top of page
  • YouTube
  • Wix Facebook page
  • Instagram
  • X
  • LinkedIn
  • Whatsapp

GDPR & Data Protection

CCE Finland is committed to protecting the privacy, confidentiality, and security of personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable data protection laws. We process personal data responsibly, transparently, and lawfully, ensuring that the rights of individuals are respected at all times.

This policy explains how CCE Finland collects, uses, stores, and safeguards personal data across its services, programs, and digital platforms.

Commitment to Data Protection

CCE Finland recognizes the importance of data protection as a fundamental right. We implement appropriate technical and organizational measures to ensure that personal data is processed securely and only for legitimate educational, professional, and operational purposes.

Our data protection practices are guided by the principles of:

  • Lawfulness, fairness, and transparency

  • Purpose limitation

  • Data minimization

  • Accuracy

  • Storage limitation

  • Integrity and confidentiality

  • Accountability

Personal Data We Collect

CCE Finland may collect and process the following categories of personal data:

  • Name, contact details, and professional information

  • Institutional or organizational affiliation

  • Registration and application details for programs, events, and accreditation

  • Communication records and correspondence

  • Website usage data (cookies, analytics, IP addresses)

  • Access to CCE’s Learning Management Systems (LMS)

  • Payment and invoicing information (where applicable)

Personal data is collected only when necessary and relevant to the services provided.

Purpose of Data Processing

Personal data is processed for legitimate purposes, including:

  • Delivering educational programs, training, and services

  • Managing accreditation, certification, and membership processes

  • Organizing events, conferences, and professional development activities

  • Communicating with participants, partners, and stakeholders

  • Maintaining administrative, legal, and contractual obligations

  • Improving website functionality and user experience

Legal Basis for Processing

CCE Finland processes personal data under one or more of the following legal bases:

  • Consent provided by the data subject

  • Performance of a contract

  • Compliance with legal obligations

  • Legitimate interests pursued by CCE Finland, where such interests do not override individual rights

Where consent is required, it may be withdrawn at any time.

International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), CCE Finland ensures that appropriate safeguards are in place, such as standard contractual clauses or equivalent protection mechanisms, to maintain GDPR compliance.

Data Sharing and Third Parties

CCE Finland does not sell or misuse personal data. Data may be shared with trusted third parties only when necessary to deliver services or comply with legal obligations. These parties include:

  • Technology and service providers

  • Payment and administrative service providers

  • Event and training partners

All third parties are required to comply with GDPR and maintain appropriate data protection safeguards.

Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or to meet legal, regulatory, or contractual requirements. When data is no longer required, it is securely deleted or anonymized.

Rights of Data Subjects

Under GDPR, individuals have the right to:

  • Access their personal data

  • Request correction of inaccurate or incomplete data

  • Request deletion of personal data (right to be forgotten)

  • Restrict or object to data processing

  • Request data portability

  • Withdraw consent at any time

Requests related to data rights can be submitted using the contact details below.

Data Security

CCE Finland employs appropriate technical and organizational security measures to protect personal data against unauthorized access, loss, misuse, or disclosure. These measures include secure systems, access controls, and regular data protection reviews.

Cookies and Website Analytics

CCE Finland’s website may use cookies and analytics tools to improve functionality and user experience. Users can manage cookie preferences through their browser settings. Detailed information about cookie usage may be provided separately in a Cookie Policy.

Changes to This Policy

CCE Finland reserves the right to update this GDPR & Data Protection policy as required by legal, regulatory, or operational changes. Updates will be published on the website and become effective upon posting.

bottom of page