En

Privacy state­ment: Projects imple­men­ted by Karelia Univer­sity of Applied Sciences / Partici­pant register

PRIVACY STATEMENT AND REGISTER DESCRIPTION

Perso­nal Data Act (523 /1999) 10 §, General Data Protec­tion Regu­la­tion of the Euro­pean Union (679/2016) as of 25th May 2018, Compi­led on 25th April 2018, updated on 13th Septem­ber 2023

Regis­ter Controller 

Karelia Ammat­ti­kor­kea­koulu Oy / Karelia Univer­sity of Applied Sciences Ltd
Tikka­rinne 9, 80200 Joensuu, Finland
PO Box 256, 80101 Joensuu, Finland
tel. +358 13 260 600
info(at)karelia.fi

Contact person in matters related to the register 

Research and Deve­lop­ment Direc­tor, Ms Anne Ilvonen
Karelia-ammat­ti­kor­kea­koulu / Karelia Univer­sity of Applied Sciences
Tikka­rinne 9, 80200 Joensuu, Finland
tel. +358 50 311 6314, anne.ilvonen(at)karelia.fi

Name of the register 

Projects imple­men­ted by Karelia Univer­sity of Applied Sciences / Partici­pant register

Purpose of proces­sing perso­nal data and legal basis for proces­sing perso­nal data 

The regis­ter is inten­ded for the proces­sing of partici­pant data in such research, deve­lop­ment, inno­va­tion and/or inter­na­tio­na­li­sa­tion projects imple­men­ted by Karelia Univer­sity of Applied Sciences either as an admi­ni­stra­tor or co-execu­tor that require collec­tion of data due to condi­tions deter­mi­ned by the financier, co-financier, project admi­ni­stra­tor and/or other execu­tor, or because of a speci­fic project imple­men­ta­tion method (e.g. scien­ti­fic research) that requi­res data collec­tion for imple­men­ting the project or repor­ting on the project.

Legal basis for proces­sing perso­nal data: perfor­ming a statu­tory task.

Person in charge of data protection 

Karelia Ammat­ti­kor­kea­koulu Oy, Tieto­suo­ja­vas­taava, Tikka­rinne 9, PO Box 256, 80101 Joensuu, Finland, tel. +358 50 349 7097, email: [email protected]

Content of the register 

  • Name
  • admi­ni­stra­tor, and
  • financier/co-financier of the project

Types of infor­ma­tion regis­te­red of each partici­pant (at its largest)

  • Perso­nal iden­ti­fica­tion and contact details: name, perso­nal iden­ti­fica­tion number/age, gender, address, email, phone number, photo, video
  • Emplo­y­ment status: possible dura­tion of unemplo­y­ment, status of being outside the labour market, or emplo­y­ment-related information
  • Educa­tion: level of educa­tion completed
  • House­hold situa­tion: infor­ma­tion on unemplo­y­ment, depen­dent children, and the number of adults in the household
  • Other background infor­ma­tion: citizenship/foreign background or mino­rity members­hip, disa­bi­lity, weaker status in the labour market, homelessness
  • Background organization/employer
  • Certain types of projects: a person’s own assess­ment of his/her work ability and/or the impacts of the project

Regular data sources, grounds for provi­ding perso­nal data 

A paper form or an online form filled in by the partici­pant when atten­ding the project. Sepa­rate consent is requi­red for the use of photo­graphs or videos. The legal basis for proces­sing perso­nal data is to perform a statu­tory task at the univer­sity of applied sciences.

Trans­fer of perso­nal data outside the Euro­pean Union or the Euro­pean Econo­mic Area 

Perso­nal data will not be trans­fer­red outside the EU or EEA.

