Description of the data file and data protection

Table of contents

Music Finland customer data files

Data file controller and contact information

Music Finland ry
Business ID: 2502166-8
Keilasatama 2 A
02150 Espoo, Finland
talous@musicfinland.fi
tel.: +358 (2)0 730 2230

Name of the data file

Music Finland customer data files

Information stored in the data files

The following information can be stored:

a) in the event/project data files:

  • First and last name
  • Name and business ID of the organisation
  • Billing and mailing address
  • E-mail address
  • Telephone number
  • Special diet
  • Information on the event/project in which the data subject has participated and/or information on the export support received/applied for
  • Free-form answers

b) in the professional contact data file

  • First and last name
  • Name and business ID of the organisation
  • Occupation
  • Nationality (options: Finnish or not Finnish)
  • Telephone number
  • E-mail address
  • Mailing address
  • Contact group

c) in the data file created for statistical reporting:

  • First and last name
  • Name and business ID of the organisation
  • Information on the event/project in which the data subject has participated and/or information on the export support received/applied for
  • Nationality (options: Finnish or not Finnish)
  • Mailing address
  • Telephone number
  • E-mail address

d) in the newsletter subscription data file:

  • First and last name
  • Name of the organisation
  • E-mail address

e) customer and supplier data file for the accounting system:

  • First and last name
  • Personal identification number
  • Name and business ID of the organisation
  • Billing and mailing address
  • E-mail address
  • Telephone number
  • Project information

f) research data file

  • First and last name
  • Name and business ID of the organisation
  • Gender
  • Occupation
  • Place of residence
  • Year of birth
  • Organisation membership
  • Income
  • Optional free-form answers

Purpose of use of the data in the file

The personal data collected is used for

a) administration and organisation of events and projects, as well as collecting related statistics,

b) contacting partners and customers,

c) producing and collecting statistics on the financial statements, financier reports and internal reporting,

d) communications and notifications about events, if the person has subscribed to the newsletter mailing list,

e) billing and accounting,

f) producing research and investigations related to the data controller’s line of business.

Data storage period

a) The data in the event/project data file are stored for a maximum of two years after the end of the event/project and/or the completion of the related financier reporting.

b) The data in the professional contact data file are stored for as long as the contact is relevant. The data are deleted at the request of the data subject or upon receiving notification that a contact is no longer valid.

c) The data in the file created for statistical reporting are stored for as long as the data on the statistics in question are being monitored.

d) The data in the newsletter subscription data file are stored for as long as the newsletters are relevant to their subscribers and/or the data subject notifies the controller of their desire to be removed from the mailing list.

e) The data in the customer and supplier data file for the accounting system are stored for the time period required by the Accounting Act.

f) Data that can be used to identify individual persons are erased as soon as the research is completed.

Regular data sources

The data subjects themselves when they register for and/or participate in a project/event or similar function organised by the data controller. Other reliable parties and existing data registers can also be used based on the consent of the data subject.

Regular handing over of information and data transfers outside the EU or European Economic Area

The following parties have access to the data:

  • The data controller’s employees
  • The personal data processors
  • For applicable parts, third parties

Parts of the data may be handed over to third parties to the extent required for the measures the data controller has promised to provide to its customers. The data controller ensures that the data security of the third party has been implemented to the necessary extent.

Parts of the data may be handed over to a personal data processor for the purpose of sending ordered newsletters outside of the European Economic Area. The data controller ensures that the data security of the third party and personal data processor have been implemented to the necessary extent. The following data may be handed over to parties outside the European Economic Area:

  • First and last name
  • E-mail address

Principles of data protection

Music Finland ry has drawn up a data protection policy detailing the good data security practices with which Music Finland ry complies.

Manual material: The data are stored in the data controller’s locked business premises.

Electronic material: The data files are stored

  • on an encrypted network drive that can be accessed only by the data controller’s employees and the network server’s service provider, i.e. the personal data processor.
  • On the service provider’s encrypted servers, which can be accessed only by a part of the data controller’s employees and by the service provider, i.e. the personal data processor.

