Select your language

Ruukinkatu 2, 20540 Turku +358 449843268

Privacy Policy

Baltic Region Association’s Privacy Policy

Baltic Region ry complies with the requirements of the EU’s general data protection regulation (2016/679 EU) and related laws and other regulations. Baltic Region ry makes sure that everyone is aware of the data protection obligations related to their own position.

Baltic Region ry respects and protects the fundamental right of everyone to privacy and data protection. This policy applies to the processing of all personal data for which the Baltic Region  is responsible, regardless of the place, means or other arrangements for their processing.

Baltic Region ry maintains the report required by law and regulations on the processing  operations for which it is responsible. More detailed information can be found in the privacy statement of  the personal register.

  Principles of personal data processing

  The following requirements shall apply to the processing of personal data:

    Legality, reasonableness and transparency
    Purpose limitation
    Data minimization
    Limitation of storage
    Integrity and confidentiality

   The principles are implemented e.g. so that:

  The processing of personal data has a legal basis for processing
   Adequate information shall be provided to the persons whose data are processed treatment.
  Treatment is limited according to the intended use the processing complies with data security    regulations.
 Those whose personal data are processed are given effective opportunities to exercise their  rights and their requests are responded to without delay.

 The risks of the processing of personal data are assessed from the perspective of the data  subject, the risks are minimized, for example through pseudonymous, and an impact assessment of the processing is carried out if the risks are high.

   Only necessary personal data will be processed

   Ensure the accuracy of the information
   Data processing activities are documented

    Data processing practices are regularly evaluated
    The principle of privacy by design is respected
    The Baltic Region Association must be able to demonstrate that the above-mentioned  principles of personal data processing are complied with.

 In its role as an employer, the Baltic Region Association must ensure that every employee is   aware of the importance of the principles of personal data processing and adheres to them,  and takes care of more detailed conditions and protection of data belonging to special groups  of personal data (sensitive personal data).

 The information may be used only by the persons who need it in the course of their work and to the extent necessary for the performance of their duties. Data may only be disclosed with  the person’s own consent or in accordance with law.

A separate consent is requested from the data subject if the data is transferred outside the EU  and EA  not to safe countries. The consent specifically mentions this data protection risk.

Strengthening data protection policy

The Baltic Region Association’s Data Protection Policy was confirmed at the Board meeting  on 15 October 2018.