01.04.2025

 

DATA PROTECTION STATEMENT
EU General Data Protection Regulation, Articles 13 and 14

1.      Name of the Register

TSE EXE (Turku School of Economics Executive Education Unit, TSE EXE
Executive Education and Development) Marketing and Customer Relations Register

2.      Identity and Contact Information of the Data Controller

TSE EXE, University of Turku
Postal address: University of Turku, FIN-20014 UNIVERSITY OF TURKU
Email: tse-exe@utu.fi / Phone: +358 29 450 5000 (switchboard)

3.      Contact Information of the Data Protection Officer

TSE EXE, University of Turku
Ulla Heinonen, Director of TSE EXE
Phone: +358 50 5917199

4.      Purpose of Processing Personal Data and Legal Basis

The purpose of processing personal data is to manage the marketing and
sales of TSE EXE’s executive education services, including activities such as:
-implementation, management, marketing, and sales of TSE EXE services and
programs
-customer relationship management and customer communications
-target marketing, direct marketing and newsletters
-events and invitations
-business development
-participants in executive education programs (client companies and customers)

The goal is to act customer-oriented, considering the various leadership
skills and business development needs of the client companies and customers.

5.     Personal Data Categories

Personal Data (work related information)
• Name (first name, last name)
• Company
• Work phone number, phone number
• Work email address (+personal email address if indicated)
• Work postal address
• Title, job position                                                      

Customer name and contact details may be updated with the direct marketing
service provider’s services. The direct marketing opt-out and mailing opt-out
are enabled in the customer register based on the customer’s notification.

Other Information
• Any additional information (educational background, allergies)
• Participation in executive education programs

6.      Recipients of Personal Data and Groups of Recipients

Access
to and use of executive education data is restricted to only the necessary
information for
TSE EXE staff performing their work tasks.



7.    Information about the Transfer of Data to Third Countries

The data related to the marketing and sales of executive education services
is not transferred or disclosed outside the EU or the European Economic Area.



8.    Data Retention Period

The customer register is updated as part of daily communications. Updates
for direct marketing purposes are made as needed, at which point personal data
is automatically updated.

Participant data in executive education programs and the personal data
contained in it are retained in the register for the period required by data
retention obligations.

9.    Rights of the Data Subject

The data subject has the right to request access to their personal data and
to request the correction of their data. The data subject does not have the
right to request the deletion of their data or to object to its processing due
to the university’s data retention obligation.
The data subject has the right to lodge a complaint with the supervisory
authority.
The contact person for matters related to the rights and obligations of the
data subject is the data protection officer. Contact information for the data
protection officer is provided at the beginning of this notice.

10.  Whether the Provision of Personal
Data is a Statutory or Contractual Requirement

Refusal to provide personal data prevents TSE EXE from fulfilling its statutory obligation towards the data subject. In such a case, TSE EXE may not be able to offer executive education services or maintain the possibility of contacting the individual.

If the data subject does not provide the requested information related to
participation in training, the data controller will not be able to accept the data subject’s registration or enter into a contract  regarding the training participation between the data controller and the data subject.


11.     Information on the Source of the Personal Data

Personal data is obtained from the direct marketing service provider, from companies participating in TSE EXE’s executive education, events, and occasions, and from the registered individuals themselves.



12.  Information on the Existence of Automated Decision-Making, including Profiling

Data from the register may be used for automatic processing or profiling.



13. Principles of Register Protection

The register data is stored according to best practices, good data security
standards, and legal requirements, protected from external access. The register is protected by usernames, passwords, and function- and group-specific authorizations. Access to personal registers is granted only to staff  members who need the information to perform their job duties.
The system can only be accessed via a secure internet connection. A contract that meets the requirements of the EU General Data Protection Regulation has been concluded with the system *provider (Elisa Oyj) concerning the terms of personal data processing.

            www.utu.fi/exe