Privacy Policy

The MERGE project attaches great importance to the responsible and transparent treatment of personal data. Our MERGE Network mailings keep you updated on project news, events and publications.

Below we provide users with information as to who they can contact the MERGE team on the subject of data protection what data is processed when they visit the website what data is processed when users contact us or subscribe to the MERGE Network’s email lists how they can opt out of the storage of data which rights they have with respect to us


Data processing is the responsibility of Demos Helsinki Ry on behalf of the MERGE project.

Mechelininkatu 3d. 


Information on the collection of personal data

When you are asked to submit personal information while using our services, you are free to choose whether or not to provide it. Your personal details will be stored and used in accordance with European data protection regulations.


The website can be used without providing any personal data. Personal data is only processed in the case of a person concerned subscribing to our Network or contacting us.

When visiting the MERGE website, the browser used automatically transmits data that is saved in a log file. The website processes only the data that is technically required in order to display the website correctly and to ensure its stability and security.

Data analytics

With your consent, we will use plugins to analyse and statistically evaluate the use of the website. Cookies are used for this purpose. The information obtained about website use is transmitted exclusively to our servers and summarised in pseudonymous usage profiles. We use the data to evaluate the use of the website. The data collected is not passed on to third parties. The IP addresses are anonymised (IP masking) so that an allocation to individual users is not possible.

The data is processed on the basis of Art. 6 Para. 1 S. 1 lit. a GDPR. We are thus pursuing our legitimate interest in optimising our website for our external presentation. You can revoke your consent at any time by deleting the cookies in your browser or changing your data protection settings.

MERGE Network and email lists

Personal data is used for the purpose of processing the subscription to each respective email list. After entering the email address, users receive an email containing a link for confirming the authenticity of the address and the subscription (‘double opt-in’). If users do not confirm the registration by clicking on the link contained in the email, the data is deleted immediately.

The legal basis for the processing of data in connection with the dispatch of newsletters is their consent in accordance with Article 6 (1) a GDPR.

The newsletter subscription can be cancelled at any time. If the subscription is cancelled, all personal data is deleted from our database.

Any personal data collected as part of the mailing list subscriptions will be used for the purpose of processing the subscription and dealing with your enquiries. We use Brevo as our e-mail platform. By signing up for the MERGE Network, you acknowledge that the information you provided will be transferred to Brevo for processing in accordance with their terms of use.

User rights

Users have the right to:

To obtain information about their data stored by us (Article 15 GDPR)

To have their data stored by us rectified (Article 16 GDPR)

To have their data stored by us erased (Article 17 GDPR)

To obtain restriction of processing of their data stored by us (Article 18 GDPR)

To object to the storage of their data if personal data are processed on the basis of the first sentence of Article 6 (1) 1 f and e GDPR (Article 21 GDPR)

To receive their personal data in a commonly used and machine-readable format from the controller such that they can be potentially transmitted to another controller (right to data portability, Article 20 GDPR)

To withdraw their consent to the extent that the data has been processed on the basis of consent (Article 6 (1) a GDPR). The lawfulness of the processing on the basis of the consent given remains unaffected until receipt of the withdrawal.

Users also have the right in accordance with Article 77 GDPR to lodge a complaint with the competent data protection supervisory authority. The competent authority is the Finnish Data Protection Ombudsman.

Last updated: March 2024

Scroll to Top