1. Controller
    GraniAID charity event 
  2. Contact person responsible for the register
    Antti Harsunen 0406879090, antti.harsunen@gmail.com 
  3. Name of the register
    GraniAID website user register
  4. Purpose of processing personal data
    The processing of personal data is based on the legitimate interest of the GraniAID charity in providing and improving the service. Personal data is processed for the following purposes:
    – Improving the user experience on the website
    – Analysis and monitoring of user activity on the website
    – For marketing purposes
  5. Data content of the register
    The register stores information provided by the user, such as:
      Contact information (name, email address, phone number)
      User feedback
      Information collected in connection with the use of the website (IP address, devices and browsers used, user’s activity on the website)
  6. Regular data sources
    The information in the register is obtained on a regular basis:
      From the user when using the website
      About the logs of your use of the website
      on the use of Google Analytics and Hotjar
  7. Regular disclosure and transfer of data outside the EU or EEA
    Personal data is not regularly disclosed to third parties. Data may also be transferred by the controller outside the EU or EEA in connection with Google Analytics and Hotjar services.
  8. Principles of register protection
    Personal data is kept confidential. Access to the register requires a personal username and password, which are only granted to the member of the controller’s staff whose position and tasks are related to the said access.
  9. Right of inspection and right to request correction
    Every person in the register has the right to inspect the data recorded in the register and to request the correction of any inaccurate data or the completion of incomplete data. If a person wishes to check the data stored about him or her or to request a correction, the request must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity.
  10. Other rights related to the processing of personal data
    A person in the register has the right to request the erasure of personal data concerning him or her from the register (“right to be forgotten”). The data subject also has other rights under the EU General Data Protection Regulation, such as the restriction of the processing of personal data in certain situations. Requests should be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity.

This Privacy Policy is dated 2.7.2023. If we make any changes to this notice, we will post the amended notice on our website. These changes may be based on changes in legislation or developments in data processing. We recommend that you consult the contents of the Privacy Policy on a regular basis.