You are here

Privacy Policy

Personal Data Act (523/99) Sections 10 and 24
Created on 12.12.2018

Controller

A-Clinic Foundation (Business ID 0200924-4)
Ratamestarinkatu 7, 00520 Helsinki
010 50 650 (exchange), paihdelinkki@a-klinikka.fi

Contact person responsible for the data file

Data Protection Officer Maria Inkinen
Ratamestarinkatu 7, 00520 Helsinki
010 50 650 (exchange), maria.inkinen@a-klinikka.fi

Name of the data file

Member and personal data register of the Päihdelinkki.fi website.

Purpose of processing personal data

The data provided in the Päihdelinkki services is used for customer relationship management, statistics, service development, marketing and research. The data collected in the Päihdelinkki services can be used for research, reporting or development purposes. The data may only be used in a form that has been stripped of any identifying information.

The justification for processing personal data is the personal consent provided by the data subject when filling in the form.

Data content of the data file

When completing tests, the system automatically records the IP address of the person filling in the form. In the feedback form, an e-mail address may optionally be provided for the purpose of answering. The system automatically records the IP address of the person filling in the form.

Data retention

The data provided in the Päihdelinkki services will be retained as a rule until the data provider requests the administration to delete his or her personal data. Anonymized data may be stored for research and reporting purposes.

Regular sources of data

Data files are compiled using data on electronic forms that has been personally provided by the person filling in the form. The IP address is automatically saved in the system.

Regular disclosures of data and transfer of data outside the EU or EEA

The data collected in the Päihdelinkki services can be used for research, reporting or development purposes. The data may only be used in a form that has been stripped of any identifying information. The controller is bound by the duty to notify the authorities under the Child Protection Act (13 April 2007/417) and the Penal Code (19 December 1889/39). Undisputed suicide notes and clear threats of violence against a person are reported to the police.

Information is not disclosed for direct marketing or opinion polls.

Principles of data file protection

The data file is processed with due care and data processed using data systems are adequately protected. The data security of the data file stored on web servers is appropriately ensured. The controller shall ensure that stored data, server access privileges and other data that are critical to the security of personal data are processed confidentially and only by employees whose job descriptions include the processing of the data.

Right of access and right to rectification

Every person in the data file has the right to access his or her data stored in the data file and to demand that any inaccurate data be rectified or incomplete data completed.

If a person wishes to access his or her data or demand rectification, the request should be sent in writing to the controller. The controller may, if necessary, request the applicant to prove his or her identity. The controller shall reply to the customer within the time period set by the EU Data Protection Regulation.

Other rights related to the processing of personal data

A person in the data file has the right to request the erasure of his or her personal data from the data file. Requests concerning the restriction of processing or erasure of personal data should be sent in writing to the controller. The controller may, if necessary, request the applicant to prove his or her identity. The controller shall reply to the customer within the time period set by the EU Data Protection Regulation.