Privacy Statement

Privacy Statement

Members, volunteers and network 

This privacy notice contains information for data subjects of Fiskars Local History Society (Fiskars hembygdsförening r.f.), in compliance with the Data Protection Act (10 ja 24 §) and the EU’s General Data Protection Regulation (GDPR).

1. Registrar

Fiskars Local History Society/Fiskars Museum

Åkerraden 26 
10470 Fiskars
Finland

2. Contact-person in register-related matters 

Membership Registry of the Society

Cecilia Bruncrona
cecilia@elimo.fi
+358 40 825 4884

The Customer Service, Network and Volunteers Register of Fiskars Museum

Museum Director Emi Ingo
emi.ingo@fiskarsmuseum.fi
+358 45 353 8381

3. Name of registers

The Membership Register of Fiskars Local History Society
The Register of Volunteers of Fiskars Museum
The Customer Service and Network Register of Fiskars Museum

4. Purpose and legal basis for processing of personal data 

The processing of personal data in the register is based on fulfilling the purpose of the Associations Act (503/1989): to keep a membership registry, to create activities to the members, inform members, to collect membership dues and to acquire funding. The information can also be used to document memberships that have ceased.

The purpose of processing the personal data is the administration of volunteers, contacts and spreading information. The purpose of the personal data concerning customers and networks is spreading information and marketing.

Legal basis: 

Associations Act (503/1989) 26.5.1989 https://finlex.fi/sv/laki/ajantasa/1989/19890503 (in Swedish). The Act requires that a membership registry is kept.

The EU’s General Data Protection Regulation, Article 6, paragraph 1f. In some cases, processing of personal data is mandatory to ensure the interests of the data subject. For example, to inform the customers and network of the Fiskars Museum about events, services, news or other matters of public interest.

The EU’s General Data Protection Regulation, Article 6, paragraph 1a. When the data subject has given his or her consent for the processing of the personal data for one or several specific purposes.

5. Register data content

The registrar processes personal data such as:

  • first name and surname, date of birth and mother tongue 
  • postal address, e-mail address and telephone number 
  • information about the membership, its duration and the payment of membership dues
  • information about electronic communication

The registrar decides on regular basis, with respect to prevailing legislation, which is the most appropriate way of storing the personal data. Membership data and information about partners of co-operation is stored for the duration of the contract or membership, and expires at the latest 10 years after the agreement has ceased. Information that has been collected with the consent of the data subject is stored until further notification of its removal.

6. Standard sources of information and data contents

The information has, for example, been collected by the registrar as a result of membership enrolment, when the data subject has handed over personal information to the registry or started working as a volunteer. As far as networks are concerned, information can also be gathered from reliable public sources.

7. Information transfer, disclosure and recipients 

Fiskars Local History Society transfers information only to those service providers that are needed, such as  the technical support of the registry, for billing members for membership dues or other fundraising causes, for communicating with members and networks, to produce activities for members and to support administrative services of the Society.

No personal data is transferred outside the EU or the EEA. 

8. Principles of register protection

Electronically processed material:

Personal data is collected in databases which are protected by firewalls, passwords and other technical means. The data is handled only by authorized personnel. Each user has been issued a unique user name and password to the system. Work stations and equipment used for storing the personal data or where security copies are, are password-protected.

The personal data has not been classified as secret, though it is not publicly available.

Manually processed material:

The material is kept at Fiskars Museum or in private quarters of board members or the register-controlling person’s home in supervised and locked spaces.

9. Third-party

We use services provided by a third-party. The third-party organizations have been carefully selected with regard to their compliance with the EU’s General Data Protection Regulation (GDPR). These third-parties are in the Unites States and they comply with the EU-US Privacy Shield Framework adopted to the EU’s Privacy Statement. The services provided may include cookies to optimize site functionality and to give the best possible user experience, to market or contact other third-party.

Familiarize yourselves with the use of cookies here.

9.1. WP Engine

Hosting services of the website are provided by WP Engine. WP Engine is committed to comply with the EU’s Privacy Statement. WP Engine offers 24/7 protection to websites, HTTPS-protection, regular updates, storing of personal data in databases which are protected by firewalls, encryption. The access to the databases is limited to authorized users only.

Read more of WP Engine and the terms here.

9.2. Google Analytics

Google Analytics Service is used to track website traffic. The service stores cookies from the user’s platform, for example, to track and report website traffic. The information may also be used to create sales and marketing forecasts. Cookies are files stored on the computer designed to hold a small, specific amount of data about a specific website or client. Cookies often contain an anonymous, personal identification code enabling the service provider to identify and count the number of clients using the interface.