Right of inspection and right to request the rectification or erasure of the data

The data subject has the right to inspect the data stored in the file pertaining to the data subject. Music Finland ry shall, on its own initiative or at the request of the data subject, rectify, anonymise, erase or supplement personal data contained in its personal data file that is erroneous, unnecessary, incomplete or obsolete as regards the purpose of the processing. The data subject can make any requests for rectification or erasure of data either in writing by mailing an individualised request for rectification or erasure, signed by their own hand, to Music Finland ry’s mailing address, or by sending an e-mail to Music Finland. The contact information can be found in the section “Data file controller and contact information”.

Music Finland composer customer data files

Data file controller and contact information

Music Finland ry
Business ID: 2502166-8
Keilasatama 2 A
02150 Espoo, Finland
talous@musicfinland.fi
tel.: +358 (2)0 730 2230

Name of the data file

Music Finland composer customer data files

Information stored in the data files

The following information can be stored

a) in the data controller’s encrypted composer customer application data file, composer customer contract data file and composer customer data file

  • First and last name
  • Personal identification number
  • Mailing address
  • E-mail address
  • Telephone number
  • Date of birth
  • Photograph
  • Works and list of works CV

b) in public data files (websites, online store, sales and promotion communications)

  • First and last name
  • Date of birth and death
  • Photograph
  • Works and list of works

Purpose of use of the data in the file

The personal data collected is used for

  • The sales and promotion of composer customers’ works as detailed in their contracts
  • Communication between composer customers and the data controller
  • Billing
  • Carrying out the customer application process

Data storage period

The data are stored for as long as the composer customer contract is in effect.

Regular data sources

The data subjects themselves when they apply to be Music Finland’s composer customers. Other reliable parties and data registers can also be used based on the consent of the data subject.

Regular handing over of information and data transfers outside the EU or European Economic Area

The following parties have access to the data:

  • The data controller’s employees
  • The personal data processors

The data controller ensures that the data security of the personal data processor has been implemented to the necessary extent.

The data will not be handed over to third parties or outside the European Economic Area.

Principles of data protection

Music Finland ry has drawn up a data protection policy detailing the good data security practices with which Music Finland ry complies.

Manual material: The data are stored in the data controller’s locked business premises.

Electronic material: The data files are stored

  • on an encrypted network drive that can be accessed only by the data controller’s employees and the network server’s service provider, i.e. the personal data processor.
  • On the service provider’s encrypted servers, which can be accessed only by a part of the data controller’s employees and by the service provider, i.e. the personal data processor.

Right of inspection and right to request the rectification or erasure of the data

The data subject has the right to inspect the data stored in the file pertaining to the data subject. Music Finland ry shall, on its own initiative or at the request of the data subject, rectify, erase or supplement personal data contained in its personal data file that is erroneous, unnecessary, incomplete or obsolete as regards the purpose of the processing. The data subject can make any requests for rectification or erasure of data either in writing by mailing an individualised request for rectification or erasure, signed by their own hand, to Music Finland ry’s mailing address, or by sending an e-mail to Music Finland. The contact information can be found in the section “Data file controller and contact information”.

Music Finland research data files

Data file controller and contact information

Music Finland ry
Business ID: 2502166-8
Keilasatama 2 A
02150 Espoo, Finland
talous@musicfinland.fi
tel.: +358 (2)0 730 2230

Name of the data file

Music Finland research data files

Information stored in the data files

The following information can be stored:

  • First and last name
  • Name and business ID of the organisation
  • Gender
  • Occupation
  • Place of residence
  • Year of birth
  • Organisation membership
  • Income
  • Optional free-form answers

Purpose of use of the data in the file

The personal data collected are used for producing research and investigations related to the data controller’s line of business.

Data storage period

Data that can be used to identify individual persons are erased as soon as the research is completed.

