This privacy policy concerns the personal data of subscribers to the Amos Rex Museum’s Generation 2026 exhibition’s open call. This data protection policy notice describes how we process your personal data when you join the Generation 2026 open call subscriber register.

Data controller

Name: Amos Rex AB / Amos Rex
Business ID: 2137480-2
Mannerheimintie 22–24, 00100 Helsinki

Name of register

Amos Rex’s the Generation 2026 open call subscriber register.

Contact person for matters related to the register

Head of Sales, Anna Iso-Ahola,
Mannerheimintie 22–24, 00100 Helsinki

Purpose and legal basis processing personal data

The collected personal data will be used for communicating about the Amos Rex Museum’s Generation 2026 exhibition’s open call.

The legal basis for the processing of data is the registered person’s voluntary, individualised, deliberate and unambiguous consent. The registered has the right to withdraw his or her consent and the subscription to the email at any time.

Data sources

Amos Rex collects the personal data for the purpose of sending the Generation 2026 artwork open call email from the registered person.

Personal data to be processed

We collect the following information from the data subject for the purpose of sending Generation 2026 artwork open call email: e-mail address, person’s first name and surname.

Protection and security of the register

Amos Rex is committed to following sufficient security measures in all its activities to protect personal data.

Right to use the register is limited on the organisational level to viewing the data or updating it to the extent required by the work tasks.

Use of the register requires a user name. The main user also determines the level of user rights. Logging on to the system requires a user password and the system is used through an encrypted SSL connection.

Recipients of personal data

Recipients of the personal data are those third parties to whom the personal data in the register is transferred or handed over, i.e. the data controller and processers of the personal data.

Amos Rex uses data processors to process personal data. The data is collected into the system of service provider WordPress. Amos Rex has made an agreement with WordPress, as required by the data protection regulation, on the processing of personal data as required by the GDPR.

Transferring personal data outside the EU/EEA zone

Personal data is transferred outside the EU/EEA zone when necessary for providing the service. This type of transferrring always takes place in accordance with standard contractual clauses approved by the European Commission.

Storing and removing personal data

Amos Rex will store personal data for the duration of the application period until 31.12.2024. However, the data subject may unsubscribe at any time, in which case their data will be removed.

The destruction will be carried out by technical means and the backups will also be destroyed after the deadline.

Removal of the data takes place through technical means, and backup copies will also be also removed.

Automatic decision making and profiling

Amos Rex does not use data for automated decision making or profiling.

Rights of the registered

The registered has the right to see the saved data on them, demand the correction of possibly false data and completion of incomplete data and to be removed if there is no legal basis for storing the data. The registered also has the right to request for their data to be limited, oppose the processing of their data and the right to transfer their data from one system to another.

The data controller may ask for the presenter of the request to prove their identity. The data controller shall respond to the customer within the time frame stipulated by data protection legislation (primarily within a month).

All data check and correction requests shall be made to the contact person in charge of register matters.

Complaint right

The registered has the right to file a complaint to the supervisory authority if they find that their data has been mishandled. The supervisory authority in Finland is the data protection ombudsman.

This data protection policy has been updated on 22 May 2024.