General Privacy Policy of the Finnish Association of International Affairs (FAIA ry)
1. Data Controller

Finnish Association of International Affairs (FAIA ry).

2. Contact Person

Board member responsible for memberships. All inquiries and requests regarding this privacy policy must be submitted in writing to: memberships@faiafinland.fi.

3. Purpose and Legal Basis for Processing Personal Data

We collect and process only personal data necessary for carrying out our operations and maintaining member relations. Personal data is processed by the board member responsible for memberships. Other board members may also process personal data when necessary for fulfilling their duties.

We process personal data for the following purposes:

  1. Fulfilling the association’s legal obligations, including the maintenance of a membership register.
  2. Processing membership applications, managing memberships, and internal reporting.
  3. Organizing the association’s events and activities and providing membership benefits/services.
  4. Other purposes to which you have given your consent.
4. Collection of Personal Data

We collect and process, for example, the following categories of personal data

  1. Membership register data.
  2. Information provided for participation in association events and activities, such as: Name, email, and phone number.

We collect personal data in the following ways:

3. Information provided in conjunction with the payment of the membership fee (Section 4.1), which is recorded in a separate membership register. FAIA uses Holvi Payment Services Oy as its banking service provider, which stores data related to membership joining. By joining FAIA, the person also accepts Holvi Payment Services Oy’s privacy policies. FAIA ry is not responsible for Holvi’s privacy policies..
4. Information provided when participating in association events or activities (Section 4.2), collected for example through Google Forms registration forms.

5. Transfers and Disclosures of Personal Data

Personal data contained in the association's membership register is not disclosed to third parties or transferred outside the EU/EEA. FAIA stores and processes personal data in accordance with the EU General Data Protection Regulation (GDPR). The membership register is held only by the board member responsible for member recruitment, who may share data with other board members in accordance with section 3.

The association may disclose personal data given for participation in association events and activities to FAIA’s cooperation partners to enable the organization of events and activities. Only the data necessary for organizing the activity or event (e.g., name and email address) may be disclosed.

6. Retention Period

We retain personal data as follows:

  1. Jäsenrekisterin sisältämät henkilötiedot: Yhdistyksen jäsenen jäsentiedot poistetaan jäsenrekisteristä, kun jäsen ei enää ole yhdistyksen jäsen.
  2. Data provided for participating in the association’s events and activities: Personal data provided for participating in the association’s events and activities is retained for as long as necessary to carry out the event or for a period dictated by the nature of the activity thereafter.
7. Rights of the Data Subject

Jokaisella rekisteröidyllä on tietojensa käsittelyä koskeva:

  1. Right of access: The right to review the personal data stored in the register. If the data is incorrect or incomplete, the data subject may request corrections or additions.
  2. Right to object: The right to object to the processing of their personal data if they believe it has been handled unlawfully or without proper grounds.
  3. Right to erasure: The right to request deletion of personal data stored in the register. This does not apply to data collected by Holvi Payment Services Oy during membership registration.
  4. Right to data portability: The right to transfer data from one system to another.
  5. Right to lodge a complaint: The right to file a complaint with the Data Protection Ombudsman if the data subject believes that the data has been processed in violation of applicable data protection legislation

The data controller may refuse to fulfill an objection or erasure request only on legally justified grounds.

8. Modifications to This Privacy Policy

Modifications to this policy may be made at association meetings. The current privacy policy was updated on 23.6.2025.