Data protection policies at Helsinki Business College Ltd

Helsinki Business College Ltd
Rautatieläisenkatu 5
00520 Helsinki
Business ID: 2162576-3


Helsinki Business College Ltd complies with the requirements made by the European Union’s General Data Protection Regulation (2016/679 EU), later referred to as GDPR, as well as the legislation and acts related to it. Taking care of data protection is a part of responsible actions, risk management and the principles of work at Business College Helsinki. This policy creates general guidelines on how to ensure data protection at our college. We strive to ensure the protection of the rights of, and the data related to our students, staff and clients in compliance with GDPR and other legislation. In protecting the data with especially pay attention to data security, to limiting the access to personal information, and to protecting personal information from misuse. Additional information can be found from the data protection descriptions produced by Helsinki Business College Ltd.

Data protection description

As required by the law and regulations, Helsinki Business College Ltd administers the description of the data handling actions it is responsible for.

Informing the registered individuals

The register is held by Helsinki Business College Ltd, with the purpose to allow Helsinki Business College Ltd to use the personal information gathered in the register. The registered subject is provided with the information required by the law, or information otherwise necessary when the data is collected, and by other means, if possible.

The current valid data protection policies are published on the bc.fi website, and the policies are updated when necessary. Additionally Helsinki Business College Ltd provides internal guidelines about data protection and data security.

Acquiring and handling the data

Registering personal data is based on the consent of the subject, or on other basis defined by law. Personal data will only be handled for justified purposes, and only to the extent and length necessary for the purpose. The accuracy of the data is ensured by using the subject in question as a source of information, or by using other reliable sources. When the data is no longer needed for the justified purposes, the data will be destroyed appropriately.

Data protection is addressed in the contracts signed between Helsinki Business College Ltd, its partner organisations and its service providers. Helsinki Business College Ltd ensures that its staff is trained about the requirements of GDPR. Helsinki Business College Ltd ha nominated a member of staff as the person responsible for data protection, to provide help and guidance in all matters related to GDPR.


The data collected is used for the purpose described when collecting them, within the boundaries set by legislation. The data collected may only be passed on under the following conditions: the grounds for passing on the data have been precised for the subject or mentioned in the legislation; and the parties receiving the data have been precised for the subject, or mentioned in the legislation. Some of the data will be stored within the EU, outside of the country of location of the register keeper (Finland).

The rights of the registered subject

The subject has the right to request access to the data collected on them, the right to request the data on them to be rectified or removed, the right to request restricting the processing of the data on them, and the right to object to processing the data on them. The right to erasure does not expand to the personal data collected by Helsinki Business College Ltd to carry out a task assigned to them in legislation, to ensure public interests, or the data which must be kept under some other obligation.

Responsibilities

Helsinki Business College Ltd controls the compliance of GDPR within the organisation by internal monitoring, and by providing guidance. Helsinki Business College Ltd provides instructions to execute the necessary technical and organisational actions in the organisation. Each member of staff is responsible for ensuring data protection in their own work, and for their own part.

Additional information:

Jouni Virtanen, person responsible for data protection
+358 9 1489 0200 (switchboard)
tietosuoja@bc.fi