Regular data sources

The data subjects themselves when participating in research. Other reliable parties and existing data registers can also be used based on the consent of the data subject.

Regular handing over of information and data transfers outside the EU or European Economic Area

The following parties have access to the data:

  • The data controller’s employees
  • The personal data processors

Data from individual studies can be handed over to a third party with the consent of the data subject if Music Finland carries out the study in cooperation with the third party.

The data controller ensures that the data security of the personal data processor and any third parties has been implemented to the necessary extent.

The data will not be handed over to parties outside the European Economic Area.

Principles of data protection

Music Finland ry has drawn up a data protection policy detailing the good data security practices with which Music Finland ry complies.

Manual material: The data are stored in the data controller’s locked business premises.

Electronic material: The data files are stored

  • on an encrypted network drive that can be accessed only by the data controller’s employees and the network server’s service provider, i.e. the personal data processor.
  • On the service provider’s encrypted servers, which can be accessed only by a part of the data controller’s employees and by the service provider, i.e. the personal data processor.

Right of inspection and right to request the rectification or erasure of the data

The data subject has the right to inspect the data stored in the file pertaining to the data subject. Music Finland ry shall, on its own initiative or at the request of the data subject, rectify, anonymise, erase or supplement personal data contained in its personal data file that is erroneous, unnecessary, incomplete or obsolete as regards the purpose of the processing. The data subject can make any requests for rectification or erasure of data either in writing by mailing an individualised request for rectification or erasure, signed by their own hand, to Music Finland ry’s mailing address, or by sending an e-mail to Music Finland. The contact information can be found in the section “Data file controller and contact information”.

Music Finland newsletter subscription data file

Data file controller and contact information

Music Finland ry
Business ID: 2502166-8
Keilasatama 2 A
02150 Espoo, Finland
talous@musicfinland.fi
tel.: +358 (2)0 730 2230

Name of the data file

Music Finland newsletter subscription data file

Information stored in the data files

The following information can be stored

  • First and last name
  • Name of the organisation
  • E-mail address

Purpose of use of the data in the file

The personal data collected is used for

  • Communications and notifications about events, if the person has subscribed to the newsletter mailing list

Data storage period

The data in the data file are stored for as long as the newsletters are relevant to the customers and/or the data subject notifies the controller of their desire to be removed from the mailing list.

Regular data sources

The data subjects themselves upon subscribing to the newsletter. Other reliable parties and data registers can also be used based on the consent of the data subject.

Regular handing over of information and data transfers outside the EU or European Economic Area

The following parties have access to the data:

  • The data controller’s employees
  • The personal data processors

The data will not be handed over to third parties.

Parts of the data may be handed over to a personal data processor for the purpose of sending ordered newsletters outside of the European Economic Area. The data controller ensures that the data security of the personal data processor has been implemented to the necessary extent.

Principles of data protection

Music Finland ry has drawn up a data protection policy detailing the good data security practices with which Music Finland ry complies.

Manual material: The data are stored in the data controller’s locked business premises.

Electronic material: The data files are stored

  • on an encrypted network drive that can be accessed only by the data controller’s employees and the network server’s service provider, i.e. the personal data processor. On the service provider’s encrypted servers, which can be accessed only by a part of the data
  • controller’s employees and by the service provider, i.e. the personal data processor.

Right of inspection and right to request the rectification or erasure of the data

The data subject has the right to inspect the data stored in the file pertaining to the data subject. Music Finland ry shall, on its own initiative or at the request of the data subject, rectify, anonymise, erase or supplement personal data contained in its personal data file that is erroneous, unnecessary, incomplete or obsolete as regards the purpose of the processing. The data subject can make any requests for rectification or erasure of data either in writing by mailing an individualised request for rectification or erasure, signed by their own hand, to Music Finland ry’s mailing address, or by sending an e-mail to Music Finland. The contact information can be found in the section “Data file controller and contact information”.