Privacy notice for customer relations at the University of Jyväskylä

This privacy notice applies to the University of Jyväskylä’s customer relationships.

Published

15.4.2026

What should you know about the processing of your personal data?

The University of Jyväskylä collects personal data about you to carry out its duties. You have certain rights to these data, such as the right to access your personal data and the right to be sure that the data are stored securely and only for the necessary time. Above all, you have the right to know the following:

what data we collect about you and why,
where, and for how long we keep these data, and
to whom we share these data.

All these points are explained in this privacy notice.

Picture of the main building from outside

How to find the information you are looking for?

We have made this privacy notice to be as comprehensible and easy to use as possible. For this reason, you can find the most important information summarised under each section. For more information, please follow the links in each section or contact the Data Protection Officer directly.

Contact the data protection officer

Why do we process your personal data?

Your personal data is processed for the following purposes:

Communication and marketing

University communications and newsletters
Organising events and providing information about them
Marketing the University’s educational products, services, events, and current content
Personalisation and development of online services (e.g., cookie data)
Providing information about the Open University’s continuing education offerings
Production of marketing and communication materials (including photographs and recordings)

Managing stakeholder relationships

Maintaining contact with alumni (lifelong alumni relationship)
Maintaining contact with friends of the university (former employees, donors, graduates)
Fundraising campaigns
Public relations, collaboration, and meetings
Event management and payment processing, e.g., international conferences
Employer collaboration (internships, jobs, assignments, employer presentations)
Maintaining stakeholder lists (experts, project partners, partner organisations)
Commercial champions and angel investors
Voluntary EIR (Entrepreneur in Residence) collaboration

Surveys and feedback

Collecting feedback
Surveys on social interaction, training, and evaluation
Reports and research collaboration

Data security, prevention of misconduct, and system functionality

Processing of data generated from the use of services
Security measures
Investigation of potential misconduct

Basic information

Name
Contact information (address, email, phone)
Organisation and job title
Employer and role in the collaboration
Academic information (alumni, strong authentication)
LinkedIn (angel investors and commercial champions)

Event-related information

Registration information
Dietary and special accommodation needs
Role of participation
Payment details for participation fees
Feedback (including anonymous)
Information related to marketing, communications, and media
Photos, videos, and audio recordings
Information contained in communications and marketing materials
Newsletter subscription information
Information from social media posts (subject to the services’ own privacy policies)
Information related to stakeholder relations
Collaboration records (meetings, correspondence, event participation)
Donation information and donation agreements
EIR expertise and objectives
Employer collaboration assignments and contact information
and Innovation Services.

Data potentially generated from the use of the services

Log data
Cookie data
Usage activities

Alumni data: retained permanently (lifelong alumni relationship); data subjects may request the deletion of their data
Donor contact information, donation letters, and donation agreements: stored permanently
Upper secondary school liaisons for the student ambassador programme: Retention in accordance with the retention periods of the help.jyu system Guidelines - Privacy Notice - University of Jyväskylä
Employer collaboration assignment register: retained until a request for deletion is made; accuracy checked every 5 years
Stakeholder lists (experts, organisations): retained for the duration of the assignment or in accordance with the operational management plan (validity period + 1 year)
Personal data in marketing and communication materials: until the individual requests deletion
Survey data: on a case-by-case basis (specified in the survey)
Data from images, videos, and audio recordings: Photographs and recordings are generally used for 5–10 years and remain permanently in published materials. Photographs and recordings of cultural-historical value are archived, meaning they are retained permanently.
Scientific conferences: 36 months
Commercial champions and angel investors: the accuracy of the data is verified every five years by asking registrants to confirm their registration. Data on individuals to whom sent emails do not reach is also deleted. For more information, contact Research and Innovation Services at ris@jyu.fi.
Other data: for as long as necessary to fulfill the purpose or as required by law

From the data subject themselves (registration, contact, consent)
From the student information system (in connection with strong authentication)
From other university registers, if the data may be transferred
From the Trade Register, the PRH Register, and other official sources
From the online services and applications of companies and organisations
From the Fonecta B2B database
From the register of the Finnish Patent and Registration Office
From general online sources
From log or cookie data generated in connection with the use of services
LinkedIn (angel investors and commercial champions)

What rights do you have and how to exercise them?

