Sign up to receive updates:      

SEARCH
BY REGION

SA AF NA OC AS EU

SEARCH


How to search
REGISTER & PRIVACY POLICY

This is the Personal Data Act (Articles 10 and 24) of the Global Forest Information Service (GFIS) Information Provider Partners Register and the EU General the Register and Privacy Statement in accordance with the Data Protection Regulation (GDPR). Created on 13.09.2018.

Last change 14.09.2018.

1. Registrar

GFIS Coordination Unit
International Union of Forest Research Organizations
Marxergasse 2
A-1030 Vienna, Austria
Tel.: +43-1-877 01 51-0
Email: office(at)iufro.org
Internet: www.iufro.org

2. The contact person responsible for the register

Eero Mikkola, GFIS Coordinator, mikkola@iufro.org, +358 50 3912140

3. The name of the registry

Global Forest Information Service (GFIS), www.gfis.net

4. Legal basis and the purpose of processing personal data

The legal basis for the processing of personal data is the EU's general data protection regulation the legitimate interest of the controller (customer relationship). The purpose of processing personal data is to provide the service to promote the information of the partner organization. Information is not used for automated decision making or profiling.

5. Information content of the register

The information to be stored in the register is: person's name, company /organization, contact information (phone number and e-mail address) and web site addresses. The information will be retained as long as the information provision to the GFIS gateway is valid. Unnecessary data will be deleted every five years.

6. Regular sources of information

The information stored in the register is obtained from the customer, among others. posted on www-forms messages, email, telephone, social media services, contracts, customer meetings and other situations in which the customer disclose their information.

7. Regular transfer of data and transfer of data to the EU or outside the EEA

Information will not be disclosed to other parties on a regular basis.

8. Principles of registry protection

Careful handling and handling of the information systems is required when processing the registry the data is properly protected. When register information is stored on Internet servers, they are stored the physical and digital security of the hardware is properly handled. The controller shall ensure that the stored data, server access rights, and other information that is critical to the security of personal data is treated confidentially and only by the employees whose work they belong to.

9. The right of inspection and the right to demand correction

Everyone in the register has the right to check his/her data stored in the register and to demand the correction of any inaccurate information or the completion of incomplete information. If a person wishes to check the data stored on him or to request a correction, request should be sent in writing to the registrar. The controller may request a request if necessary prove to prove his identity. The controller is responsible for the customer in the EU Privacy Policy within a specified time (usually within one month).

10. Other rights related to the processing of personal data

A person in the register has the right to request the removal of personal data relating to him ("right to be forgotten"). Also, there are other EU-registered persons registered rights under the Data Protection Regulation such as limiting the processing of personal data in certain situations. Requests should be sent in writing to the registrar. The registrar can as appropriate, request the applicant to prove his / her identity. The controller is responsible within the time limit set by the EU Data Protection Regulation (as a rule, the month within).