Privacy Statement – Identity management
Update 22.11.2018
1 Name of the register
Identity management
2 Controller
Jamk University of Applied Sciences
P.O. Box 207
FI-40101 Jyväskylä, Finland
3 Contact person in matters concerning the register, contact information during office hours
- Director of Administration: Mikko R. Salminen
- System Specialist: Jyri Helakangas
- System Specialist: Sami Mäkinen
- firstname.surename[a]jamk.fi
4 Purpose of the processing of personal data
The identity Management System maintains up-to-date information on Jamk’s information systems and information services users’ access rights, access duration and access rights (access and access control). The register contains information about staff, students and external users.
5 Data contents of the register
| All | Staff |
| Name (obligatory) | Title |
| ID number/Date of birth (is required of persons who do not have a Finnish personal identification number) (obligatory) | Personal ID number (obligatory) |
| Gender (obligatory) | ID number information |
| Nationality (obligatory) | User name |
| Language | Arrival date to the group, start date and end date of employment relationship |
| Adress | Unit, department and cost centre |
| e-mail address | Working hours information |
| Telephone number | Project information |
| Superior | |
| Students | External users |
| Student ID | Agreement (obligatory) |
| Student type | Title (obligatory) |
| Field of study and degree type | Organisation (obligatory) |
| Group information | Start date and end date of relationship |
| Status (obligatory) | Contact person (obligatory) |
| Password (obligatory) | Adoption of a usage rule (obligatory) |
| Transfer information (national data warehouse) |
6 Legal bases for processing personal data
- The controller’s legal obligation
- A task carried out in the public interest or the exercise of public authority and
- The legitimate interests of the controller or a third party
7 Regular information sources
- Students: Study information system
- Staff: Human resources
- External users: Questionnaire
8 Regular information disclose and information transfer outside the EU or the European Economic Area
Information is not regularly rendered to third parties. Data is not transmitted outside the EU or EEA, or international organizations.
9 Register protection principles
The register does not contain manually collected material. All servers are located in a locked location and access is monitored. Servers are only allowed for administrators.
10 Retention period or criteria for determining
- Student information is stored in primarily for the duration of the studies + four months after graduation
- Information on personnel is stored in the HR management systems for the duration of their employment + four months after termination of employment. The username remains archive forever, ie the same ID can not be reissued to another person.
- External users information is stored in primarily for the duration of the contractual relationship + four months after termination of contractual relationship. Data collected through a questionnaire will be deleted as soon as they are transferred to the identity management system.
11 Automatic decision-making/profiling
Automated profiling related to personal data is not conducted.
12 Rights of the Data Subject
User information is corrected according to notifications. The correctness of personal data is checked if necessary from the student administration system or from the human resources management system. User information is updated according to the notifications. The correctness of personal data is checked if necessary from the student administration system or from the human resources management system. Administrators and other staff take care of correcting the error immediately.
Read more information about the Jamk’s Privacy Policy, Data Protection Officer and the rights of the data subject and their implementation.