Proceed to contents

Privacy policy statement for stakeholder register

Privacy policy statement according to the EU’s Data Protection Regulation.


Finnish Pension Alliance TELA
Salomonkatu 17 B
00100 Helsinki

Contact person for matters concerning the register:

Register name

Stakeholder register

Purpose of the processing of personal data

Provision of information and services for stakeholders closely involved in TELA’s operations, the maintenance of other contacts with them.

Personal data are used for communication and advocacy, for the provision of information on training and events, for sending invitations and for studies, surveys and to analyse TELA’s own activities.

The data are not used for commercial purposes.

Basis for the processing of personal data

The processing of personal data is based on the data subject’s consent or on TELA’s legitimate interest.

Categories of personal data concerned

The register contains data on the representatives of the following stakeholders:

  • civil servants employed by the State, municipalities, other public bodies and EU institutions
  • members of the Finnish Parliament, the European Parliament, ministers and their assistants
  • trade unions and employers’ organizations
  • political parties and their organizations
  • youth and pensioner organizations
  • journalists
  • others, such as domestic and foreign universities, research institutes, think tanks and organiza-tions
  • personnel of TELA’s members.

Contents of the register

The following data on the representatives of stakeholders and on the personnel of TELA’s members are stored in the register:

  • person’s name
  • organization represented by the person
  • position in the organization
  • contact details: email address, phone number, postal address and any additional information that may be associated with the contact.

Regular data sources

Personal data are collected from generally available sources. In addition, personal data are obtained from work contacts and the persons themselves, on their initiative and with their consent.

Recipients of personal data

TELA discloses data to a third party that processes personal data (CRM system). The third party is responsible for managing the register in accordance with the personal data processing agreement.

TELA does not disclose personal data for use outside its own activities, except when law requires that.

Period for which personal data are stored, or the criteria used to determine that period

Data are deleted when TELA no longer has any contact with the data subject or the need to store the personal data, or if the data subject requests that the data be erased. It is checked at least once a year that the register is up-to-date.

Controller’s legitimate interest

Management and maintenance of stakeholder relations.

Rights of data subjects

Data subjects have the right to request access to their personal data and the right to request the rectification or erasure of data or restriction of the processing. In addition, data subjects have the right to object to the processing of data on grounds relating to their particular situation, insofar as the processing is based on legitimate interest.

Automatic decision-making

Personal data are not processed automatically, nor are they used for automatic decision-making.

Right to withdraw consent

Data subjects have the right at any time to withdraw the consent they have given to the processing of their personal data.

Right to lodge a complaint to the supervisory authority

Data subjects have the right to lodge a complaint to the Data Protection Ombudsman if they consider that the processing of their personal data violates the General Data Protection Regulation.

Protection of personal data

The register is maintained and protected by various technical and organizational measures. Physical access to information is restricted by access rights.

The third party that processes personal data (CRM system) is responsible for protecting the register in accordance with the personal data processing agreement.

TELA’s data network and hardware are protected by technical solutions, such as a firewall and password protection. We ensure the systems’ fault tolerance and data recovery capabilities.