Registry Description and Privacy
Registry description
The University of Helsinki respects your privacy and does not share personal information with others. The registrar is the Ruralia Institute of the University of Helsinki, ruralia-instituutti@helsinki.fi
Privacy statement updated 01.06.2020
The University of Helsinki is committed to protecting the privacy of users of its electronic services in accordance with the Personal Data Act (523/1999), the Information Society Arc (917/2014), Regulation (EU) 2016/679 of the European Parliament and of the Council and other applicable legislation. This Privacy Statement explains how users' personal information is processed in the services provided.
By using the electronic services provided by the Ruralia Institute of the University of Helsinki, the user accepts the conditions set out in this data protection clause. If you do not wish to accept these terms, you will not be entitled to use the services under those terms. Please read the terms and conditions carefully.
These terms and conditions apply to the digital participation system we offer, which is available at www.omaidea.fi.
1. Registrar
University of Helsinki, Business ID 0313471-7
Registrar's address: PO Box 4, 00014 University of Helsinki
Contact person responsible for the register: Toni Ryynänen
Please contact Ruralia-instituutti at helsinki.fi or the above person by e-mail with any questions regarding personal data or data protection.
2. Purpose of the processing of personal data
We collect personal information from users of the participation system. Personal data is required for the production and delivery of the service and for communication in matters concerning the service. We can also collect tracking data from users of the service, which we use to map the activity of the service and strive to improve the service, as well as conduct research related to digitalization.
3. Information content of the register
We collect the following information from private users of the service:
Email address
Name
We collect the following information from organizational users of the service:
Email address
Name
Name of organization
If it is important for the provision of the service to obtain more information about the users, they may be asked to supplement their information in the service later. In such situations, we will update our privacy statement and notify users.
4. Method of data collection
We collect information from the user when registering for the service. The user enters his / her personal information on the online form when registering with our service, so that the information collected about the user is also clearly visible.
Users can sign up and log into the service through third-party services. In this case, the user must be confirmed by a third-party service access to those data that users want to collect. The service can log the following third-party services, which the user data can be downloaded on the user's prior consent:
Information about the service can also be collected from general events as well as from the events of the Ruralia Institute of the University of Helsinki or its partners, where the contents presented in the service are presented or processed.
Users can choose to provide their information to an employee of the university or its partner on a paper form from which the employee records the user's information and answers in the system. Paper forms are destroyed as soon as the data is entered into the system.
5. Data storage and protection
The information provided by users is stored in the server environment of the digital service provider, Metatavu Oy. Only the service provider or its agents have technical access to this server environment. The service provider is committed to maintaining the security of its customers and preventing third parties from accessing the data in the database.
Access to the physical space of the server environment is restricted to persons authorized by the service provider. The server environment is located in a secure and controlled space to which unauthorized access is prevented.
The contact information of the service provider is available at www.metatavu.fi.
The data can also be accessed through the service management interface. Access to the management interface requires user IDs in the system, which are managed in cooperation between the registrar and the service provider. We will ensure security in accordance with the basic conditions, the management of user accounts are protected with strong passwords. We also maintain internal information on to whom the Management User IDs have been disclosed.
Data is transferred between users' browsers and the service via a TLS-secured communication connection, which ensures reliable data transfer. Similar technology is used to protect telecommunications, for example in online banking.
6. Disclosure and Transfer of Information
Your personal data may only be transferred to other services or companies under the following conditions:
If justified for the provision of the service, the data of the users of the service may be transferred to the systems of other service providers in order to provide the service. Such systems include, for example, software used to send e-mails.
Data may be transferred to other companies if the provision of the service so requires. In such a case, personal data may be transferred to, for example, a company providing security services.
A service provider may transfer your personal information to another service provider's server or to another physical location if this is justified for the maintenance of the service.
If the registrar changes service provider, the information entered in the register will be transferred to the new service provider. In this situation, the responsibility for maintaining the service is transferred and users are informed about this.
In connection with the merger or sale of the service provider's activities, the information entered in the register will be transferred to the new service provider. In this situation, the responsibility for maintaining the service is transferred to another service provider and users are informed about this.
We ensure that the actors to whom personal data are transferred are committed to the protection and processing of personal data in accordance with this data protection clause. When you transfer information to another service provider company, we give them the right to process the information only to provide the service provided. The processing of third-party data is limited to the provision of the service, ie ownership of the data in these cases does not pass to other service providers.
Users' personal data will not be transferred outside the EU or the EEA to provide the service. However, for network engineering reasons, for example, it is possible that users' data is temporarily located outside the EU or the EEA.
7. Cookies
Cookies are small text files that your browser stores on your computer and are sent to the service each time you visit. The service uses cookies to identify the user's session. Sessions help differentiate between different users. Use of the service requires that cookies be enabled in your browser.
Through the service, third parties can also set cookies in the user's browser. Such services can be utilized, for example, for unidentified monitoring of users in the service.
8. Rights
Within the limits set by the Personal Data Act (523/1999), the person who has provided information has the right to check what personal information has been stored in the register, demand correction of incorrect information and prohibit the registrar from processing personal information in direct mail, distance selling and other direct marketing and for genealogy.
9. Changes
We reserve the right to change this privacy statement if necessary. We will notify users of the service of the changes by updating the date at the beginning of this privacy statement. If the changes materially affect the information collected or the processing of the information collected, we will notify users of the changes by email insofar as the changes affect them.