Privacy notice 1

University of Jyväskylä, Centre for Multilingual Academic Communication 14.2.2022

A description of the processing of personal data for scientific research purposes (privacy notice; Articles 13, 14 and 30 of Regulation (EU) 2016/679)

Personal data processed in study “Internationalisation as multilingual and intercultural communication competence in Higher Education”

In the research “Internationalisation as multilingual and intercultural communication competence in Higher Education”, the aim is to view ‘internationalization’ as competencies that are malleable constructs and possible to develop through education and/or experience. The study brings forward the students’ experiences and views on multilingual and intercultural learning.

The data collected during the study consist of recorded group discussions, written materials produced by students, interviews, and possibly a survey answered by the students.

We collect the following personal data about you:

  1. Survey and written materials: The university in which you work/study, your age, gender, and your questionnaire answers and texts produced during the study.
  2. Group discussion and interview: recordings (audio and/or video), notes based on the discussion, and materials produced by the participants.

The participants have been given a direct link to this Privacy Notice.

The data are used in scientific and professional presentations and publications related to the project. The collected data are also utilised in teaching and continuing education. Personal data and results are processed confidentially, in compliance with privacy legislation. Your personal details cannot be identified in the publications: at the reporting stage, the data are processed so that individual respondents remain anonymous.

Participation to the study is voluntary, and you are not required to submit any information. You can interrupt your participation at any time. In this Privacy Notice, we describe the processing of personal data in more detail. This privacy notice has been published on the Moodle learning space, as well as at the website of the study, and the electronic survey includes a direct link to this information.

Legal grounds for the processing of personal data for research/archiving purposes

Processing is necessary for scientific or historical research purposes or statistical purposes, and it is correctly proportional in relation to the goal in accordance with public interest (section 4.1(3) of the Finnish data protection act)

During this study, your personal data will not be transferred outside the EU/EEA.

Protection of personal data

In this study, the processing of personal data is based on a proper research plan, and a responsible person has been appointed for the study. Your personal data will only be used and disclosed for purposes of conducting historical or scientific research or for other similar purposes (statistics), and it is otherwise ensured that no data about you is disclosed to unauthorised parties.

Direct identification data will be removed as a protective measure when generating the data (pseudonymised data, in which case persons can be later identified on the basis of a code or similar data, and new data can be merged with the data). Identifiers are removed from interview and group discussion data when transcribing them. Participants’ identity is protected through image processing in potential videos.

Personal data used in the study will be protected by means of:

  • JYU requires that everyone processing personal data have completed training for the task. User rights and authorisations are granted only to the extent required by the employees’ duties. The use of information systems is controlled by logging. The information security of the information systems is reviewed on a regular basis.
  • The University conducts self-assessments or orders audits from third parties in order to evaluate the level of cooperation partners’ and/or subcontractors’ data protection, information security and risk management. In compliance with the General Data Protection Regulation, data processing agreements are signed with all processors of personal data.
  • The University uses camera surveillance and access control in its premises.
  • Any alleged criminal action will be reported to the police for investigation.
  • The University implements information security according to the information security practices of the state administration and the ISO 27000 standard. For more information on the information security principles of the University of Jyväskylä, see www.jyu.fi/hallinto/strategia/periaatteet/tietoturvaperiaatteet_julkinen.

The research register will be erased when the study period ends.

Controller and researchers

  • The controller for this study is University of Jyväskylä, Seminaarinkatu 15, P.O. Box 35, 40014 University of Jyväskylä. Tel. +358 14 260 1211, Business ID 0245894-7.
  • Data protection officer of the University of Jyväskylä: tietosuoja(at)jyu.fi, tel. +358 40 805 3297.
  • Scientist in charge: Peppi Taalas, +358 50 5541 720, peppi.taalas@jyu.fi, Seminaarinkatu 15, P.O. Box 35, 40014 University of Jyväskylä.
  • Contact person(s): Lotta Kokkonen, +358 40805 3148, lotta.o.kokkonen@jyu.fi, Mattilanniemi 6, P.O. Box 35, 40014 University of Jyväskylä.
  • Researchers: Personal data are processed only by members of the research group. For further information on the persons, please contact the scientist in charge.

Processors of personal data: In the data, we use personal data processors whom JYU has found to comply with information security policies and who have signed a data protection agreement. The current processors are the Webropol survey software provider and Microsoft. This Privacy Notice is published on the project website, where we update potential changes related to personal data processors.

Rights of data subjects

  • Right to access data (Article 15, GDPR)

You have the right to obtain information about whether your personal data are processed, and which personal data are processed. If you want, you can also request a copy of the personal data processed in the study.

  • Right to have data rectified (Article 16, GDPR)

If there are inaccuracies or errors in your personal data processed by us, you have the right to request their rectification or supplementation.

  • Right to erasure (Article 17, GDPR)

You have the right to request your personal data be erased in certain situations.

  • Right to the restriction of processing (Article 18, GDPR)

You have the right to restrict the processing of your personal data in certain situations, such as if you deny the accuracy of your personal data.

  • Right to object (Article 21, GDPR)

You have the right to object to the processing of your personal data if the processing is based on public or legitimate interest. As a result, the university cannot process your personal data unless it can prove that processing is based on a highly important and justified reason that supersedes your rights.

Derogation from the rights of data subjects

Derogation from the aforementioned rights is possible in certain individual situations on the basis of the GDPR and the Finnish Data Protection Act, insofar as the rights prevent or significantly complicate the realisation of scientific or historical research purposes or statistical purposes. The need for derogation must always be assessed separately for each situation.

Profiling and automated decision-making

In this study, your personal data will not be used in automated decision-making. Here the purpose of the processing of personal data is not to assess your personal characteristics (i.e. profiling). Instead, your personal data and characteristics will be assessed from the perspective of broader scientific research.

Executing the rights of data subjects

If you have questions on the rights of data subjects, please contact the university’s data protection officer. All requests concerning the execution of the rights must be submitted to the Registry Office of the University of Jyväskylä. Registry Office and Archive, P.O. Box 35 (C), 40014 University of Jyväskylä, tel. +358 40 805 3472, email: kirjaamo@jyu.fi. Street address: Seminaarinkatu 15, Building C (Main Building), floor 1, room C 140.

Any data breaches or suspicions of data breaches must be reported to the University of Jyväskylä.
https://www.jyu.fi/en/university/privacy-notice/report-data-security-breach

You have the right to file a complaint with the supervisory authority of your permanent place of residence or employment if you consider that the processing of personal data is in breach of the GDPR (EU 2016/679). In Finland, the national supervisory authority is the Data Protection Ombudsman.

Office of the Data Protection Ombudsman
Ratapihantie 9, floor 6, 00520 Helsinki, P.O. Box 800, 00521 Helsinki
Tel. +358 29 566 6700
Email (Registry): tietosuoja@om.fi

You have the right to file a complaint with the supervisory authority of your permanent place of residence or employment if you consider that the processing of personal data is in breach of the GDPR. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman.

Contact for Office of the Data Protection Ombudsman: https://tietosuoja.fi/en/home