GDPR

Privacy notice of the Finnish Business Angels Network Your privacy is important to us, and we at the Finnish Business Angels Network (FiBAN) make it our priority to keep our members and other stakeholders informed on how we process their personal data. In this Privacy Notice, we describe how we collect and process the personal […]

Privacy notice of the Finnish Business Angels Network

Your privacy is important to us, and we at the Finnish Business Angels Network (FiBAN) make it our priority to keep our members and other stakeholders informed on how we process their personal data. In this Privacy Notice, we describe how we collect and process the personal data of our members, potential members, and other business contacts. This Privacy Notice also applies to the processing carried out by FiBAN in the context of its events, communications, research and public affairs activities as well as its processing of any information relating to representatives of associations, companies or other partners cooperating with or providing services to FIBAN. We are engaged to process any data reliably, securely, and in a transparent manner. The controller of your personal data, as described here, is FIBAN.
Should you have any questions related to the processing of your personal data, or should you wish to use your rights as a data subject, please contact our Managing Director Amel.Gaily(a)FiBAN.org.

How We Collect Data

As an association, we regularly receive and process various types of personal data in connection to our operations, for example in connection to our member onboarding process and when performing services for our members or other stakeholders. “Personal data” is data that can be used to identify you or data that can otherwise be linked to you such as the name, title, position, company name, professional and/or private email and/or postal address, fixed and/or mobile phone number as well as any information provided directly by such persons (e.g. by email or through providing business cards).
We mainly process personal data we obtain from you directly, for example when you send emails to us or communicate with us through other channels, when you sign up for newsletters or other marketing materials, or when you sign up for an event organized by us.
We may also, subject to applicable laws and regulations, collect personal data about you from third party sources. This may happen for example in the context of collection of information from publicly available online sources, such as your employer’s website. We may also collect information about you in the context of your visit on our website. Such information may include IP addresses, cookie information, or information gathered through analytics tools. We always strive to keep such information anonymous but recognize it may at times also be considered personally identifiable.​

How We Use Your Data

We collect and process your data for the following purposes – Including any other purposes that are not incompatible with the ones below:
– the management and administration of our business relationship with you and/or your organization, such as the management of membership and provision of services, including the processing of payments, accounting, auditing, billing, and collection as well as related support services;
– marketing and communications, such as (i) communicating with you with respect to industry developments, announcements, newsletters, events, training, and our other services which may be of interest to you; (ii) maintaining our contact lists, and (iii) compiling statistics to improve the quality of our communications and interaction with you.
– public affairs operations, such as providing position papers and written communication about private equity and venture capital to officials, policy makers and their assistants.
– complying with any legal obligations imposed on FIBAN in relation to its activities.

Legal Basis for the Collection of Personal Data

When processing your personal data for the purposes described in this Privacy Notice, we collect and process your data primarily on the basis of your consent or, other, based on our legitimate interest in maintaining the business relationship between us. Our view is that your participation in our activities or otherwise communicating with us creates a meaningful business relationship between us as well as a legitimate interest for us to process your personal data for general communication and marketing purposes. Occasionally, there may also be circumstances where we may rely on other grounds for the lawfulness of processing your personal data, such as any processing which is necessary for compliance with a legal obligation. We stress that we will rely on any alternative legal basis to the extent necessary and only to the extent possible under applicable laws and regulations.

Sharing and Transferring Personal Data

We do not sell, rent, distribute, or otherwise make your personal data available to any third party for marketing purposes. However, your personal data may be transferred to and processed by third-party providers which perform services on our behalf (data processors) to enable these companies to perform the services requested by us. However, such suppliers are obliged to process the data for the above mentioned purposes only. Only personal data that is necessary to fulfill the purposes stated above will be provided to these companies. All third-party providers must follow our instructions and applicable written data processor agreements and any other agreements that are in place between us and its third party providers, and must implement appropriate technical and organizational measures for the protection of the personal data.
We primarily process personal data on servers within the European Union and/or European Economic Area. We may also need to transfer your personal data outside the EU or the EEA. If we transfer your personal data outside the EU or the EEA, such transfer will be performed subject to appropriate safeguards required by applicable data protection laws.
We will always ensure that your personal data is adequately protected as required by applicable laws and regulations. We take appropriate technical and organizational measures against unauthorized or unlawful processing of your personal data, and regularly check our security policies and procedures to ensure our systems are secure and protected. Only the personnel who need to process your personal data for the purposes mentioned above have access to your personal data.

Storing of Personal Data

We retain the personal data for the purposes mentioned in this Privacy Notice for as long as we have a meaningful membership or business contact and it is necessary for the purposes we have collected it, or if we are required to store that data for longer periods to comply with applicable laws. When the processing of your personal data is no longer necessary for the purposes they were collected, we will delete or anonymize the personal data relating to you in a secure manner. We may retain your personal data for a longer period to the extent required by our automated disaster recovery backup systems or to the extent we deem the data necessary to assert or defend legal claims during any relevant retention period.

Your Rights Regarding Your Personal Data

You have the right to ask us to tell you what data we at any given time store about you. Subject to local applicable laws you also have the right to:
– request us to correct incorrect personal data relating to you and erase your personal data if you deem that it should, subject to applicable laws and retention criteria explained in this Privacy Notice;
– request us to restrict our us of your data or object to our uses of your personal data;
– object us in using your personal data;
– request us to move your personal data over to you or to another data controller;
– where you have given us your consent to process your personal data, you may have the right to withdraw that consent in accordance with applicable laws; and
In addition, you have an express right to ask us not to send you marketing-related communications. Please note that if we restrict or delete your personal data, this may result in us not being able to provide to you the communications and invitations described above.
Please note that we will review such requests and execute them in the fullest extent possible in accordance with applicable laws.
If you are not satisfied with the way we process your personal data, please let us know and we will investigate your concern using the above communication means.
If you consider that your rights under the applicable data protection laws have been violated, you may lodge a complaint with the competent supervisory authority (in Finland Tietosuojavirasto).

Updates

This Privacy Notice has been updated in May 2018. We reserve the right to amend this Privacy Notice from time to time to reflect changing legal requirements or our practices in processing data. We will keep you informed of such updates.