This statement describes the personal data processed about visitors to the Hyvä kysymys website and the personal data processed in connection with the use of the website services. This statement was created on 7.11.2018 and has been updated on 8.9.2020, 2.12.2020, 21.1.2021 and 12.2.2021. The privacy statements of our contracting organizations and partners can be found on the websites of each service provider.
Name of the register
Hyvä kysymys online service user register
Registrar and contact details
The Family Federation of Finland, Business ID 0202602-8
Kalevankatu 16, 00100 Helsinki, FINLAND
Data Protection Officer, Lawyer Arto Nikkarinen, arto.nikkarinen@vaestoliitto.fi, tel. +358 50 5113580
Purposes of the processing of personal data and legal basis of the processing
The purpose of the processing of personal data is the operation of the Hyvä kysymys online service and the services provided through it. In addition, we collect analytics on the use of the online service, with which we evaluate the volumes and statistics of use of the service. The processing of personal data is based on your consent and, with regard to the essential cookies, our right under the Information Society Code to provide services, transmit communications, take care of data security and rectify faults.
All data stored in the service is accessible to the administrators and technical administrators of the Hyvä kysymys online service. In addition, service-specific data is accessed by our partner organization that is responsible for or organizes the service in question.
The Hyvä kysymys online service has partner organizations alongside the Family Federation of Finland. Partner organizations process personal data on the service platform to provide services related to their own activities and expertise to data subjects. With regard to the processing on the service platform, the parties may play different roles with regard to the processing of personal data. The basic data of the data subjects is utilized by all service providers. In respect of them, the parties are joint registrars. Examples of such data are nicknames and email addresses. For fully closed services, other registrars do not have access to the personal data processed in that service. For such services, the partner organization may also be a fully independent registrar. If personal data is collected and processed outside the service platform, it will be described in the partner organisation’s own privacy and register statement.
Data we process about you
Most of the personal data collected is standard personal data that every Internet user provides of themselves. These include, for example, your network address (IP address), which can be used to derive, for example, the name of the company whose network you are using and the country, city or region from which you are connecting to the website.
We also collect technical log data to implement the service, ensure data security and troubleshoot faults. This data (e.g. IP address, information about downloaded pages, timestamps, logins) will not be associated with any of our analytics or disclosed to third parties.
If you have enabled marketing or statistics in your browser’s privacy settings or cookie consent tool, we will also gain access to information of the page from which you accessed our website, your device model, whether you use a browser, mobile device or application, browser version, browsing entry and browsing time, and screen resolution and operating system.
Cookies are used to create a unique identifier for you. We may attach the media content you view on the pages, the ads you click or display, the data you store and submit to the websites, the search phrases, how you use the website and, for example, the links you click to the identifier created of you.
Cookies and other data set on your device
Data transfers and transfers onwards
We do not collect data about our users from any external sources. Our partners can enter data into the system if they use the Hyvä kysymys service, for example to organize courses or lectures. However, you can always get more information about this from the party that organized the course or lecture.
Please note that many things you have done on the website and where you have visited are stored on your device. For example, if you search sensitive information on the pages, each of your searches will appear in plain language in the browsing history. This means that the next user of the device will see where you have visited on our website and what things you have searched for on the website, unless you clear this information by clearing your browsing history.
Registered users
When registered, your nickname, email address and password of your choice, which are stored in the service will also be collected. When you use the service while logged in, the data related to your browsing can be combined with the data you provided during registration. Your nickname will always be publicly visible and administrators will see all nicknames registered with the service. To protect your privacy, use a non-identifiable nickname.
Processing of personal data in our services
Use the links below to read more about how we process your personal data in different parts of our service.
- Videos
- Chats
- Forms
- Courses
- Lectures
- Assignments
- Tests
- Discussion forums
- Q&A forums
- Material subscriptions
Rights of the data subject and exercise of rights
You may exercise your rights by submitting a request in person or in writing to the contact person listed at the beginning of this statement by letter, email or in person. Your identity and access to the data will be verified before the request is processed. The data shall be disclosed without undue delay. If we are unable to respond to the request to exercise your rights, you will always receive a written confirmation.
The exercise of the rights is free of charge once a year, otherwise a reasonable fee based on the direct costs of the request will be charged.
