necessary for the proper functioning of some of the pages we maintain and services we provide.
  5. Right of inspection and right to request correction
    Every person in the register has the right to inspect the data recorded in the register and to request the correction of any inaccurate data or the completion of incomplete data. If a person wishes to check the data stored about him or her or to request a correction, the request must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity. The controller will respond to the customer within the time limit set by the EU General Data Protection Regulation (usually within one month).
  6. Other rights relating to the processing of personal data
    A data subject in the register has the right to request the erasure of personal data concerning him or her from the register (“right to be forgotten”). Data subjects also have other rights under the EU General Data Protection Regulation, such as the restriction of processing of personal data in certain situations. Requests should be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity. The controller will respond to the customer within the time limit set by the EU General Data Protection Regulation (usually within one month).
Scroll to Top