Aalto University Guild of Architecture Privacy Policy
The purpose of this document is to provide information about the privacy principles of Aalto University Guild of Architecture (AK) to those members of the guild who maintain or process personal data registers held by the guild.
The guild currently maintains the following registers:
- Membership Register, PDF: Membership Register
- Event Registration Register, PDF: Event Registration Register
- Register of Guild Officials, PDF: Register of Guild Officials
- Contact Information Register of the Guild’s Board Members and Active Members
This document, along with the privacy notices of the aforementioned registers, is updated annually after the change of the board and officials, but no later than January 31st. The responsibility for updating lies with the chairperson and a board-appointed data controller.
Access Rights to Privacy Registers
Restricting access rights plays a significant role in preventing privacy issues. At the beginning of each term, login credentials are distributed only to the person responsible for a register. In addition, access rights are restricted solely to those individuals who need them for their duties within the guild. The responsible person in our guild is the data controller appointed by the board. Former board members and officials lose their access rights immediately when their term ends, unless it is clear that the person requires access for their new official role. Old credentials must be removed no later than January 31st. Responsibility for updating the information lies with the chairperson, the appointed data controller, and the person responsible for guild communications.
Data Lifecycle
Data stored in the registers is retained only as long as it serves its purpose. The membership register contains only information about the guild’s current members, and data is deleted once their membership is terminated. In the case of the event registration register, data is deleted when it is no longer needed for the event for which it was collected. For example, for typical sitsit, this usually means about one month, after all necessary arrangements have been handled. However, anonymous data may still be collected from participants, such as the number of attendees, the number of special diets, and other details not linked to personal register data. Such data is stored in a separate register.
Technical Safeguards for Privacy
In addition to access rights, attention is paid to the technical implementation of the registers. Data is stored only in electronic form on reliable third-party internet servers that comply with EU data protection legislation. For the event registration register, information about a participant’s special diet is stored if it is necessary for organizing the event. The wording here is important, since for example allergy information is considered sensitive personal data, whereas special diets may be regarded as normal personal information. Only relevant individuals, such as event organizers, have the right to view registration data.
Right of the Individual to Request and Correct Their Data
Every individual listed in a register has the right to review their stored personal data and request corrections. Since the Guild’s registers contain only very limited information about individuals, retrieving data from the membership register, event registration register, or register of guild officials can be done within a reasonable timeframe. Data is primarily provided in the same format as the request was received. For example, information requested by email is provided electronically. The data controller must respond to the individual within the timeframe set by the EU General Data Protection Regulation (typically within one month). If necessary, the data controller may request that the individual verify their identity or specify their request for review.
NOTE: The English version of our Privacy Policy has been translated with the help of artificial intelligence (ChatGPT) and has been edited and reviewed by the Board of the Guild of Architecture.