Last updated: 18.03.2020

This Privacy Notice explains who we are and how we collect, share and use your personal data when you use the International Lipidomics Society ry website in accordance with the General Data Protection Regulation (EU) 679/2016. We also give you information on which privacy rights you hold as a data subject and how you may exercise your rights.

1. Name and address of the controller

The controller of the personal data file is:

International Lipidomics Society ry
Irisviksvägen 31D
02230 Esbo

References in this notice to “Lipidomics”, “we”, “us” or “our” are references to International Lipidomics Society ry.

Contact person for data protection related matters:
Kim Ekroos
Phone: +358 40 744 8997

Please be in contact with the contact person if you have any questions related to data protection at Lipidomics.

2. Personal data processed by Lipidomics

Your personal data is processed by the Lipidomics website when you access the website, register as a user on the website, become a member of International Lipidomics Society ry, use the blog function and subscribe to newsletters.

We process the following personal data about you:

Information about your system and your activity is collected automatically when you access our website/newsletter and, e.g., when you submit a comment on our blog. All other personal data is provided to us by the data subject – you.

The are no other sources of personal data processed in connection with the use of our website.

3. Purposes of and lawful bases for processing

Purposes of processing Categories of personal data Lawful bases for processing
Delivering the website content, optimisation of the content, ensuring the operation of IT systems and cooperation with law enforcement authorities System information Our legitimate interest to provide you with access to our website and to protect our IT systems
Creation of a user account on the website Contact information Performance of an agreement (the terms and conditions of our website and the creation of a user profile)
Processing related to payments Contact information
Payment information
Performance of an agreement (e.g.  you becoming a member of International Lipidomics Society ry)
Newsletter delivery Contact information
Subscription information
Our legitimate interest to inform our members about relevant matters concerning our activity
Newsletter optimisation Activity information Our legitimate interest to develop and optimise the content of our newsletter
Social and interactive functions of our website Contact information
Activity information
System information
Our legitimate interest to enable social and interactive functions on our website and make it possible for you to use them

Where the processing is based on an agreement between you and International Lipidomics Society ry, it is not possible to use the services concerned without the provision of the requested personal data.

4. Cookies

The website of the International Lipidomics Society uses cookies. Cookies are text files that are stored in a computer system via an Internet browser. Through the use of cookies, the International Lipidomics Society ry can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

The cookies are stored in your browser based on your consent. You can revoke your consent at any time in your browser settings. Should you choose not to consent to the use of cookies, not all functions of our website may be entirely usable.

Some of our cookies are associated with the analytics service provided by Google. These cookies are used to collect information about how visitors use our website and helps us improve our website. It is not possible to identify specific visitors by the information collected by cookies. For additional information concerning Google Analytics cookies, see

5. Retention of personal data

Your personal data is stored only as long as it is necessary for the purposes described above and as long as it is required in order to comply with statutory requirements.

Should you require additional information concerning the retention periods related to personal data, please do not hesitate to contact us at the telephone number or the e-mail address mentioned above.

6. Automated decision-making and profiling

We do not use automatic decision-making or profiling in the processing of personal data.

7. The recipients of personal data

Our website is hosted on the servers of Cloud City Oy, which acts as a processor for all of personal data processed in connection with the use of our website. For the purpose of membership payments, we use Stripe as our payment service provider. For this reason, Stripe receives your contact and payment information when you make a membership payment through our website. We have data processing agreements in place with our contractual partners who process personal data on our behalf to ensure the safe transfer and disclosure of personal data.

Our site has integrated social plugins from Twitter and LinkedIn. If you are logged into Twitter or LinkedIn, some of your personal information will be transferred to these companies (e.g., the information concerning you visiting our website), and the content of the plugins will be customised personally for you. This privacy notice does not cover how Twitter and LinkedIn process your personal data. You can find additional information concerning your privacy in these services below:

8. Transfers outside the EU/EEA

When submitting your payment information, this information may be transferred by Stripe to the United States based on the EU-US Privacy Shield Framework. You can find more information on the Privacy shield framework here:

There are no other transfers of personal data outside the EU/EEA.

9. Rights of the data subject

Under the General Data Protection Regulation, you are granted the rights listed below. The rights granted to you in each specific case depend on the legal basis used for each of the processing activities.

Should you wish to use your rights as a data subject, please be in contact with us and we are happy to assist you further. We may have to request some additional information in order to confirm your identity and fulfil your rights.

  1. Right to be informed about the processing – you have a right to be informed about how we store and use your personal data.
  2. Right to access personal data – you have a right to obtain information about whether we are processing your personal data. If your personal data is being processed, you have the right to access to your personal data.
  3. Right to have inaccurate personal data rectified – should any of your personal data be inaccurate or incomplete, you have a right to have it rectified. If your data has been shared with third parties, we will take reasonable steps to inform them of the rectification, where possible.
  4. Right to withdraw data protection consent – you may, at any time, withdraw your consent to processing of your personal data.
  5. Right to have personal data erased (the right to be forgotten) – in certain cases, you have a right to request that some of your personal data processed by us is erased.
  6. Right to object to processing of personal data –in certain cases, you have a right to object to processing of your personal data being carried out by us (for instance, if we are processing personal data based on legitimate interests).
  7. Right to restrict processing of personal data in certain circumstances – in certain cases, you have a right to block the processing of your personal data (for instance, if you are contesting the accuracy of the personal data that is being processed).
  8. Right to data portability – in certain cases where you have provided us with your personal data, you can request to receive a copy of your personal data in a commonly used electronic format.
  9. Right to lodge a complaint with a supervisory authority – you have  a right to lodge a complaint with a supervisory authority in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of your personal data infringes the EU General Data Protection Regulation.