Personal data processed by the Council of Tampere Region

On this page, you can find more detailed information about the personal data processed by the Council of Tampere Region. The information is intended to supplement general information related to data protection and the rights of the data subject. The information is supplemented and updated regularly. If you cannot find the information you are looking for, please contact Data Protection Officer Marianne Koski by email at tietosuojavastaava@pirkanmaa.fi or by phone on +358 44 422 2258.

Websites and the cookies and services used on them

This website is intended as the official communication channel of the Council of Tampere Region for the performance of statutory duties and information purposes. The website processes personal data. Information about all visitors to the website is collected using cookies. Cookies are used to track online behaviour. This includes information on the websites visitors have come from, what the most popular pages are and how they navigate the pages.

In addition, usage-related technical information is collected, for example, on the terminal device and browsers. We use this information to gain an understanding of how visitors behave on the website and to improve it to better meet users’ needs. We do not use cookies to identify users or transfer data to third parties. By visiting the Council of Tampere Region’s website, you agree to the use of cookies. Cookies can be turned off in your browser settings. For more information about cookies and their management, please visit  the Finnish Transport and Communications Agency’s Confidential communications page.

The website uses the Google Analytics service as well as the social media applications Facebook and Twitter. Google Analytics stores information about the number of visitors to the site, as well as how they navigate the site, how long they stay on the site, how they access the site and which links they click on. Social media applications are used to track social media shares. Personal data from Google Analytics visitor tracking and social media plugins for monitoring shares are transferred outside the EU and EEA.

Case management system

In our operations, we need information on pending and already resolved matters. With the help of a case management system and a record, the handling of matters under preparation is monitored and information is provided on the matter’s progress, processing stages and decisions. In our operations, we comply with, for example, the Local Government Act, the Administrative Procedure Act, the Archives Act, the Act on the Openness of Government Activities, the Act on Information Management in Public Administration and the EU’s General Data Protection Regulation. In accordance with the Local Government Act, we are required to publish appealable decisions on the website. The retention periods of documents and their register data are guided by an archiving plan, the retention periods of which are based on several laws, the National Archives of Finland’s regulations on permanently stored documents and the Association of Finnish Municipalities’ recommendations on documents to be retained for a fixed term.

Payment of remuneration

For the payment of remuneration, personal details and bank account information will be requested from those in positions of trust and from employees or persons who perform work on the basis of an assignment or other agreement. This information is collected so that we are able to perform all tasks related to payment.

Personal data may be disclosed to others, for example, on the basis of the Act on the Openness of Government Activities. Our payment transactions have been outsourced, so your payment information will be delivered to the operator in question. In addition, your data will be disclosed to the Incomes Register, from which it is available to, for example, tax authorities, pension insurance companies and accident insurance companies, as well as, if necessary, other authorities, such as the National Enforcement Authority Finland. Your data will also be processed for the production of reports and statistics.

Recruitment

The following personal data are processed for recruitment purposes: the applicant’s identifying information, education and training information, language skills and previous work experience, as well as information on competence in different fields and the applicant’s profile description. We encourage you to only disclose information necessary for job search in your profile description. Sensitive personal data or confidential information should not be disclosed in the application. There is also no need to include the latter part of your personal identity code in the application.

Personal data are processed by the person registering the application, HR, recruiting managers and possible assisting (external) experts. As a rule, your application is a public document. The information that you have applied for a position becomes public as soon as the application is registered. We may disclose personal data on a separate request to, for example, other parties involved in recruitment. We ensure that only relevant information is provided and other information is protected.

Surveys

From time to time, we conduct surveys to develop our operations, to carry out our statutory duties and the projects we manage, as well as to engage stakeholders, partners and residents. We process data with the consent of the data subject for the performance of a task carried out in the public interest and for the exercise of public authority vested in the controller. Responses are examined at the group level, and the respondents will not be identified. Responses are stored only for as long as necessary; however, in EU projects, the archiving obligation for project material is 10 years from the end of the project.

If contact information is collected from respondents, the information is usually limited to the respondent’s name and email address. However, the surveys are usually anonymous. The Webropol tool is also used to conduct anonymous surveys embedded on the Council’s website, and these surveys do not collect personal data in the register. Data in the register are deleted every six months in accordance with the annual data protection plan.

Surveys are conducted using Microsoft Forms, Webropol and Lyyti, and the data will not be combined with other personal data registers or disclosed to third parties.

Event attendee registers

The processing of personal data is based on the data subject’s consent, and the purpose of the processing is the processing of personal data of persons who have registered for the events of the Council of Tampere Region. This includes the management and enabling of registrations, contacts and transactions, as well as reporting and other measures related to the event. The data are always processed in connection with the event in question.

The personal data collected in the register are retained for as long as necessary to enable registration and the organisation of the event. Attendee data are stored only for as long as necessary, but in EU projects, the attendee lists are part of the project documentation, the storage period of which is 10 years from the end of the project.

The collected dietary data is transferred to third parties in such a way that the person’s name is removed from the data.

You can opt out of receiving invitations in the future according to the instructions in the invitation. The data are not connected to other personal data registers. The Lyyti event management system is used for event attendee registers.

Newsletters, mailing lists

We use mailing lists to inform you about current issues related to the activities, events and meetings of the Council of Tampere Region or projects managed by it. At the moment, the Council of Tampere Region only forwards its own newsletter. The subscriber can unsubscribe from the mailing list at any time. Subscribing to the Council of Tampere Region’s newsletter is voluntary. Personal data collected through the service (first and last name and email address) are processed in the Creamailer newsletter service.

The Creamailer Privacy Statement is available here (only in Finnish).

The Creamailer data balance sheet is available here (only in Finnish).

Project activities

The Council of Tampere Region has a number of projects underway that are funded nationally and with EU funds. In connection with the implementation of the projects, we use various tools, such as O365 cloud services, which may contain personal data. The collection of personal data in cloud services is based on the data subject’s consent.

Project funding

The Council of Tampere Region acts as an intermediate body in terms of both national funding and the European Regional Development Fund (ERDF).

In ERDF projects, the EURA system is used, in which the Council of Tampere Region acts as the data processor and the Ministry of Economic Affairs and Employment of Finland acts as the controller. The Ministry of Economic Affairs and Employment of Finland is responsible for the privacy policies of the EURA system.

In terms of national funding, the Council of Tampere Region acts as the controller, and the processing of personal data is based on compliance with the controller’s statutory obligation. The processed personal data include, for example, the data subject’s name, address, telephone number, email address, salary information, possible travel invoices, working hours monitoring and other personal data arising from the reporting of the project. Both paper and electronic materials can only be accessed by persons whose duties include the processing of such data.

The archiving obligation for materials related to project funding is 10 years from the end of the project.

Requests for comments

As a result of several regulations, the Council of Tampere Region issues statements on future plans. Requests for comments may include location and contact information related to the matter in question. As a rule, requests for comments concern larger matters instead of the data of individual persons. If the material in question contains confidential information, it must be indicated clearly in the request to ensure appropriate handling of the information.