Privacy Policy

Read how Muslim Professionals Network ry collects, uses, stores, and protects personal data.

Muslim Professionals Network ry - Privacy Policy

Updated 31 March 2026

1. Name of the Register and Data Controller

The register is named: Muslim Professionals Network ry Member Register. Muslim Professionals Network ry, info@mpnsuomi.fi

2. Contact Person for Register-Related Matters

Mustafa Aal-sahek, Board Member, Technology and Community Lead, info@mpnsuomi.fi

3. Data Subjects

The member register consists of the association's individual members.

4. Legal Basis and Purpose of Personal Data Processing

The processing of personal data is based on the consent given by the individual upon joining as a member. Personal data is collected for the purpose of maintaining the member register and communicating association activities to members.

5. Personal Data Processed

The member register collects the individual's name, email address, and phone number. Personal contact details are not shared with third parties without the individual's consent.

6. Regular Sources of Data

Data is collected through electronic membership applications and separate questionnaires. Data may also be added to the member register via verbal or written request. Written applications are archived in a password-protected electronic file.

7. Disclosure and Transfer of Data

Member register data is disclosed only to the association's board. Data is not generally transferred outside the EU or EEA. The association does, however, use the following third-party services, which may store data outside the EU and EEA in accordance with their terms of use:

  • Google Inc. (Google Forms, Google Drive) - member register management
  • Stripe Inc. - membership fee processing

8. Data Security

Digitally processed personal data is appropriately secured and stored in the association's register, with access restricted to individuals who require it for their duties. Personal data is protected from unauthorised access and its use is monitored.

9. Retention Period

Personal data is retained for the duration of membership. Where an individual has participated in a project or similar activity involving, for example, participant lists, the data is retained in accordance with the archiving requirements of that project.

10. Data Processors

The member register is maintained in a password-protected Google Drive folder. Data is processed only by individuals who have access to the association's register by virtue of their duties. Where necessary, we may partially outsource the processing of personal data to a third party, in which case we ensure through contractual arrangements that personal data is processed in accordance with applicable data protection legislation.

11. Automated Decision-Making and Profiling

The association does not engage in automated decision-making or profiling.

12. Rights of Data Subjects

Every data subject has the following rights regarding the processing of their data:

  • Right of access - the right to inspect personal data stored in the register. If the data contains errors or omissions, the data subject may request that it be corrected or supplemented.
  • Right to object - the right to object to the processing of personal data if the data subject considers that the data has been processed unlawfully or without proper authority.
  • Right to erasure - the right to request the deletion of data stored in the register. The data subject also has the right to restrict the processing of their data.
  • Right to data portability - the right to transfer their data from one system to another.
  • Right to lodge a complaint - the right to file a complaint with the Data Protection Ombudsman if the data subject considers that applicable data protection legislation has been violated.

The data controller may refuse to comply with a request to object or erase only on grounds provided by law. If the data controller does not comply with the data subject's request, the data subject has the right to lodge a complaint with the Data Protection Ombudsman. The data subject also has the right to request that the processing of disputed data be restricted until the matter is resolved.

13. Contact

All enquiries and requests concerning this policy should be submitted in writing or in person to the contact person named in section 2.

14. Changes to the Privacy Policy

If we amend this policy, changes will be shown in the policy with dates. If the changes are significant, we may also communicate them by other means, such as by email or by posting a notice on our website. We recommend checking our website regularly and taking note of any updates to the policy.