More information about the terms of Google Analytics is found here.

9.3. Manage the use of cookies

You can easily remove any cookies that have been created in the cookie folder of your computer browser or by changing the browser’s cookie settings. Disabling the cookies can affect the user friendliness of our website. Please learn how we use cookies here.

10. Right of inspection

A data subject has the right to request the controller:

  • to provide access to personal data concerning him or her and information on how this data is used 
  • to review information concerning him or her stored in the database 
  • to demand that data stored on him or her is corrected if wrong
  • to remove information, provided that there is a legal ground 
  • to withdraw a consent or object to the processing of the personal data based on the consent of           the data subject 
  • to object to the processing of the personal data or to demand restrictions on it 
  • to lodge a complaint to the supervisory authority regarding his or her personal data

11. Changes in data protection

The information of this Privacy Statement can be amended according to changes in the activities or in legislation.

Updated 30.9.2020

Privacy Statement 
Administration of Collections


This privacy notice contains information for data subjects of Fiskars Local History Society, in compliance with the Data Protection Act (10 ja 24 §) and the EU’s General Data Protection Regulation (GDPR).

1. Registrar

Fiskars Local History Society /Fiskars Museum/Pohja Local History Archive
Åkerraden 26 
10470 Fiskars
Finland

2. Contact person in register-related matters 

Amanuensis Maria Ollikainen
maria.ollikainen@fiskarsmuseum.fi
+358 45 353 8391

Pohja Local Historical Archive, archival register

Archivist Robert Louhimies
arkivet@fiskarsmuseum.fi
+358 44 050 0854

3. Name of register

The register of Fiskars Museum’ s Collections
The register of Pohja Local Historical Archive

Forms of register:

Electronically processed material:

Electronicsystem: WebMusketti, data collection software.

Manually processed material: donations, loan requests, old files and diaries, requests for images and photographs, images arranged according to site or use, archival material.

4. Purpose and legal basis for processing of personal data 

The processing of personal data in the register is based on the necessity to handle the collections of the Museum and the archives and fulfilling the purpose of Museums Act (1992).

Legal basis: 

Museums Act (1992/729), Amendments 1996/1166, 1998/644, 2005/877 and decrees of the Finnish Government on Museums 2005/1192

The EU’s General Data Protection Regulation, Article 6, paragraph 1e, according to which the processing of personal data is necessary in tasks of public interest.

5. Register data content

The registrar processes personal data in the handling of the collections related to items, images and archival material. The following data is stored in the system:

  • name, sex, date of birth and death 
  • place of birth and residence 
  • education, occupation and title 

The registrar may also process personal data in the handling of the collections such as: 

  • information about donators such as name, address, telephone number, e-mail address, date of birth and place or occupation 
  • information about loan requests such as names, addresses, telephone numbers and e-mail addresses. 
  • information about who handled the request.
  • information about who logged in the database WebMusketti such as name, work title and the employment.

Personal data is retained permanently. The information is not public. 

6. Standard sources of information

The information has been collected by the registrar as a result of the work of the Museum or research, documents or archival information, and has in many cases been collected from the customers themselves or received via donations. Personal data inserted in the WebMusket database originates with the data subject.

7. Information transfer, disclosure and recipients 

As a rule, no information is disclosed to third-parties. No personal data is transferred outside the EU or the EEA. Personal data may be transferred to researchers or to customers conducting research in the Museum’s collections system.

8. Principles of register protection

Electronically processed material:

Personal data is collected in the WebMusket database and is protected by a firewall, passwords and other technical means. This data is handled only by authorized personnel. Each user has been issued a unique user name and password to the system. Authorization to the system is granted by the main user responsible for the handling of the museum’s collections systems.

The personal data has not been classified as secret, though it is not publicly available.

Manually processed material:

The material is kept in locked and restricted areas.

9. Right of inspection

A data subject has the right to request the controller:

  • to provide access to personal data concerning him or her 
  • to review information concerning him or her stored in the database 
  • to demand that data stored on him or her is corrected if wrong
  • to remove information provided that there is a legal ground 
  • to withdraw a consent or object to the processing of the personal data based on the consent of the data subject 
  • to object to the processing of the personal data or to demand restrictions to it 
  • to lodge a complaint to the supervisory authority regarding his or her personal data

10. Changes in data protection

The information of this Privacy Statement can be amended according to changes in legislation.

Updated 30.9.2020