Registry for performers - Ruka-Kuusamo Tourist Association

1. Data Controller: Ruka-Kuusamo Tourism Association (Ruka-Kuusamo Matkailu ry), Rukatunturintie 9, 93830 Rukatunturi.

2. Person Responsible for the Register: Ruka-Kuusamo Tourism Association, Rukatunturintie 9, 93830 Rukatunturi, Event Producer Niina Kukka, niina.kukka@rukakuusamo.fi.

3. Register Name: Ruka-Kuusamo Tourism Association and the City of Kuusamo Performer Registry.

4. Legal Basis for Processing Personal Data: The processing of personal data is based on an agreement between the data controller and the data subject.

5. Purpose of Processing Personal Data (Purpose of the Register): Registry of service providers performing in events marketed by Ruka-Kuusamo Tourism Association and the City of Kuusamo. The information in the register is used to assist event organizers in event production.

6. Content of the Register: The register may contain the following categorized information about members:
Person's first and last name, phone number, address, email address
Possible company name, email address, website
Service provided by the person and/or company

7. Regular Sources of Data: The register is compiled by the staff of Ruka-Kuusamo Tourism Association individually and is based on communication with the people listed in the register.

8. Regular Disclosures of Data: The data controller will disclose information to representatives of the City of Kuusamo and event producers in a separately agreed manner (aiming for the development of event production).

9. Data Deletion: Data can be deleted at the request of the address holder.

10. Principles of Register Protection: Personal data is kept confidential. The data network and hardware, on which the register is located, are protected by a firewall and other necessary technical measures.

11. Right to Object: The address holder has the right to prohibit the disclosure and processing of their information for direct advertising and other marketing.

Data subjects have the right to request access to their personal data to ascertain whether or not their data is being processed.

They generally have the right to know what information about them has been stored in the customer register. The data controller can ask the data subject to specify what information or processing activities their request pertains to.

The right to access information may be restricted or denied under GDPR if providing the information would adversely affect the rights and freedoms of others. Such protected rights include, for example, the trade secrets of the data controller or another person's personal data. The right may also be restricted by national legislation (e.g., the Data Protection Act).

Data subjects have the right to demand that the data controller rectify without undue delay any inaccurate or incorrect personal data concerning them.

The data controller must, upon request by the data subject, erase their personal data without undue delay if any of the following conditions are met:

• Data is no longer needed for the purposes for which they were collected or otherwise processed.
• The data subject opposes the processing and there is no justified reason for the processing.
• The data subject opposes the processing for direct marketing (though processing may still be possible for other purposes).
• Data has been processed unlawfully.

Data subjects have the right to object to the processing of their data based on their specific personal situation when the data is processed based on legitimate interest.

Data subjects do not have the right to object to data processing when it is based on a contract between the data controller and the data subject.

If the registered individual has objected to the processing of their data based on a specific personal situation, they must identify the special circumstance on which they base their objection to processing carried out on legitimate interest grounds. The data controller may continue processing the data despite the objection if there are significantly important and justified reasons that override the registered individual's interests, rights, and freedoms, or if it is necessary for the establishment, exercise, or defense of legal claims.

The registered individual has the right to object at any time to the use of their personal data for direct marketing purposes. If the registered individual objects to the use of their personal data for direct marketing, the data may no longer be processed for this purpose.

The data controller must, upon the request of the data subject, restrict the active processing of personal data in the following situations:

• The data subject disputes the accuracy of the personal data.
• The processing is unlawful and the data subject requests restriction instead of erasure.
• The data controller no longer needs the data but the data subject requires it for legal claims.
• The data subject has objected to the processing and the evaluation of whether the legitimate grounds of the data controller override those of the data subject is pending.

To the extent that the data subject has provided data that is processed automatically and based on a contract between the data controller and the data subject, the data subject has the right to receive such data in a generally machine-readable format and to transfer the data directly from one data controller to another, if technically feasible.

Data subjects have the right to file a complaint with the competent supervisory authority if they believe that the data controller has not complied with applicable data protection regulations.

For questions related to data processing and exercising their own rights, data subjects can contact the person mentioned in section 2 of each register's privacy clause.

Requests for access rights or other requests related to exercising the data subject's rights should be made in writing, either by email or by post. The request can also be presented in person at the data controller's location. The data controller may ask the data subject to specify adequately what data or processing activities the request pertains to.