Regular disclo­sure of perso­nal data 

If requi­red, perso­nal data will be disclo­sed to the participant’s own orga­ni­sa­tion on the basis of an indi­vi­dua­li­sed request for infor­ma­tion, and in cases the project financier, co-financier, admi­ni­stra­tor or other execu­tor requi­res it as, for example, an attach­ment to report or payment data. Photos and videos are used for commu­nica­tion and marke­ting purpo­ses for projects:

  • Publica­tion of photos and/or videos in Karelia UAS commu­nica­tions in various media, on the inter­net and social media.
  • Inter­nal and exter­nal publica­tion of photos and/or videos in connec­tion with infor­ma­tion, inter­nal use/distribution of Karelia UAS
  • Photos and/or videos are edited in good taste to suit the purpose of use

Principles of protec­ting the register 

The infor­ma­tion in the regis­ter is confi­den­tial except for sepa­ra­tely agreed infor­ma­tion to be publis­hed, such as name and photo. Emplo­yees hand­ling the infor­ma­tion are bound to confi­den­tia­lity and other instruc­tions for hand­ling the infor­ma­tion. The obli­ga­tion to exercise confi­den­tia­lity also conti­nues after the end of the emplo­y­ment relationship.

Regis­te­red data recor­ded on paper is handled confi­den­tially by project staff and by Karelia UAS accoun­ting services staff. The data is kept in premi­ses that are locked outside office hours. Infor­ma­tion avai­lable in elect­ro­nic format is stored in network folders on Karelia UAS server. Access to these folders requi­res logging into the system. Sepa­rate instruc­tions apply to the hand­ling of perso­nal data in ESF projects.

Storage, filing and dispo­sal of regis­te­red data 

The storage times for custo­mer-speci­fic data are defined in the Karelia UAS data mana­ge­ment plan. Dispo­sal of data is subject to the applicable regu­la­tions of the Natio­nal Archi­ves of Finland. In addi­tion, filing regu­la­tions for each financier, co-financier, admi­ni­stra­tor and/or other execu­tors of projects are followed.

Infor­ming the regis­te­red person 

The regis­te­red person is infor­med verbally and/or in writing when the partici­pant infor­ma­tion is collec­ted. The regis­ter desc­rip­tion is avai­lable on Karelia UAS website at http://www.karelia.fi/rekisteriselosteet.

Inspec­tion right 

Every­one has the right to inspect his/her perso­nal data.

The person may submit an inspec­tion request in person or in writing to the person in charge of data protec­tion at Karelia UAS at tietosuoja(at)karelia.fi. Infor­ma­tion shall be provi­ded without delay and in writing, if so requested.

The regis­te­red person is provi­ded with the possi­bi­lity to see docu­ments concer­ning him/her, to take a look at the infor­ma­tion shown on a compu­ter screen, and to see any prin­touts or input forms used for storing the infor­ma­tion. The regis­te­red person is at the same time infor­med about the sources of infor­ma­tion, use of infor­ma­tion, and dispo­sal of information.

If the inspec­tion right is denied for an excep­tio­nal reason, a written docu­ment signed by the person in charge of the regis­ter shall be issued. The docu­ment indica­tes the reasons why the right of inspec­tion has been denied. The regis­te­red person may refer the matter to the Data Protec­tion Ombudsman.

Right to request recti­fica­tion of data 

Every­one has the right to request recti­fica­tion of incor­rect data in the register.

The person may submit an inspec­tion request in person or in writing to the contact person of the regis­ter. If the regis­ter is deemed to contain infor­ma­tion that is faulty, unneces­sary, incomplete or outda­ted perso­nal data, the data handler shall rectify the infor­ma­tion unpromp­ted or on the customer’s request.

If the data handler does not accept the regis­te­red person’s request of recti­fica­tion, a refusal docu­ment signed by the person in charge of the regis­ter shall be issued. The docu­ment indica­tes the reasons why the request has been denied. The regis­te­red person is infor­med of his/her right to refer the matter to the Data Protec­tion Ombudsman.

Right to prohi­bit the disclo­sure of data 

The infor­ma­tion in the regis­ter is confi­den­tial except for sepa­ra­tely agreed infor­ma­tion to be publis­hed, such as name and photo. It will not be disclo­sed unless the person reques­ting the infor­ma­tion has a statu­tory right to receive the infor­ma­tion. There­fore, the regis­te­red person does not have to present an explicit prohi­bi­tion of disclosure.