Published 25.11.2025.
The Finnish Innovation Fund Sitra (business ID 0202132-3)Address: Itämerenkatu 11–13, PO Box 160, 00181 Helsinki, FinlandTelephone: +358 294 618 991
Contact the data protection officer: kirjaamo@sitra.fi
We process personal data when we organize training courses, invite participants, deliver materials, collect feedback, and develop our training activities. We communicate with participants before, during, and after training. We also invite course participants to alumni events.
We may also process personal data for the purpose of organizing training-related travel.
We compile statistics on participation and report on our activities as part of Sitra’s impact assessment work. We also prepare and deliver certificates of participation in training to participants.
Personal data is not processed by means of automated decision-making.
Personal data is processed on the basis of the legitimate interest of the controller.
As part of our training activities, we may process the following personal data:
We receive data when you register for training.
Data collected in the register is retained only for as long as necessary and to the extent required in relation to the original or compatible purposes for which the personal data was collected.
The personal data collected for the purpose of providing training, such as passport/ID card details, dietary restrictions, and details of any assistants or close relatives, will only be stored for as long as is necessary to provide the training in question.
Sitra training alumni data (name and organization, training name and number) will be stored indefinitely, but for no longer than 30 years after the training has ended.
Course participant lists and photographs will be archived in accordance with Sitra’s information management plan.
We only disclose data to third parties when necessary, for example to travel agencies for the purpose of arranging travel or issuing access passes.
The personal data contained in the register may be transferred outside the EU or EEA. Any such transfer shall comply with the European Commission’s standard clauses or otherwise ensure that the transfer is carried out in accordance with the General Data Protection Regulation.
The databases containing personal data are located on servers that are kept in locked, secure facilities and can only be accessed by authorised individuals whose duties require such access. The servers are protected by a firewall and other appropriate technical safeguards.
Any physical data material containing personal data is kept in locked, secure facilities and can only be accessed by authorised individuals whose duties require such access, and who process this personal data as part of the performance of their duties.
The databases and systems can only be accessed with separately issued personal usernames and passwords. Sitra has restricted the access rights and authorisations to data systems and other storage media so that the data can only be accessed and processed by individuals whose duties require it for lawful processing purposes. In addition, the database and system transactions are registered in the logs of Sitra’s IT systems.
Sitra’s employees and other personnel are bound by a confidentiality obligation and are required to keep confidential any information received in connection with the processing of personal data.
The processing of sensitive personal data is permitted and technically enabled by user management tools only for specifically selected and limited persons who, due to their work duties, need to process such data on behalf of Sitra, for example in connection with travel arrangements.
You have the right to:
Please send requests concerning the exercise of your rights to Sitra’s registry by email to kirjaamo@sitra.fi
Data subjects have the right to lodge a complaint with the Office of the Data Protection Ombudsman if they consider that the processing of their personal data violates the EU General Data Protection Regulation.
We reserve the right to update this privacy policy by notifying any changes on our website. The updates may, for example, be based on changes in legislation.