Privacy policy

The Finnish Association for Applied Linguistics AFinLa r.y. respects your privacy and processes personal data in accordance with the EU General Data Protection Regulation (2016/679). Personal data can be collected, for instance, when a person registers as a member of AFinLa, or when they sign up for a newsletter.

Personal data is processed on the website only using an SSL-encrypted connection (https://). The data is protected using contemporary organisational and technical systems, and only those people have access to the data who need to in the course of their duties. 

A data subject has the right to review the data concerning them. A request to review the data must be sent in writing to the controller. The controller has the right to verify the data subject’s identity in connection to the request.

A data subject can, at any time, request for their data to be deleted, and unless other legal obligations prevent it, the data should be deleted without unnecessary delay.

On this webpage ( you can find information about the webpage’s cookie policies and visitor statistics, as well the General Data Protection Regulation policy of the Finnish Association for Applied Linguistics.


The AFinLa website uses one cookie, which is essential for the technical functioning of a multilingual website. The cookie ensures the technical functionality of the website, and it is not used for other purposes. 

Cookies are small text-based files that are stored in the user’s device, and they allow the saving of settings that are important for the functionality of the website. The cookies that are necessary for the functionality of the website are always active.

Visitor statistics

Visitor statistics are compiled based on the use of the website, and the statistics are utilised to improve the website. Information is collected, among other things, of the following: from which website the visitor transferred to this site, the time of the visit, from which part of the world the visit came from, and which browser and device were used for the visit. Precise data (regarding where the visit came from) is not acquired.

In the visitor statistics, two last syllables are removed from the visitors IP-address. Statistics do not store cookies on the visitor’s device, and the collected data is not disclosed outside of the association. The visitor statistics are maintained on servers located in Finland, and thus the data is not transferred outside of the European Union area. The data is not connected to other data sources or utilised in marketing.

Content embedded from other websites

The articles on this website may include embedded content (for example videos, images, articles, etc.). Opening embedded content from other sites is comparable to the visitor visiting the sites of these third parties.

These websites may collect information about you, use cookies, embed third party tracking cookies and monitor your interaction with the embedded content, including interaction tracking if and when you are signed into the website as a user.

AFinLa’s general privacy policy

This is the register and privacy policy of the Finnish Association for Applied Linguistics r.y. in accordance with the Personal Data Act (10 and 24§) and the EU General Data Protection Regulation (GDPR). This privacy policy was prepared on June 13th, 2018.

1. Controller

The Finnish Association for Applied Linguistics (AFinLA) r.y.

c/o Centre for Applied Language Studies, P.O. Box 35

FI-40014 University of Jyväskylä


2. Contact person responsible for the register

Maija Lappalainen, treasurer,

3. Name of the register

The membership register of the Finnish Association for Applied Linguistics.

4. Legal basis and purpose of processing personal data

The legal basis of the EU General Data Protection Regulation for processing personal data is the Associations Act (Yhdistyslaki 1989/503), according to which an association must keep a list of its members. The purpose of processing personal data is to keep in contact with the members. The data is used to send out newsletters. In addition to that, information of a valid membership can be delivered to the organisers of the AFinLa Autumn symposium and to the organisers of the AILA World Congress, as paying the AFinLa membership fee is a prerequisite for a reduced conference participation fee. In these cases, no other information in the register is disclosed, except for the membership information. 

5. Register’s data content

Data stored in the register includes a person’s first and last name, mailing address, e-mail address, type of membership, amount of paid membership fee and the date of the payment. The data is stored in the register until the person resigns as a member, or the association terminates the membership based on its rules. 

6. Regular data sources

The data stored in the register is retrieved from bank statements when members pay their membership fees, and in other situations, when a member expressly discloses information for the register (e.g., address changes made by e-mail). 

7. Regular disclosing of data and transferring data to outside of the EU or ETA

Data is not regularly disclosed to third parties. The information regarding the association membership of individuals is disclosed upon request to the organisers of the AFinLa Autumn symposium or the AILA World Congress, so that the organisers can verify the right to a reduced participation fee, which is reserved to the members of AFinLa.

8. The principles for protecting the register

The register is handled with due diligence, and the data processed with information systems is appropriately protected with a password. The controller makes sure that personal data is processed confidentially, and only by those people in the association whose job description so entails.

9. The right to review and request the correction of information

Everyone has the right to receive a confirmation from the controller, regarding whether they are listed in the membership register. The data subject has a right to review their information stored in the register and demand the rectification of potentially incorrect information or the supplementation of incomplete information. If the data subject wants to review their information or request a correction, the request should be sent in writing to the controller, or by e-mail to the person responsible for the register (contact information in the beginning of this document). The controller may, if necessary, ask the requester to prove their identity. The controller will reply to the requester within the time appointed by the EU General Data Protection Regulation (within a month).

10. Other rights relating to the processing of personal data

The right to restrict data processing

The data subject has a right to restrict the processing of their information in certain situations. This means that the data subject’s information, in addition to storing, can only be processed

  • With their consent,
  • To establish, exercise or defend a legal claim,
  • To protect the rights of another natural person or legal person, or
  • In important matters concerning the public interest of a Union or a Member State.

A data subject has the right to restrict their information processing when:

  • The data subject contests the accuracy of their personal information. In these cases, processing is restricted for a period of time during which the accuracy of the information can be verified by the controller.
  • Processing is unlawful, but the data subject opposes the deletion of the information, and instead demands the restriction of its use.
  • The controller no longer needs the data in question for processing, but the data subject needs it to establish, exercise or defend a legal claim.
  • The data subject has opposed the processing of personal data for other uses than direct marketing, and the issue of whether the interests of the controller override the rights of the data subject is awaiting verification.

The duty to report the rectification of personal data or restriction of processing

The controller must notify each recipient, to whom personal data has been disclosed, of rectification of personal data or the restriction of processing. The controller must notify the data subject of these recipients if the data subject requests it. 

The right to deletion of data

A data subject has the right to have their information deleted from the register only when they are resigning as a member, as the Associations Act obliges associations to keep a list of their members.

11. The right to lodge a complaint to a supervisory authority

The data subject has the right to lodge a complaint regarding an anomaly in the processing of personal data. In Finland, the supervisory authority is the Data Protection Ombudsman. Instructions for submitting a notification can be found at