top of page

Privacy Policy

Register Controller

Controller of the register is Kauklahden kamarimusiikkiyhdistys / RADALLA-festivaali ry

Business ID: 3355020-1

Address: Kylä-Bisa 5 A 02780 Espoo

Email: radallafestivaali@gmail.com

 


Purpose of Processing Personal Data

Personal data are processed for the following purposes:

  • Ticket sales for events

  • Processing of payment transactions

  • Customer service and communication

  • Information related to events
     

The customer has the right to prohibit direct marketing (newsletter).
 

The register controller processes the data themselves and also uses subcontractors who act on behalf of the controller in processing data.

 

Contents of the Register

The register may contain all or part of the following information:

  • Name

  • Address

  • Phone number

  • Email address

  • Payment details

 

Legal Bases for Processing

The legal bases for processing personal data, according to the EU General Data Protection Regulation (GDPR), are:
 

  1. The data subject has given consent for one or more specific purposes (GDPR Art. 6(1)(a)).

  2. Processing is necessary for the performance of a contract in which the data subject is a party, or for pre‑contractual measures taken at the data subject’s request (GDPR Art. 6(1)(b)).

  3. Processing is necessary for the legitimate interests of the controller or a third party (GDPR Art. 6(1)(f)).


The controller’s legitimate interest is based on a meaningful and appropriate relationship between the data subject and the controller, arising because the data subject is a customer of the controller, and the processing occurs for purposes the data subject could reasonably expect at the time of collection.

 

Retention Period of Personal Data

Data collected in the register is retained only as long as necessary for the original purposes for which they were gathered. The data is deleted no later than five years after the customer relationship with the controller has ended and all related obligations and actions have been completed.

 

Disclosure of Personal Data

Personal data may be shared with service providers located outside the EU/EEA. These providers are:

  • wix.com

  • facebook.com

  • google.com

 

Security Principles for the Register

Materials containing personal data are stored on password‑protected servers. The controller commits to taking necessary safeguards to ensure security (firewall, antivirus protection, security updates).
 

The controller also commits to confidentiality and will keep secret any information received in the course of processing personal data.

 

Rights of the Data Subject

Under GDPR, the data subject has following rights:
 

  • Right to access their data and obtain information about its processing.

  • Right to rectification of inaccurate data.

  • Right to erasure (the “right to be forgotten”) when the data is no longer necessary.

  • Right to restriction of processing, e.g., when the accuracy of the data is uncertain.

  • Right to withdraw consent for processing.
     

For exercising these rights, the data subject can contact radallafestivaali@gmail.com.

 

Web Analytics

The following services collect anonymised information about site visits without personal data:

  • Google Analytics

  • Meta

bottom of page