Privacy and security are highly important to us and all personal data is processed in accordance with applicable laws and regulations, such as GDPR and the Finnish Association Act that requires us to keep a member registry.
Name: Women in Games Ry
What personal data we collect
Member applicants and members:
Occupation, Title, and a represented organisation
Any other information shared during the application process
This information is submitted by the applicants themselves.
Partners and stakeholders:
Occupation, Title, and an organisation
This information is shared by the persons themselves.
Legal basis for processing of personal data
The legal basis of processing personal data comes from the Finnish Association Act (Yhdistyslaki) that requires the Controller to maintain a member registry as well as provide the necessary information for the Controller to fulfill its purpose.
The purpose of processing this data is to evaluate member applications at board meetings once a month as per required by the Association Act and to provide relevant information to the members.
Transfer to countries outside Europe
Membership applications are submitted via third-party service MailChimp, which may transfer data outside of the EU/EEA.
Personal data is shared within the board of the Controller when it’s absolutely necessary. The Controller doesn’t share any personal data with our partners or stakeholders unless it’s with explicit consent from the membership applicant.
The Controller doesn’t share any personal data with third parties unless it’s for legal reasons and in accordance with applicable laws and regulations or unless it’s necessary in order to authorised service providers, such as data storage or marketing services, to function.
The Controller does not store personal data longer than is legally permitted and necessary for the Controller to fulfill its purpose.
Controller enables the membership applicants, members, partners, and stakeholders to have access to their personal data against a written and signed request emailed to email@example.com.
Membership applicants, partners, and stakeholders have a right to withdraw their consent for processing their personal data, a right to correct their data, and a right to have their data deleted.
All personal data stored and processed by the Controller are reasonable and appropriately protected from unauthorised access through physical and digital safety measures, such as limited access, strong logins, and relevant firewall and other safety services. The member applicants, members, stakeholders, partners, and relevant authorities are immediately notified should any personal information fall into wrong hands.