Privacy policy
Project Professionals Finland works with individual, corporate and institutional clients. The Association handles personal data carefully and securely. This Privacy Policy describes the procedures that apply to personal data processed by Project Professionals.
1. Register holder
Project Professionals Finland Association (PRY)
Business ID: 1110402-4
Innopoli 1
Tekniikantie12
02150 Espoo
e-mail: info(a)pry.fi
2. Contact person for matters concerning the register
Anna-Maria Mäkelä, CEO, anna-maria.makela(a)pry.fi, tel. +358 504044950
3. Name of the register
PRY's personal register
The register consists of separate sub-registers: the PRY membership register, the event-specific participant register, the marketing register, the certification register and the financial management system. In addition to membership data, the register contains personal data of the associations' trustees, participants in workshops and events, employees and other stakeholders.
4. Grounds for keeping the register
- Preparation and maintenance of the list of members pursuant to Article 11 of the Associations Act (26.5.1989/503)
- Marketing and organisation of events related to the activities of the association
- Register for marketing purposes such as the delivery of newsletters and magazines
- Certification activities
5. Purpose of processing personal data
The registrar uses the membership register primarily to manage the membership of the association and its members.
In addition, the registers also contain data on participants in the Association's events, participants in certification and those who have obtained certificates, PRY staff and board members, as well as other employees of the Association and persons associated with PRY's partnerships.
Access to the information is restricted to those persons employed by the PRY who need it to perform their job functions and, subject to agreed restrictions, to the Association's trustees and contractors.
The personal data stored in the register is used to inform and market PRY events and activities and to market PRY membership. The data may also be used for research (e.g. various surveys) and statistical purposes.
The data may be processed by the data controller for the following purposes:
- maintenance of the association's membership data
- To maintain data on members of member organisations.
- providing information on the services and benefits of the association to its members
- direct marketing to members of the benefits and services offered by the partners of the controller.
- conducting customer relationship communications and marketing and managing contact history
- direct marketing of products and services to members
- activities carried out through online services
- invoicing of membership fees
- developing the activities of the controller
- research and statistical purposes
- processing of data related to certification activities, including enrolments, performance data, and certification fee data
6. Data content of the register
The following information is collected and stored on members:
- Member-related data
- Full name
- contact address
- postcode and place of business
- municipality and country of residence
- telephone and mobile telephone number
- year of birth
- professional title
- employer
- member's consent to direct marketing
- Information relating to membership
- joining SIG groups
- joining regional groups
- type of member
- date of joining and leaving
- membership fee information
- information on the member's participation in associations events
- for a community member, in addition, the category of member, the date of joining and leaving, the contact person, the address of the website and the normal contact details of the community member
- the participation of the person (non-member) in events organised by the Community and subscription to the newsletter
- certification achievements: application, participation in certification examinations, payment details related to certification and certification achievements such as type and validity period
- data collected for research and marketing purposes
7. Regular sources of information
As a general rule, information is obtained from the member himself/herself, or his/her representative. The sources of information are the information provided by members at the time of joining and information received or collected from members during their membership. Changes to members' data are also received, where appropriate, by the Members' Register's own data maintenance service (log-in function on the home page) and by the employer who pays the membership fee, in connection with the purchase and use of services. Information about individuals is also collected for the marketing register when they are contacted verbally or in writing. The data will be kept for the time necessary for the purposes for which it is collected.
8. Regular disclosures of data
As a general rule, the data in the register will not be disclosed to third parties. However, data will be disclosed on a case-by-case basis for the marketing and organisation of various events (e.g. to a partner for the marketing of the 3PMO event and Project Days, but only for this purpose) and to a printing house for the mailing of the Association's magazine. When disclosing information, members' stated prohibitions on disclosing their data will be taken into account. In addition, the data of certified persons will be disclosed to the IPMA database in accordance with the agreements and regulations relating to certification.
Other possible disclosures will be decided by the PRY Board.
9. Transfer of data outside the EU or EEA
The PRY has agreed in writing with all its service providers that the data in the register may not be transferred outside the EU and EEA.
10. Principles for the protection of the register
Appropriate technical and administrative measures are taken to ensure the security of the processing of personal data and the confidentiality, integrity and availability of personal data. Personal data are protected against unauthorised access and unlawful or accidental processing. A user name and password are required to view and modify the data, which are processed by persons specifically authorised by the PRY to process members' data. Access to the system is via an encrypted Internet connection.
11. Right of access and correction of inaccurate data
In accordance with the Regulation, individuals have the right to check the data concerning them contained in the register. The sources of data in the register are indicated above. The request for verification should be sent in writing, signed and addressed to the contact person of the register mentioned in section 2. In the request for inspection, the person must provide the information necessary for the search: full name, address, telephone number and e-mail address.
The reply to the request for inspection shall be sent to the person who made the request by post. A reasonable fee will be charged for the inspection request if less than one year has elapsed since the previous inspection.
The controller shall, without undue delay and at the request of the data subject, rectify, erase or complete personal data contained in the register which are inaccurate, unnecessary, incomplete or out of date for the purposes of processing. The request for rectification shall be addressed to the contact person of the register mentioned in point 2. The request shall contain the facts necessary for the correction of the data and the information necessary to identify the person concerned: full name, address, telephone number and e-mail address. Members may also correct their data by logging into the Members' Register's personal data maintenance service (log-in function on the home page) using their own identities via a secure connection.
12. Right of refusal
A member has the right to prohibit the controller from disclosing or processing data concerning him/her for direct marketing and other direct marketing purposes. The request must be made in writing to info(a)pry.fi. A member can also indicate a prohibition of direct marketing in his/her personal data by logging in to the personal data management service of the members' register (login function on the home page).