The Privacy Policy of the Guild of Architecture
The EU’s General Data Protection Regulation (GDPR) came into effect on May 25th of
2018, which is why we have compiled information to the members of the Guild of
Architecture as well as for the people attending the events we are organising of how the
personal information is being processed and handled.
The Guild has the following registers:
1. The Membership register PDF: Privacy Notice – Membership register of Aalto-yliopiston Arkkitehtikilta ry (The Guild of Architecture)
2. The Event sign-up register PDF: Privacy Notice – event sign-up register of Aalto-yliopiston Arkkitehtikilta ry (The Guild of Architecture)
3. The Guild Active register PDF: Privacy Notice – the Guild Active register of Aalto-yliopiston Arkkitehtikilta ry (The Guild of Architecture)
4. The Guild Board members and Guild Actives contact information register
The Privacy Policy of the Guild of Architecture and Privacy Notices are constantly updated and re-approved each year latest on 31st of January. The controller of the register (who is one of the Guild’s Board members) and the Guild’s chair are responsible for updating the information.
Access rights of the Guild’s registers
To prevent problems in privacy protection, there are limits in access rights of the Guild’s registers. In the beginning of the term the access rights will only be given to the person in charge and additionally to authorized persons of the Guild of Architecture if they have need for the information considering their Guild Active role. The Guild’s person in charge is the controller of the register named yearly by the Guild’s Board.
Retention period of the information in the Guild’s registers
The information shall be stored in the Guild’s registers only for as long as is necessary. The information in the Membership register stores only the information of the Guild’s current members. The information will be deleted immediately if the membership is terminated.
The information of the Guild’s event sign-up register shall be removed when there is no need for it anymore concerning the event where the data has originally been gathered. The information for normal events such as regular sitsis is removed approximately a month after the event when the arrangements or such things have been done. There is a possibility to gather so-called anonymous data about the events’ participants, such as number of participants, number of dietary restrictions and other data which is not linked to the data of the Guild’s registers. This kind of information will be stored in separate registers.
Technical implementation of the Guild’s registers
As a Guild we pay attention to the Guild’s registers’ technical implementation alongside
with the access rights. The information that is stored in the electronic format is only available to authorised persons of the Guild of Architecture. The person’s dietary restictions are gathered to the Guild’s Event sign-up register if the information is necessary for organising the event. The wording is relevant, because allergies are considered sensitive personal data when dietary restrictions are considered personal data. Only the appropriate individuals, such as responsible organisers have access to the event related information containing dietary restrictions.
Right to check and request for corrections in the information
Each member who is in the Guild’s registers has the right to check their personal information that has been saved in the register and demand for corrections if any information is incorrect or missing. The Guild’s registers have only a limited amount of personal information and that is why the search from the Membership register, the Event sign-up register and the Guild Active register is not hard to put into practice in
reasonable time. The information will be primarily handed over in the same format as the request. The controller of the register will answer the requesting party within the time limit specified by the GDPR (primarily within one month). The controller of the register can ask the sender of the request to verify their identity or to specify the request.