Customer register
Name of register
Customer register
Legal basis for the processing of personal data
Unless separate consent is obtained, the processing of personal data contained in the customer register is based on a legitimate interest. The customer relationship is then founded on a meaningful and appropriate relationship between the data subject and the Controller in accordance with legitimate interest. The processing of personal data relating to legitimate interest has been subjected to a balancing test that weighs the interests and rights of the Controller and the intended data subject.
If the processing of personal data in the customer register is based on consent rather than legitimate interest, the intended data subject will have submitted a voluntary, itemised, informed and unambiguous expression of intent, and we can prove the existence of this consent. The personal data of a child under the age of 13 are processed only when the guardian is aware of the customer relationship.
Personal data are processed to the extent authorised and mandated by law for the management of customer work and for statistical purposes. When compiling statistics the data is always processed in such a way that the individual customer cannot be identified.
Personal data processed
The Controller processes the following personal data in the customer register:
- basic data of the data subject, such as name, domicile, age and gender
- contact information of the data subject, such as email address, telephone number and address details
- family information and contacts with other customers who are members of the same family
- points of contact for services essential to the customer relationship
- any other information collected separately with the consent of the data subject
The customer may communicate via telephone or chat, which may not constitute a meaningful customer relationship; relevant statistics are then gathered anonymously. Not all of the aforementioned information is collected from every customer, whatever the case. For example, contact information for services essential to the customer relationship is processed only in the event of actual cooperation with a school, social services, educational and family counselling, psychiatric services or so on.
The data collected into the customer register contain no information on specific categories of personal data (i.e. ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual behaviour or orientation, or genetic or biometric data) by which a person can be identified. Any essential health data affecting customer relationship management is processed only with the demonstrable consent of the intended data subject.
Sources of data
Data are primarily obtained from the data subjects themselves. In addition to this, contact information is obtained through professional contacts and customer guidance. The data received from professionals are verified by the data subjects themselves.
Retention and disclosure of data
Customer data is saved in the central electronic customer register of the Child Welfare Organisations of Southwest Finland. Only designated parties engaged in customer work and system administrators acting as their line managers are entitled to use the system containing personal data. All consents received are retained in a locked cabinet throughout the term of the customer relationship and the associated obligation to maintain statistics. Furthermore, customer telephone numbers may be saved throughout the term of the customer relationship on a business telephone or a single identifier alongside an electronic calendar entry. However, access to this additional data is limited to the parties engaged in customer work, their line managers and the system administrator only. The data is not disclosed outside the EU or EEA under any circumstances.
Data protection and retention periods
A written agreement has been made together with the service provider of the system containing personal data, as required by the Data Protection Regulation. The customer information system is implemented as a cloud service that can be used online in a browser. System access requires an encrypted (TLS) connection, which can only be established using a restricted IP address and a VPN connection or signed with a digital certificate. The customer information system holds a valid certificate of conformity, ‘Data security requirements for systems and environments in Category A.’
All employees involved in the processing of data are bound by the obligation of professional secrecy. Each user has a system user name and password of their own. The data is collected into data bases protected by firewalls and other technical means. The business premises are locked in such a way that only employees can access the premises. In addition to this, the premises have security and alarm monitoring.
The Controller regularly assesses the need for retention, taking into account the applicable legislation. In addition to this, the Controller takes appropriate measures to ensure that no personal data in the register that is incompatible, outdated, or inaccurate for the intended processing purposes is retained. Personal data is retained for a maximum of 1.5 years after the customer relationship ends and the obligation to maintain statistics concludes.
Rights of the data subject
The data subject has the right to check their personal data stored in the person register and if there are legal grounds, to request the correction or deletion of any inaccurate data. The data subject has the right to be removed from the register if the customer relationship or obligation to maintain statistics no longer exists. Under the Data Protection Regulation, the data subject has the right to object to or restrict the processing of their data and may file a complaint with the relevant supervisory authority regarding the processing of said data. The data subject also has the right, for special personal reasons, to object to the processing procedures concerning them. In conjunction with the objection to processing, the data subject must specify the special situation on the basis of which they oppose the processing. The Controller may refuse the objection only on grounds provided by law.