1. Data controller
Third Rock Finland Oy (2758301-5)
Eteläinen Makasiinikatu 4
00130 Helsinki
2. Person responsible for the register data
Leo Stranius
3. Purpose and legal basis for processing personal data
The data is used to collect registrations for webinars organised by Third Rock.
The processing of the data is based on Article 6(1a) of the EU General Data Protection Regulation.
The personal data of participants is collected for the purposes of organising the event and for the purpose of informing participants about the event. We only collect personal data from the user that is necessary for the purposes of the event.
Personal data will only be processed for predefined purposes, which are:
– Organising the event and meeting specific needs
– Providing information and publicity about the event
– Gathering feedback on the event
– Post-event communication
– Marketing of similar events
4. Sources and content of data
The regular data sources are the data provided by the participant. The data is collected at the time of registration via the registration form on the website. Information provided by e-mail, telephone or at a meeting may also be recorded if it has an impact on the organisation of the event.
The following information will be collected from registrants:
– Name
– E-mail address
– Organisation and position
When registering, registrants can also subscribe to the newsletter.
5. Webinar recording
The webinar will be accessed via a public link. Webinars are held on Microsoft Teams, Zoom or Google Meet.
The webinar and associated chat conversation will be stored in the cloud for internal use by Third Rock. When the meeting is recorded, the platform used will display a notification to all participants.
6. Transferring data
Access to the data is restricted to those persons employed by Third Rock and its subcontractors whose job duties require them to process the data. Data is protected in an appropriate way: computers and systems are protected by technological solutions. Data is not passed on to third parties. Personal data are is transferred outside the EU and the European Economic Area.
7. Retention period of personal data
Personal data will be stored until the measures related to the webinar have been implemented (e.g. follow-up communication of the webinar). The email address of subscribers to the newsletter will be kept as long as the newsletter subscribed to is published or until the person unsubscribes from the email list.
Address information will be deleted immediately after the webinar invitation has been sent.
8. Rights of the data subject
The data subject has the right to:
– Request access to personal data concerning him or her from the controller and the right to request the rectification or erasure of such data.
– Request from the controller restriction of or objection to the processing of personal data concerning him or her, and the right to have the data transferred from one system to another.
– To the extent that the processing of personal data is based on the data subject’s consent, the right to withdraw consent at any time, without prejudice to the lawfulness of the processing carried out on the basis of consent before its withdrawal.
– To lodge a complaint about the processing of personal data with a national supervisory authority if the data subject considers that the processing of personal data concerning him or her infringes the EU General Data Protection Regulation.
This Privacy Policy was last updated on September 1, 2021.