Description of Data Protection

DESCRIPTION OF DATA PROTECTION

FISE currently uses two parallel procedures:
a) Certifications, for which the new electronic application procedure is used
b) Certifications, for which the old application procedure is used

The description of personal data file gives information concerning both procedures (distinguished as procedure a and b). After a transition period, FISE will aim to make sole use of procedure a from 2019.

Controller

Name: Rakennus-, LVI- ja kiinteistöalan henkilöpätevyydet FISE Oy (FISE Oy)
Business ID:   1806019-1
Address: Lapinlahdenkatu 1 B, FI-00180 Helsinki
Telephone: +358 (0)40 5716 045
E-mail: fise@fise.fi

Contact person and person responsible for matters concerning the personal data file

Name: Marita Mäkinen
Address: FISE Oy, Lapinlahdenkatu 1 B, 00180 Helsinki
Telephone: +358 (0)50 574 5099
E-mail: marita.makinen@fise.fi

Name of data file

FISEn Pätevyyspalvelu (FISE certification service)

Purpose of processing personal data and grounds for maintaining the data file

The data file is a customer register, the purpose of which is to record data concerning the training, work experience and qualifications of persons who have applied for certification via FISE Oy’s certification service.

Statistics may be compiled from the information.

Content of the data file

a) Data is stored in two separate databases:

1. The personal data and data concerning training and work experience provided by the applicant will be stored in the database behind the Pätevyyspalvelu certification service. Personal identification details that are saved are the applicant’s name, personal ID number and contact details (address, telephone number, e-mail).
2. The certification details of a person who becomes certified through the Pätevyyspalvelu certification service will be recorded in both the database behind the Pätevyyspalvelu certification service and in FISE’s certification register, which is a separate database. The certification data will be stored by a clerical employee from FISE or FISE’s secretary organisation.

Personal data stored in FISE’s certification register can be obtained from the Pätevyyspalvelu certification service’s database and such data consists of:

• Name (first name, last name)
• Qualification
• Home municipality
• E-mail address
• Organisation / Company (name), Business ID and website (workplace)
• Person’s certifications, validity of certifications

This data will be published if the person has given their permission to do so.

Furthermore, additional data that is essential with regard to the certification may be stored in the non-published fields of the register. This data can be seen by persons with user rights to the register.

3. The Pätevyyspalvelu certification service database acts as an archive of personal, training, work experience and certification data, where the data is stored for 10 years after the date of the latest certification ends.b) Data will be stored in the following locations:

1. The certification applicant’s application form and the personal, training and work experience data submitted on his or her application form will be stored on the secretary organisation’s server. Personal identification details that are saved are the applicant’s name, date of birth and contact details (address, telephone number, e-mail).
2. Certification data concerning persons who have become certified will be stored on both the secretary organisation’s server and FISE’s certification register, which is a database tailored to FISE’s The certification data will be stored by a clerical employee from FISE or FISE’s secretary organisation.

The following data is stored on FISE’s certification register:

• Name (first name, last name)
• Qualification
• Home municipality
• E-mail address
• Organisation / Company (name), Business ID and website (workplace)
• Person’s certifications, validity of certifications

This data will be published if the person has given their permission to do so.

Furthermore, additional data that is essential with regard to the certification may be stored in the non-published fields of the register. This data can be seen by persons with user rights to the register.

3. The secretary organisation’s locked paper archive or server will act as an archive for personal, training, work experience and certification data, where the information will be stored for 10 years.

Regular sources of data

The data that is stored is obtained from the registered person themselves. Certification entries (information relating to the application process, the certification decision, the validity of the certification) will be added and the certification entries will be updated based on processing and a decision from the certification committee. Certification entries are made by a clerical employee from FISE or FISE’s secretary organisation.

Disclosure of data

The Pätevyyspalvelu certification service contains FISE’s certification register at the website address www.fise.fi, where the public certification data of a certified person is available for viewing by Internet users. Registration details will not be disclosed by the controller for third-party purposes (e.g. managing interest group relationships, marketing and advertising).

Principles of data file protection

User rights to the certification service for editing purposes are held by secretary organisation and office staff participating in FISE Oy’s certification service administration. Each user has their own personal username and password to both databases. The Service providers are responsible for the technical protection and data security of information stored in the certification service.

Right of access and rectification of information on the data file

A person registered with the certification service can check the data stored about them. The person can request the controller to remove their data from the register or to rectify erroneous data concerning them. Such a request for changes to be made must be sent in writing to the controller.