Updated 30th of November, 2023.
Tampere Research Center of Sports Medicine (business ID: 0427806-9)
+358 50 306 2356
Kerttu Toivo, senior physician
Data protection officer
Customer register of the Tampere Research Center of Sports Medicine
Purpose of personal data prosessing
- Organizing and implementing the services of the Tampere Research Center of Sports Medicine
- Planning, implementation and archiving of customer examinations and treatment
- Invoicing of customers and organizations
- Planning and statistics of the registrar’s own activities
- Implementation of regulations and orders issued on private health care activities
Legality of personal data processing
Legislation governing the operation:
- EU General Data Protection Regulation (2016/679)
- Data Protection Law (1050/2018)
- Law on the patient’s status and rights (785/1992)
- Law on Electronic Prescription (61/2007)
- Law on healthcare professionals (559/1994)
- Law on secondary use of social and health data (552/2019)
- Law on Public Administration Information Management (906/2019)
The information in the register is not used for automated individual decisions, including profiling.
Collection of personal data
Our operations consist of various services, so the content of the information collected varies. Personal data is collected and processed to implement our service activities in accordance with various laws and regulations. Necessary information about the following is collected from customers.
- The customer’s name, social security number, home address, phone number and email address
- Customer’s health information and patient information
- Laboratory and other research data Information generated in testing services (test results and other information related to fitness testing)
- Booking and billing information: billing information, delivery information, cancellation information, reservation information
- Data of authors or readers of the information
Data maintenance systems
- Patient information system (Acute, Acuvitec Oy)
- Appointment booking system (Vihta)
- Testing laboratory
- Dynamometer (Biodex)
- Exercise ECG system (GE Case, General Electric)
- Body composition analyzer (Tanita, MC180)
- Flow-volume spirometry equipment (Medikro)
- Respiratory gas analyzer (Vyntus CPX, Vyaire Medical)
The processing of the register’s personal data has been outsourced through an assignment agreement.
The maintenance tasks of the register’s electronic information systems and their servers and application expert support are related to assignments: electronic appointment booking (Vihta) and patient information system (Acute). On behalf of the Tampere Research Center of Sports Medicine, these actors process personal data to the extent required by the contract and to the extent required to perform their duties.
Data sources of the register
- The customer/patient
- Staff, information collected in connection with examinations and treatment, and answers to consultations
With the customer’s consent or in connection with the commission agreement, information can also be obtained from other social and healthcare operational units, for example through the National Health Archives.
Principles of registry protection
The manual material is stored in the locked offices of the Tampere Research Center of Sports Medicine. Only those employees whose job description requires access to the register’s maintenance systems can use them. Part of the register data is stored on a server that is protected by firewalls and other technical means. The server is located in a locked and guarded space.
Transfer of data outside the EU or EEA
Customer data will not be disclosed to third parties without the separate consent of the customer or his legal representative. Personal data will only be used for the purpose mentioned in the section “Purpose of processing personal data”. Upon request, the customer can obtain the information stored about them. Data is not transferred outside the EU or EEA regions.
Rights of the registrant
Every person in the register has the right to check their information stored in the register and demand the correction of any incorrect information, the completion of incomplete information or the deletion of their information. If a person wants to check the information stored about them or demand correction, the request should be sent to Tampere Research Center of Sports Medicine. Persons in the register also have the right to receive notification of a data security breach of personal data.
Mandatory cookies are used to ensure the technical functionality of the online service, and are not used for other purposes. Websites are always operated using a secure connection (HTTPS). The non-mandatory cookies used on the website are visitor tracking cookies. We hope that you also accept non-mandatory cookies, which are used to improve the site. The collected information is not used for marketing.
With Google Analytics, we collect information about how the website is used. We collect information on, among other things, the number of visitors to the site, as well as the browsers and terminals used by visitors. We use this information to develop the site’s content and technical features. The Google Analytics account used on the website uses anonymization of IP addresses to protect user privacy, the data is not shared with other Google services. In the Google Analytics service, data is stored in accordance with Google’s terms and conditions in force at any given time.
The Taula.fi website is implemented with the WordPress publishing system. Muuks Creative is responsible for the service’s technical implementation and user interface design.