PRIVACY POLICY
The EU General Data Protection Regulation applies from 25 May 2018. It is applied in all activities of different organizations that process personal data. The Data Protection Regulation increases the openness and transparency of the processing of personal data and strengthens the rights of data subjects to control the processing of their personal data.
The processing of personal data in the fund is based on the consent given by the member, activities in accordance with the Insurance Fund Act (additional benefit) and for the exercise of public authority belonging to the fund (Kela).
WaasaWärtsilä Sickness Fund 12702 | Information for the Member about the processing of his/her personal data |
Controller | WaasaWärtsilä Sickness Fund |
Contact person in register issues | Ms Monica Krokfors, Manager; Teollisuuskatu 1, 65170 Vaasa. Tel. 050 379 8203 |
Purpose and legal basis for the processing of personal data | The purpose of the processing of personal data is to handle and pay any reimbursement related to additional benefits, pursuant to the Fund’s bylaws, as well as to provide customer service to the members and carry out statistics and reporting related to the reimbursements. Further, the purpose of data processing is to manage the Fund’s membership issues, provide customer service to the members and carry out statistics and reporting based on the membership. The processing is based on the Member’s explicit consent and on the provisions of the Insurance Fund Act (General Data Protection Regulation, Article 9.2). |
Contents of special categories of personal data, and regular data sources | Contents of data received from other sources than the Member him/herself: the Member’s identification data, employer data of the members, data received from service provider/s, membership payment data, data related to unpaid absences. |
Disclosing and transmitting personal data | Data is disclosed only upon the Member’s consent or his/her explicit request. Pursuant to Insurance Fund Act, Sect. 165c, to various boards as well as for scientific or historical research purposes. Data is not transmitted to any party outside the European Union and the European Economic Area. |
Securing the Register Data | The Fund employees and Board members involved in the processing of personal data are bound by confidentiality and non-disclosure terms pursuant to Insurance Fund Act, Sect. 165. They have signed confidentiality and non-disclosure agreements. The right to process personal data is restricted by specific tasks and limitations of use. Only the Fund employees have access to the Fund’s premises and filing cabinets. In addition, the office cleaner has access to the Fund’s premises (non-disclosure agreement). Customer service is carried out in the Fund’s sound-proof room and the Member is identified with his/her name (identity card with photo, provided by the employer) and identity code. |
Storage period of personal data | Documents related to the Fund membership are stored until further notice. Documents related to benefits are stored for the current year + six years, pursuant to the Accountancy Act, or in accordance with the purpose of use. Data protection is taken into account when the documents are destroyed. |
The Member’s rights | The Member has the right to check the data, request the rectification or erasure of faulty data and to request his/her data to be transmitted from one system to another. This request must be presented in writing to the Fund. As a rule, the Fund will provide the data within one month of the request, and no later than three months. The Member will be provided with the data which has not been provided on the basis of an earlier request, if any. If the Member is of the opinion that the General Data Protection Regulation has been breached in processing his/her data, s/he is entitled to lodge a complaint with the supervisory authority. |