En

Privacy statement: Projects implemented by Karelia University of Applied Sciences / Participant register

PRIVACY STATEMENT AND REGISTER DESCRIPTION

Personal Data Act (523 /1999) 10 §, General Data Protection Regulation of the European Union (679/2016) as of 25th May 2018, Compiled on 25th April 2018, updated on 29th January 2025

Register Controller              

Karelia Ammattikorkeakoulu Oy / Karelia University of Applied Sciences Ltd
Tikkarinne 9, 80200 Joensuu, Finland
PO Box 256, 80101 Joensuu, Finland
tel. +358 13 260 600
info(at)karelia.fi

Contact person in matters related to the register           

Research and Development Director, Ms Anne Ilvonen
Karelia-ammattikorkeakoulu / Karelia University of Applied Sciences
Tikkarinne 9, 80200 Joensuu, Finland
tel. +358 50 311 6314, anne.ilvonen(at)karelia.fi

Name of the register                        

Projects implemented by Karelia University of Applied Sciences / Participant register

Purpose of processing personal data and legal basis for processing personal data

The register is intended for the processing of participant data in such research, development, innovation and/or internationalisation projects implemented by Karelia University of Applied Sciences either as an administrator or co-executor that require collection of data due to conditions determined by the financier, co-financier, project administrator and/or other executor, or because of a specific project implementation method (e.g. scientific research) that requires data collection for implementing the project or reporting on the project.

Legal basis for processing personal data: performing a statutory task.

Person in charge of data protection        

Karelia Ammattikorkeakoulu Oy, Tietosuojavastaava, Tikkarinne 9, PO Box 256, 80101 Joensuu, Finland, tel. +358 50 477 7983, email: [email protected]

Content of the register                   

  • Name
  • administrator, and
  • financier/co-financier of the project

Types of information registered of each participant (at its largest)

  • Personal identification and contact details: name, personal identification number, age, gender, address, email, phone number, photo, video
  • Employment status: possible duration of unemployment, status of being outside the labour market, or employment-related information
  • Education: level of education completed
  • Household situation: information on unemployment, dependent children, and the number of adults in the household
  • Other background information: citizenship/foreign background or minority membership, disability, weaker status in the labour market, homelessness
  • Background organization/employer
  • Certain types of projects: a person’s own assessment of his/her work ability and/or the impacts of the project

Regular data sources, grounds for providing personal data                 

A paper form or an online form filled in by the participant when attending the project. Separate consent is required for the use of photographs or videos. The legal basis for processing personal data is to perform a statutory task at the university of applied sciences.

Transfer of personal data outside the European Union or the European Economic Area                       

Personal data will not be transferred outside the EU or EEA.

Regular disclosure of personal data        

If required, personal data will be disclosed to the participant’s own organisation on the basis of an individualised request for information, and in cases the project financier, co-financier, administrator or other executor requires it as, for example, an attachment to report or payment data. Photos and videos are used for communication and marketing purposes for projects:

  • Publication of photos and/or videos in Karelia UAS communications in various media, on the internet and social media.
  • Internal and external publication of photos and/or videos in connection with information, internal use/distribution of Karelia UAS
  • Photos and/or videos are edited in good taste to suit the purpose of use

Principles of protecting the register         

The information in the register is confidential except for separately agreed information to be published, such as name and photo. Employees handling the information are bound to confidentiality and other instructions for handling the information. The obligation to exercise confidentiality also continues after the end of the employment relationship.

Registered data recorded on paper is handled confidentially by project staff and by Karelia UAS accounting services staff. The data is kept in premises that are locked outside office hours. Information available in electronic format is stored in network folders on Karelia UAS server. Access to these folders requires logging into the system. Separate instructions apply to the handling of personal data in ESF projects.

Storage, filing and disposal of registered data               

The storage times for customer-specific data are defined in the Karelia UAS data management plan. Disposal of data is subject to the applicable regulations of the National Archives of Finland. In addition, filing regulations for each financier, co-financier, administrator and/or other executors of projects are followed.

Informing the registered person 

The registered person is informed verbally and/or in writing when the participant information is collected. The register description is available on Karelia UAS website at http://www.karelia.fi/rekisteriselosteet.

Inspection right                    

Everyone has the right to inspect his/her personal data.

The person may submit an inspection request in person or in writing to the person in charge of data protection at Karelia UAS at tietosuoja(at)karelia.fi. Information shall be provided without delay and in writing, if so requested.

The registered person is provided with the possibility to see documents concerning him/her, to take a look at the information shown on a computer screen, and to see any printouts or input forms used for storing the information. The registered person is at the same time informed about the sources of information, use of information, and disposal of information.

If the inspection right is denied for an exceptional reason, a written document signed by the person in charge of the register shall be issued. The document indicates the reasons why the right of inspection has been denied. The registered person may refer the matter to the Data Protection Ombudsman.

Right to request rectification of data        

Everyone has the right to request rectification of incorrect data in the register.

The person may submit an inspection request in person or in writing to the contact person of the register. If the register is deemed to contain information that is faulty, unnecessary, incomplete or outdated personal data, the data handler shall rectify the information unprompted or on the customer’s request.

If the data handler does not accept the registered person’s request of rectification, a refusal document signed by the person in charge of the register shall be issued. The document indicates the reasons why the request has been denied. The registered person is informed of his/her right to refer the matter to the Data Protection Ombudsman.

Right to prohibit the disclosure of data 

The information in the register is confidential except for separately agreed information to be published, such as name and photo. It will not be disclosed unless the person requesting the information has a statutory right to receive the information. Therefore, the registered person does not have to present an explicit prohibition of disclosure.

Automatic decision-making and profiling

Not in use.