Privacy statement

Privacy statement

In this privacy statement, we describe how and for what purposes Yrityssalo Oy (hereinafter “Yrityssalo” or “we”) processes the personal data of its customers and other contact persons. Our customers are primarily companies’ contact persons or private individuals planning to start a business. We also process the personal data of project partners, stakeholder representatives, newsletter subscribers and event participants.

Yrityssalo is a development corporation owned by the City of Salo, whose basic task is to provide free advice services for companies and people planning entrepreneurship.

Controller and contact details

Controller: Yrityssalo Oy

Address: Joensuunkatu 7, 24100 Salo

Email: yrityssalo@yrityssalo.fi

Telephone: 02 778 73

Data Protection Officer: tommi.virtanen@yrityssalo.fi

Purposes of processing

We process personal data for the following purposes:

  •  Provision of services and customer relationship management

We process personal data to provide services and maintain customer relationships.

  •  Development of Yrityssalo services

We process personal data to develop our operations and provide better service

  • Marketing of services and events

We want to communicate information about our services and future events to our customers and newsletter subscribers. As a newsletter subscriber, you can unsubscribe at any time by following the link in the email messages.

  •  Organisation of events

We process personal data to organise events aimed at supporting the conditions for growth in the Salo region and promoting companies’ competitiveness.

  •  Reporting

As part of our operations, we process personal data to compile statistics for reporting purposes. In addition to our own statistical purposes, this includes reporting to the Finnish Enterprise Agency (Uusyrityskeskus) and project-specific reporting to operators that fund EU-level and national-level projects, for example.

  •  Statutory obligations

We process personal data to comply with statutory obligations where required by applicable legislation. These statutory obligations relate to purposes such as accounting and taxes.

Legal basis for processing

Legitimate interest

The legal basis for the processing of personal data is the legitimate interest of Yrityssalo in developing and providing services, managing customer relationships, organising events and carrying out marketing.

Consent

The processing of your personal data is based on consent when you subscribe to our newsletter or give your consent to the processing in connection with an event registration. You may withdraw your consent to the processing of personal data at any time.

Legal obligation

We process personal data on the basis of a legal obligation when required by applicable legislation.

Categories of personal data

For the purposes of processing referred to in this privacy statement, we process the following categories of personal data:

  • Basic information such as name, contact details and gender;
  • Nationality and service language;
  • Title and area of responsibility;
  • Company information;
  • Information concerning employment situation, education and skills;
  • Interests;
  • Photograph (if provided e.g. in connection with event participation);
  • Information on food allergies (if provided e.g. when registering for an event);
  • Information related to terminal device and online behaviour.

Sources of personal data

We primarily obtain personal data from you or the company you represent. Personal data is also obtained from the following sources: company websites, social media, the Finnish Trade Register, the Business Information System (YTJ), Suomen Asiakastieto Oy, the Finnish Patent and Registration Office (PRH) and Statistics Finland.

Recipients of personal data

With us, your personal data is only processed by employees who are authorised to do so when carrying out their duties. Third parties will process your personal data only in the following situations:

Service providers used by Yrityssalo

We use service providers to carry out our operations efficiently. We use service providers for various purposes, such as marketing, customer relationship management, service development, event organisation and invoicing. The service providers we use process personal data on our behalf and all processing of personal data is agreed upon with the service providers. Service providers may only process personal data for processing purposes specified by Yrityssalo.

Disclosure of personal data

In certain situations, we can disclose your personal data to our project partners or authorities. Some of our project partners require visibility into personal data as part of project reporting. This kind of disclosure for example happens in projects funded by the European Structural Funds. We may also have to disclose your data to the authorities if we have a statutory obligation to do so.

Transfer of personal data outside the European Union or the European Economic Area

Some of our service providers process personal data outside the European Union (EU) or the European Economic Area (EEA). To protect such cross-border data transfers, we use appropriate safeguards, such as the European Commission’s standard contractual clauses.

Retention period of personal data

We retain personal data in accordance with the necessity of processing and applicable legislation. Unless otherwise required by a statutory obligation or project-specific need, personal data is retained as follows:

  • As a rule, customer contact information is retained for two years from the latest activity. The data will then be deleted unless the customer expresses their desire to continue the customer relationship.
  • Event registrations are deleted two years after registering for the event.
  • You can cancel your newsletter subscription at any time. If you unsubscribe from the newsletter, we will no longer process your personal data for sending the newsletter.
  • Event participant lists are retained for the duration of the project and for the duration of the archiving obligation required by the project funder. For project data, the minimum retention period is 10 years from the date of receipt of the data.

Rights of the data subject

As a data subject, you have the possibility to influence how your personal data is processed. To submit a request related to your rights, send email to yrityssalo@yrityssalo.fi. As a data subject, your rights are:

Right of access
The data subject has the right to access the processed personal data and information on the processing of personal data.

Right to rectification
The data subject has the right to require that the controller rectify inaccurate and incorrect or incomplete data concerning them.

Right to erasure
The data subject has the right to require that the controller erases personal data concerning the data subject if the conditions laid down separately are met.

Right to transfer data
The data subject has the right to require that the controller transfer the personal data to another organisation if the conditions laid down separately are met.

Right to restriction of processing
The data subject has the right to require that the controller restrict the processing of personal data if the conditions laid down separately are met.

Right to object to the processing of personal data
The data subject has the right to object to the processing of personal data concerning them.

Right to lodge a complaint with the supervisory authority
The data subject has the right to lodge a complaint concerning the processing of personal data with the Office of the Data Protection Ombudsman (https://www.tietosuoja.fi).