Privacy policy

Who we are

Tornedalens Museum
Address: Torikatu 4, 95400 Tornio
Telephone: +358 50 597 1559
Organisation number: 0193524-6
For privacy-related matters, contact: tornionlaaksonmuseo@tornio.fi

We care about ensuring that you feel safe with how we handle your personal data in accordance with the General Data Protection Regulation (GDPR). The regulation came into force within the EU on 25 May 2018 and replaced the Swedish Personal Data Act (PuL). Through an external service, we collect data about how you browse our website. This is done in order to improve and analyse how our services are used, with the aim of providing you with the best possible user experience.

Read more about your rights and our policy below.

 

What personal data we collect and why we collect it

Media

If you upload images to the website, you should avoid uploading images that contain embedded EXIF GPS location data. Visitors to the website can download and extract any location data from images published on the website.

Cookies

If you have an account and log in to this website, we will create a temporary cookie to determine whether your browser accepts cookies. This cookie contains no personally identifiable information and is discarded when you close your browser.

When you log in, we will also create several cookies to save information about your login and your display preferences. Login cookies are valid for two days, and screen display preference cookies are valid for one year. If you select “Remember Me”, your login cookie will persist for two weeks. When you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be stored in your browser. This cookie contains no personal data and only indicates the post ID of the article you edited. It expires after one day.

If you do not consent to the use of cookies, you can disable cookies in your browser’s security settings. Please note that this may limit the functionality of websites and prevent you from using certain services on the internet.

Embedded content from other websites

Articles on this website may include embedded content (for example videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor had visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with the embedded content, including tracking your interaction if you have an account and are logged in to that website.

Analytics

This website uses the internal analytics service Matomo to collect anonymised statistics about how the website is used.

Matomo is configured without cookies and with IP anonymisation, meaning that no personally identifiable data is collected. The processing is based on our legitimate interest in improving the functionality and user experience of the website. No data is shared with third parties.

 

Who we share your data with

We do not share your data with anyone or sell it to third parties. However, we use third-party providers for hosting and backup services.

 

How long we retain your data

For users who register on our website (if any), we store the personal information they provide in their user profile. All users can view, edit, or delete their personal information at any time (except that they cannot change their username). Website administrators can also view and edit this information.

 

What rights you have over your data

If you have an account on this website, you can request an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to retain for administrative, legal, or security purposes.

 

Additional information

How we protect your data

We use security measures such as firewalls, malware protection, regular updates, and data backups to minimise the risk of unauthorised access.

What data breach procedures we have in place

In the event of a data breach, all users with an account on our website will be notified. We will also contact users who have submitted comments, where applicable. In the case of serious breaches, a report will be filed with the police.