Privacy Statement


1. Controller, contact person, and data protection officer

Name of the filing system (register): SURE Tampere project customers
Controller: City of Tampere, Growth, Innovation and Competitiveness, Five-Star City Centre (ID 0211675‐2), PL 487, 33101 Tampere,

Data Protection Officer:
Project Manager
Smart Urban Security and Event Resilience
City of Tampere
+358 50 574 7717

2. Purposes of personal data processing

The lawfulness of data processing is based on the legitimate interests of the controller and data subject’s consent. The register is used to manage and communicate the SURE Tampere project and maintain customer relationships of the SURE Tampere project by the City of Tampere. The register’s data is used to send the SURE Tampere newsletter and inviting partners to events hosted by the SURE, project partners, and the City of Tampere.

3. Data content of the register

Collected data consists of the following information: Name of the organization, name and title, email address, postal address, country, and phone number of the contact person. Events in which catering is provided, information about allergies are collected and the data will be disposed after the event. Data is received from data subjects; enterprises, communities and individuals when executing program’s activities, like co-creation projects, events, meetings and newsletter subscriptions. In addition, data is collected from organizations’ websites, social media and internet search engines that serve as sources of information. If the event is non-public, photographing or other material collecting is announced beforehand. This material, including photos, is used in promotion, marketing, and communication purposes of Smart Tampere and co-operatives.

4. Disclosure of the personal data, Will data be transferred outside EU / EEA?

The personal data can be accessed by the controller i.e. City of Tampere employees, SURE project employees, coordination and stakeholder groups, and relevant personnel of the service providers. The list of invitees and participants is handed over to the events co-producers (Project partners) to send invitations and information about the event. The disclosed data is defined separately in each event’s registration process. Personal data can be transmitted on event co-organizations when the event management requires that.

Personal data will not be transferred outside EU / EEA.

The agreements made with the service providers ensure that the GDPR requirements and other relevant data processing requirements are met, if a service provider is involved with processing.

We will protect your personal data from unauthorized processing, accidental loss, destruction, or damage. The data recipients respectively have the responsibility to process the disclosed data according to the GDPR requirements.

5. Storage limitation

The personal data filled in by the data subject will be retained during the development program period and archived according to the archiving plan.

6. Rights of the data subject

You have the following rights as the data subject:

  • right to receive information on personal data processing
  • right of access (Right to make an information request)
  • right to rectification
    right to erasure (Right to be forgotten)
  • right to restriction of processing
  • right to data portability
  • right to object
  • right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects
  • If you would like to use your rights as a data subject, you need to send a written request to the data protection officer.
  • If you feel your rights have been breached, you have the right to contact a national supervisory authority (Data Protection Ombudsman) to make a complaint (


7. Security of processing

The filing system is protected by infrastructure and access rights. Access is granted only to technical support and employees working for the program.