Kiilopää camera surveillance privacy policy
In this privacy policy, we solely inform about the camera surveillance of Suomen Latu Kiilopää (Suomen Latu ry) premises and property. We may change our data protection practices and this privacy policy from time to time. We recommend that you review our data protection practices regularly.
1. Controllers
There are two controllers. The controllers have an agreement between them concerning joint controllership.
Suomen Latu Kiilopää / Suomen Latu ry
- Kiilopääntie 620, 99830 Saariselkä
- kiilopaa@suomenlatu.fi
- +358 16 6700 700
- Business ID: 0202192-1
Lapsec oy in collaboration with Vartiointi Tanskanen oy
- Aittatie 1, 96320 Rovaniemi
- info@lapsec.fi
- Business ID: 2024392-3
2. Person Responsible for Register Matters and/or Contact Person
- Tiia Mustonen
- Suomen Latu Kiilopää / Suomen Latu ry
- Kiilopääntie 620, 99830 Saariselkä
- kiilopaa@suomenlatu.fi
- +358 16 6700 700
3. Name of the Register
Register of the camera surveillance of Suomen Latu Kiilopää (Suomen Latu ry) premises and property.
4. Legal Basis and Purpose of Personal Data Processing / Purpose of the Register
The legal basis for the processing of personal data according to the EU General Data Protection Regulation is the legitimate interest of the controller. The purpose of personal data processing is to ensure safety, protect property, and prevent and investigate crimes. The data is not used for automated decision-making. The data may be used for profiling.
5. Data Content of the Register
- Video footage from the surveillance area
- Movements and activities of persons in the surveillance area
Data Retention Period Data is stored for a maximum of 30 days, unless a longer retention period is necessary for the investigation of a crime.
6. Regular Data Sources
Suomen Latu Kiilopää’s camera surveillance system.
7. Regular Data Disclosures and Data Transfers Outside the EU or European Economic Area
Data is not separately disclosed onwards and remains only with the controllers. Data may be disclosed to authorities in cases required by law.
8. Principles of Register Protection
Carefulness is observed in the processing of the register, and data processed with the help of information systems is appropriately protected. The physical and digital data security of the equipment is taken care of appropriately. The controller ensures that recorded data, as well as server access rights and other information critical to the security of personal data, are treated confidentially and only by those employees whose job description includes it.
9. Right of Access and Implementation of the Right of Access
Every person in the register has the right to check their data stored in the register.
10. Other Rights Related to Personal Data Processing
The person in the register has the right to request the erasure of personal data concerning them from the register (“right to be forgotten”). Likewise, data subjects have other rights in accordance with the EU General Data Protection Regulation, such as the restriction of the processing of personal data in certain situations. Requests must be sent in writing to the controller. The controller may, if necessary, ask the person making the request to prove their identity. The controller shall respond to the customer within the time limit provided for in the EU Data Protection Regulation (as a rule, within one month).
Created: 3.12.2024