You have the following rights:

The right to access your personal data.
The right to rectification.
The right to erasure (right to be forgotten) in some cases.
The right to restriction of processing.
The right of notification so that the data controller (unit responsible for the register) further informs any third-party recipients of the data about your request for the rectification, erasure, or restriction of processing of your personal data.
The right to object to processing, e.g. for direct marketing.
The right to data portability, i.e. to have the data transferred from one system to another when processing is based on an agreement or your consent.
The right to be informed about any information security breaches that cause a major risk.
The right to lodge a complaint with a supervisory authority.
The right to withdraw your consent

You have the right to withdraw your consent for the processing of your personal data at any time. At the end of each of our newsletters, there is a link you can use to withdraw your consent. The withdrawal has no impact on processing measures taken before it.

You can exercise your rights by sending a request using the form available on the Registry Office website or by sending an informal request.

Get to know your rights

Use the form available on the Registry Office website

Send an informal request to the Registry Office

Who can access your personal data?

University of Jyväskylä staff whose duties include the processing of this personal data.

In addition, the service providers we use have access to your personal data in their capacity as data processors. However, service providers generally do not actively process personal data, but they have access to it, for example, to perform maintenance tasks.

Learn more about data processors

Who do we transfer your personal data to?

Service providers used by the university (event management systems, newsletter tools, website maintenance)
Liana Mailer newsletter tool (no transfers outside the EU/EEA)
Social media platforms (Facebook, Instagram, LinkedIn, TikTok, YouTube) — these are subject to the services’ own privacy policies
Event service providers (e.g., dietary information primarily without direct identifying information)
Participant lists are distributed to event participants (name and organisation) if the nature of the event requires it

The University of Jyväskylä uses partners for the processing of personal data in accordance with the purposes specified in this privacy notice, such as website maintenance and event organising.

In addition, the University of Jyväskylä may share photos and videos on social media services if there is a valid reason to do so. The processing of personal data contained in these materials is subject to the privacy policies of these services. See, for example, the following social media services:

Facebook https://www.facebook.com/privacy/policy/
Instagram https://privacycenter.instagram.com/policy
LinkedIn https://www.linkedin.com/legal/privacy-policy
TikTok https://www.tiktok.com/legal/page/eea/privacy-policy/en
YouTube https://support.google.com/youtube/answer/10364219

On what basis do we process your personal data?

The processing of your personal data is based on legal grounds, agreements or your consent. If you wish to take a closer look at our legal grounds, such as the relevant legislation, you can find additional information in the menu below.

Public interest (GDPR 6.1 e; University Act, Section 2), interaction with the society; you have the right to object to the processing
Contract (GDPR 6.1 b) — e.g., enrollment in a course or service
Consent (GDPR 6.1 a) — e.g., newsletter, targeted marketing, surveys, and feedback. For natural persons, prior consent is required for direct marketing sent to the individual (6.1 a). The individual has the right to object to the use of their data for direct marketing.
Legitimate interests of the controller (GDPR 6.1 f) — stakeholder communication
Legal obligation (GDPR 6.1 c) — donation data, payment data

How to contact us?

For further information about the processing of your personal data, please feel free to contact our Data Protection Officer by email or phone (+358 40 805 3297).

Contact our data protection officer

You can also contact the unit concerned directly if you wish. Contact information of the responsible unit is given below.

Alumni Activities: Liaison Manager Anni Karhunen anni.r.karhunen@jyu.fi, tel. +358 50 536 3474
Stakeholder Relations, Events: kumppanuudet@jyu.fi, tel. 040 805 4134
Commercialization and angel investors, research and innovation services: ris@jyu.fi
Faculty of Information Technology: yhteistyo-it@jyu.fi, tel. 0400 248115
Contact person for student ambassador matters: Planner Terhi Paakkinen, +358 40 805 3231
Donations: Rector’s Assistant Anna Rantanen and Public Relations Manager Anu Mustonen, tel. 050 564 9022

To exercise your rights, such as withdrawing your consent for the disclosure of your personal data to certain third parties, please contact the Registry Office by email:

Send a request to the Registry Office

Privacy notice for customer relations at the University of Jyväskylä

What should you know about the processing of your personal data?

How to find the information you are looking for?

Why do we process your personal data?

What personal data do we process?

For how long do we process your personal data?

Where do we get our information?

What rights do you have and how to exercise them?

Who can access your personal data?

Who do we transfer your personal data to?

On what basis do we process your personal data?

Additional information about the grounds for processing

How to contact us?

Contact information of the responsible unit

Share this article