Privacy Policy
Privacy Policy for Svenska lärarhögskolans bostadsstiftelse s.r. (Lärkan)
Data Controller
BC Consulting Oy (Business ID: 2808168-2)
Contact person for register matters:
Janne Ala BC Consulting Oy
Raastuvankatu 21 B 7a, 65100 Vaasa
Tel: +358 50 307 8770
Email: janne.ala@bcconsulting.fi
Purpose of Processing Personal Data
Personal data is processed for the management and administration of customer relationships:
- provision of services,
- applications,
- termination of lease agreements, and
- processing of potential support or contact requests.
Data will not be disclosed to external parties.
Categories of Personal Data Processed
- Basic and contact information:
- First and last name
- Email address
- Phone number
- Address details
- Educational institution and study details
- Apartment and tenancy details
- Identification and financial information:
- Personal identity code (processed in connection with applications and lease terminations)
- Bank account details (for the return of the rent deposit)
Regular Sources of Data
Personal data is collected directly from the data subjects themselves.
Retention Period of Personal Data
Data is retained for as long and to the extent necessary in relation to the purpose for which the personal data was collected (e.g., customer relationship, services provided). At a minimum, data is retained for the period specified by law.
Data will not be disclosed to third parties. However, data may be disclosed in accordance with statutory information requests made by authorities.
Transfer of Data Outside the EU or EEA
Personal data is not transferred outside the EU or EEA.
Principles of Register Security
Databases containing personal data are hosted on a server kept in a locked space, accessible only by designated individuals authorized to access it due to their duties. The server is protected by an appropriate firewall and technical security measures.
Access to databases and systems is restricted to individual personal usernames and passwords granted separately. The data controller has limited the access rights and authorizations to information systems and other storage platforms so that the data can only be viewed and processed by persons whose duties require the lawful processing of such data.
The data controller’s employees and other personnel are bound by a separate non-disclosure agreement to observe confidentiality and keep secret any information obtained in connection with the processing of personal data.
Rights of the Data Subject
The data subject has the following rights under the EU General Data Protection Regulation (GDPR):
- Right of access: The data subject has the right to inspect the data concerning themselves and to demand the rectification and completion of any errors.
- Right to object: The data subject has the right to object to the processing of data if the data has been processed unlawfully or without authorization.
- Right to erasure: The data subject has the right to request the erasure of personal data concerning themselves, provided that the data is no longer necessary for the duties of the data controller.
- Right to data portability: The data subject has the right to receive personal data concerning themselves in a machine-readable format to be transmitted to another data controller, provided that the data is subject to portability under data protection legislation.
- Right to lodge a complaint: The data subject has the right to lodge a complaint with the Data Protection Ombudsman if the data subject considers that the data controller has violated applicable data protection legislation in the processing of personal data.
Cookies
The website uses only essential cookies that ensure the functionality of the site. They are used, for example, to store language settings.