N.b. This page is translated from Swedish to English. In case of any discrepancies between the two documents, the Swedish document takes precedence.
1 Principle for the Protection of Personal Data as ÅAS
The Student Union of ÅAU (ÅAS) has committed to protecting the privacy of users of ÅAS services and to complying with data protection legislation and good data protection practices in its operations. This data protection description explains how ÅAS collects and processes personal data. “Personal data” refers to all information that can be linked to an individual.
This data protection description applies when ÅAS is the data controller. We also refer to this data protection description when using or registering for ÅAS services and events.
If you do not agree with our policy as described in this data protection description, we cannot recommend that you provide your personal data to ÅAS.
2 What personal data do we collect?
ÅAS may collect personal data necessary for the purposes outlined in this data protection declaration. The exact data collected depends on the purpose.
2.1 Data you provide yourself
When you register for an event, book a space, apply for open positions as elected representative, or enter into an agreement with ÅAS, we may request certain necessary information from you.
This information may include:
- Student number
- Email address and other contact information
- Information about diets and allergies
- Bank account number
- Seating preferences
- Membership in and/or trust assignments within one or more associations
- Other information you have provided or that has been disclosed with your consent
2.2 Personal data disclosed to ÅAS
In accordance with the University Act, all students admitted to study for a lower or higher degree at a university, with the exception of students participating in commissioned education, are members of the student union. The university monitors the payment of membership fees.
To verify membership, ÅAS should have access to ÅAU’s student register.
The personal data in ÅAU’s student register that ÅAS has access to includes:
- Student number
- Contact information (phone number, postal address)
- Presence status / membership in the student union (yes/no)
- Faculty affiliation
If a person has a protected identity, ÅAS cannot see the contact information. If a person is not a member of the student union, ÅAS only sees the name and student number.
ÅAS cannot edit the information in ÅA’s student register.
3 Why do we process personal data?
We process your personal data for one or more of the purposes listed below.
3.1 Membership verification
Studies at a university require membership in its student union (University Act). A student’s union membership also entitles them to certain discounts and services.
Elected representatives, such as student representative or member of the student union’s council also require Union membership.
3.2 Communication and recruitment
ÅAS has the task of appointing student representatives to various working groups and bodies within and outside Åbo Akademi University. As representatives of all students at ÅAU, ÅAS is also committed to informing elected student representatives about matters concerning their roles.
3.3 Event organization
ÅAS receives personal registrations for events organized in-house and in collaboration with other parties. ÅAS also sends out invitations to certain events.
3.4 Rental agreements
ÅAS rents out housing and social spaces. ÅAS also lends equipment.
4 Do we disclose personal data?
ÅAS’s principle is not to disclose your personal data to third parties.
4.1 Subcontractors and service providers
ÅAS may engage subcontractors and service providers to carry out various events. Agreements may also be made with partners to provide services.
These external parties may not use your data for purposes other than those described in this data protection description and for purposes determined by ÅAS. ÅAS obligates them to keep your data confidential and to take adequate measures to ensure the security of your personal data.
4.2 Disclosure of personal data based on mandatory legislation
Your personal data may be disclosed based on requirements imposed by an authorized authority or requirements based on the law.
5 How do we ensure that data is up-to-date?
We take reasonable measures to ensure the accuracy of the personal data we hold by deleting unnecessary data and updating outdated information.
Please note that it is your responsibility to update the personal data you have provided to us if it changes.
6 How do we protect your personal data?
We are especially attentive to data protection and information security when planning, providing, and maintaining our services. We use appropriate physical, technical, and administrative protection methods to protect your personal data from misuse. We have designated individuals with specific responsibilities for data protection and information security. We limit access to systems and databases containing personal data, and they may only be used by selected individuals who need and are authorized to process personal data in their work.
We implement data protection and information security, among other things, through preventive risk management and by considering data protection and information security when planning, training our employees, and regularly checking that our services comply with requirements. We handle risks of data misuse and other similar risks by considering the likelihood of risks and the nature of the data to be protected.
When providing services and processing personal data, ÅAS may also engage subcontractors and service providers. In such cases, we ensure through agreements and other arrangements that your personal data is processed in accordance with legislation, good data protection practices, and this data protection description.
7 How long do we retain your data?
We retain your data in accordance with applicable legislation and only as long as necessary to fulfill the purposes set out in this data protection description. We delete your personal data when the basis for processing the data has ceased.
8 What rights do you have?
According to the law, you have the right to access the data we have collected about you. In addition, you have the right to demand the correction or deletion of incorrect, incomplete, unnecessary, or outdated data.
You can exercise your rights by sending us a request to the contact details provided below.
9 Changes to this data protection description
ÅAS continuously develops its services and may, from time to time, make changes to this data protection description without prior notice. Changes may also be due to changes in legislation. We recommend that you periodically review this data protection description to be aware of any changes.
10 Who is the data controller, and who can I contact?
The data controller is Åbo Akademis Studentkår, Tavastgatan 22, 20500 Åbo.
If you have questions about data protection, you can contact us by email at firstname.lastname@example.org. You can also use the postal address Åbo Akademis Studentkår, Tavastgatan 22, 20500 Åbo.
Please note that for information security reasons, we may need to verify your identity before we can fulfill your request.