Privacy statement for the blood donor app
The Donor app is a service provided by the Finnish Red Cross Blood Service (hereinafter the Blood Service) for everyone registered with the Blood Service as a blood donor and anyone else who can use strong identification, which is required to register for the service. Examples of strong identification methods include personal online banking credentials and mobile certificates.
Why is my data being collected?
The Donor app enables people in the Blood Service’s blood donor register to process their own data. In addition, all app users may book appointments to give blood. Personal data is collected to enable this service to be provided.
What data is collected about me?
New blood donors (who are not yet in the register of blood donors) are asked to provide their personal ID code and name to enable the Donor app to be provided.
How is my data obtained?
The app does not collect any new data from people already in the register of blood donors. The app processes the data in the register of blood donors. The information required for new, unregistered app users is collected using strong identification when the app is first used.
The Donor app processes personal data on the basis of the user’s consent.
For what purposes are my personal data used?
When you first use the Donor app, your personal ID code and name are used to set up a customer relationship and enable communication between you and the Blood Service.
The Donor app shows users their health data from the blood donation register. These data are processed in accordance with the privacy statement of the blood donor register.
The terms of use of the service include a detailed description of the app’s functionality, such as the use of cookies.
The Blood Service uses Google Analytics (GA4) to analyse use of the app and to collect information about user behaviour on the app. The Service collects information such as application usage time, device data, page visits, and button presses within the application. This information helps to improve app functionality and develop the user experience. Tracking takes place anonymously and the Service does not collect or store any personal data, such as information about donations or blood group.
Can my personal data be shared with others besides the FRC Blood Service? If so, why and whom?
Service providers are not entitled to process your data for any other purpose or to store them after their contractual use.
The Blood Service collects information about app usage and visitor traffic in Google Analytics (GA4). Personal data is not collected or transmitted to the Service; only anonymous information about e.g., the number of downloads, page visits, and button presses is collected.
Can my personal data be shared with parties outside of the EU?
No
How does the FRC Blood Service protect my personal data?
Employees of the Blood Service and service providers are obliged to maintain confidentiality. Access to the Donor app’s personal data file is restricted by means of user accounts to those who need to access the register data to perform their duties. The processing of data is restricted by our contracts with service providers.
Data in the filing system and the processing thereof are a part of regular information security audits and risk assessments. We use a tool to continuously monitor access to the register and to report and investigate incidents.
Can my personal data be used for profiling or automated decision-making?
The data collected by the app are not used for profiling or automated decision-making.
For how long is my data stored?
The strong identification data about new app users who were not in the Blood Service’s register of blood donors is retained until the person is registered in the blood donor register, logs out of the app, or stops using the app. The maximum retention period is 13 months.
Rights of data subjects
You can request access to your personal data using the data request form
and request potential rectification of your personal data using the request for rectification form.
Can I challenge the use of my personal data?
If you feel that the processing of your personal data is not lawful, you may lodge a complaint with the competent supervisory authority.
Contact information
Finnish Red Cross, Blood Service
Härkälenkki 13
FI-01730 Vantaa
Tel. +358 (0)29 300 1010
Manager of the personal data file:
Johanna Castrén, Head of Blood Donation Operations.