Why do we process your personal data?
Personal data is used for organizing events, stakeholder cooperation and communication.
Why are we allowed to process your personal data?
The processing of personal data is based on the EU General Data Protection Regulation. Processing of data is based on the realization of a task carried out in the public interest and the consent of the data subject.
In relation to event participation, we also process so-called sensitive information (the information on diet may contain sensitive data). The data subject’s consent is a special reason for processing this data.
Which personal data do we process?
Name, contact information (e-mail, address, telephone number), organisational information, research field/specialist field, dietary information when registering for events.
The data is stored for as long as necessary for the implementation of the service.
How is the personal data required for processing collected?
From the data subject themselves.
Do we use automated decision-making or profiling?
We do not make automated decisions or carry out profiling.
An automated decision means a decision that is used to evaluate the specific characteristics of a person, is based solely on automated data processing and produces legal effects concerning them or otherwise significantly affects them. Some examples of automated decision-making include creditworthiness decisions and profiling.
Profiling refers to automated processing of personal data used to evaluate personal aspects related to an individual, In particular, it refers to the analysis or prediction aspects concerning the person’s performance at work, economic situation, health, personal preferences or interests, reliability or behaviour, location, or movements. Profiling is entirely or partly automated, is performed on personal data, and evaluates personal aspects.
Controller:
The University of Eastern Finland Kuopio
Yliopistonranta 1, PL 1627, 70211 Kuopio
Telephone 0294 45 1111 (switchboard)
Representative of the data controller:
Director of Neurocenter Finland, Eero Rissanen
Contact persons of the data controller:
Coordinator Pirkko Kurvinen
Contact information of the data protection officer:
Data Protection Officer Helena Eronen, tel. +358 (0)294458187, tietosuoja@uef.fi
Transfers of personal data
The newsletter application (Creamailer) used by the National Neurocenter Finland processes personal data related to orders, interests and use analysis (separate agreement has been drafted on this)
Dietary information is transferred to the catering provider in connection with event participation.
Transfer or disclosure of data outside the EU or the EEA and its basis:
As a rule, no personal data is transferred outside the EU or EEA.
How do we secure your personal data?
Information systems used in the processing of personal data are managed in accordance with the University of Eastern Finland’s information security regulations and instructions. In terms of technology, information systems and their user interfaces are protected by methods such as a firewall, and the data in the systems is backed up regularly.
Access rights to information systems have been restricted with the help of access groups so that each user can only access the information they need in their work tasks.
Persons employed by the university and performing positions of trust are subject to the confidentiality obligation laid down in section 23 of the Act on the Openness of Government Activities. In addition, university employees may not use or disclose to others the employer’s professional or business secrets (Chapter 3, section 4 of the Employment Contracts Act).
Confidential information and storage periods, archiving and destruction are specified in the university’s archive formation plan.
What rights do you have?
According to the General Data Protection Regulation (GDPR), data subjects have the right:
- to obtain information on the processing of their personal data, unless a specific exception is provided in the law
- to access their data
- to rectify any data concerning them
- to the erasure of their data (not applicable if the processing basis is compliance with a legal obligation or a task carried out in the public interest)
- to restrict the processing of their data
- to object to the processing of their data if the processing basis is public interest or legitimate interests
- to request that the personal data they have provided themselves is transferred directly from one system to another if the processing basis is consent
- to withdraw their consent
- the controller’s notification obligation regarding rectification or erasure of personal data or restriction of processing
- to report to the Office of the Data Protection Ombudsman (tietosuoja@om.fi) if they consider that the processing of their personal data has violated existing data protection legislation.
In order to exercise your rights, you can submit your request via the university’s e-Service (staff, students), use the form on the university’s website, or contact the university’s Data Protection Officer.
For advice and instructions, contact the Data Protection Officer:
University of Eastern Finland, Data Protection Officer Helena Eronen, P.O. Box 111, 80101 Joensuu
tietosuoja@uef.fi, tel. +358 (0)294 458 187