You have all the rights guaranteed by law in relation to your personal data. If you wish, you will receive information from us as to whether or not we process personal data relating to you. Please note that for data provided to third parties (e.g. Google, Facebook, LinkedIn, etc.) must be addressed directly to them, as they are the registrars of the data provided.
Right of access to personal data
You have the right to access the data we have about you. However, the right of access to one’s own data may have to be restricted due to legislation or protection of the privacy of others.
Right of rectification of data
For example, it is possible to correct an incorrect or outdated email address.
Right to delete data and withdrawal of consent
You have the right to request the deletion of your data. However, this right cannot be exercised with respect to data for which we have a legal right or obligation to process. A deletion request can be made, for example, in the following cases:
- You withdraw your consent and there is no other basis for processing. However, this does not affect how the data have been processed before the withdrawal of consent.
- You object to the processing of your data and there is no other basis to continue processing.
- The processing of data is illegal.
Consent to the processing of personal data can be revoked by deleting the registered username. You can delete your username in My profile. After deletion, messages and other content written by the user are edited so that the original author can no longer be associated with the messages. Deletion is permanent and cannot be undone. If you want to continue using the service, you must register again.
Consent for marketing and statistics can be revoked on the cookie management page or in your browser settings.
Right to restrict processing
You have the right to request a restriction on the processing of your personal data, for example in situations where you doubt the lawfulness of the processing of your personal data or you have objected to the processing of your personal data, but the matter is still pending.
Right to object
You have the right to object to the processing of your data in a situation where we process the data in the public interest (e.g. scientific or historical research or statistics) or in our own legitimate interest (e.g. direct marketing). When exercising the right to object, you must justify why your personal rights and freedoms would take precedence over the processing.
Right to transfer the data
The right applies to personal data that has been processed automatically on the basis of a contract or consent and is a similar service to which we can technically transfer the data without undue effort. The right only applies to data collected about you, so for example, we will not pass on log information.
Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with the supervisory authority if you suspect that your personal data has been used inappropriately or unlawfully. Contact details for the supervisory authority can be found at the end of this statement.
However, we wish that we will always be notified of inappropriate or illegal processing, regardless of whether you are considering filing a complaint with the authority. This will allow us to react to the situation as quickly as possible.
Retention period of personal data
Personal data is stored in the service for the time being. The retention period for technical log data is 6 months. Cookie retention periods are listed on the cookie management page. The processing periods of personal data in different services may also be described in the service-specific sections of this statement.
Data security of the service
Only designated persons are entitled to use the system containing personal data. Each user has their own username and password for logging in. The data is collected into databases, which are protected by firewalls, passwords and other technical means. Only authorized employees, who are bound by professional secrecy with regard to all non-public and confidential information they receive even after the termination of their employment, are entitled to access the Hyvä kysymys online service user register. Employees have the right to process only the register data that they immediately need to perform their work duties.
Access rights to the Hyvä kysymys online service are based on personal usernames and passwords and their use is monitored. What each user can see and process is defined according to their tasks. The access right expires when the person leaves these positions.
What can you do?
Please note that many things you have done on the website and where you have visited are stored on your device. For example, if you search sensitive information on the pages, each of your searches will appear in plain language in the browsing history. This means that the next user of the device will see where you have visited on our website and what things you have searched for on the website, unless you clear this information by clearing your browsing history.
Our various services use a nickname to identify the user. To protect your privacy, use a non-identifiable nickname.
Amendments to this statement and contact details of the supervisory authority
If the privacy statement of the Hyvä kysymys online service is amended, the amendments will be displayed in the statement dated. If the amendments are significant, the amendments will also be notified in other ways, such as by publishing a notification on our website in the Bulletins section.
Office of the data protection authority
Visiting address: Ratapihantie 9, 6. floor, 00520 Helsinki
Mailing address: PO BOX 800, 00521 Helsinki
Telephone switchboard: 029 566 6700
Registry: 029 566 6768
Fax: 029 566 6735
Email (registry): tietosuoja(at)om.fi
If you wish to bring an action before the office of the data protection authority, you can also use the electronic forms at: https://tietosuoja.fi/en/contact-information (link will open in a new browser window)
Technical administrator of the platform
Geniem Oy, Business ID 1639413-9
Sumeliuksenkatu 18 B, 33100 Tampere, Finland