Research information system Converis and TUTKA – Privacy notice

Why we process your personal data? 

Personal data are collected in order to form an overall picture of scientific activities pursued by the staff and other people working under JYU affiliation.

The data in the research information system is utilised in the university's data warehouse to satisfy the university's internal and external information needs, such as the publication data collection of the Ministry of Education and Culture. The data collected will be utilised in the evaluation, management, development and communications of the University and its various units.

The research information system promotes open science and the requirements of funders, e.g. by enabling self-archiving of publications and making metadata of research data available to JYX and Metax.

The research information system is also used to highlight the activities and merits of the university's experts (profile information, academic qualifications, research activities). The recording of this information is mainly voluntary, unless the unit has otherwise outlined e.g. due to internal reporting needs.

The data can also be used for scientific research.

What data we process and how long? 

The retention periods of personal data and documents stored in the system are defined in the University's Records management plan. Metadata related to outputs (e.g. publications) is stored permanently. Some of the information (e.g. profile information or titles displayed in the public portal) can be hidden if needed. In addition, information visible in the public profile (e.g. general description) is automatically hidden if the employment relationship or other affiliation has ended. By default, the basic information on affiliations (name, title, JY unit) is hidden one year after the end of the affiliation.

The data stored in the research information system can be divided into the following groups:

• Basic information (first and last names, call name, email addresses, username, identity number). Source: IDM.
• Affiliation data (duration of an employment relationship, postgraduate study right or non-employment research contract or similar information based on the application deadline from an applicant from outside the university; title, and name at the time of affiliation). Source: data warehouse (combining data from Mepco and Sisu) and IDM.
• Profile information (general description, research description, ORCID identifier and other researcher identifiers, web page and other profile links, disciplines, keywords, follow-up groups, picture and other attachments such as CV). Filling is voluntary, but some units have agreed on the centralised or automated filling of the follow-up groups e.g. based on cost pool. In addition, ORCID id and the discipline are used in national personnel data collection.
• Academic qualifications. The docentships entered in Mepco are automatically transferred via data warehouse, otherwise filled in manually. The user can choose whether the information is displayed in the public portal.
• Project proposals include the names of the principal investigator and other persons related to supplementary funding (including personal grants) and the JYU units. In addition, the documents attached to the project proposals (e.g. budget, research plan, funding application, funding decision) may contain other personal data related to the project. Except for short description, the visibility of the project proposals is limited only to the project actors and persons who process this data in the course of their duties (e.g. heads of units, project controllers, RIS). Project proposals are never displayed on the public portal. The PI related to the application records the details of the project proposals.
• Project records include the names of the principal investigator and other persons and other persons related to supplementary funding (including personal grants) and the JYU units. In addition, the documents attached to the projects (e.g. amendment decision, project report) may contain other personal data related to the project. By default, basic project information is displayed in the public portal. The visibility of detailed data is limited to the project actors and persons who process this data in the course of their duties (e.g. project controllers and other financial staff, registry office). For justified reasons (e.g. commissioned research, non-disclosure agreement), a project can be defined as private. Project records are primarily based on project proposals.
• Publications published under the JYU affiliation include the names of their authors and JYU units (for external authors, only names). Basic information of publications is always public, even if the author has made their profile private (in this case, the author's name can appear on the post's page but without a link to the profile). In addition, the actual publication files are temporarily stored in the system before being transferred to the JYX repository. Publication files may contain other personal data of the authors. Publications are recorded centrally based on the Open Science Centre's automatic monitoring and notifications from the researchers.
• Metadata of research data that include JYU researchers as authors. The metadata includes names of the authors and JYU units (for external authors, at least the names with optional organization information). Metadata of published research data is primarily public. Researchers record the metadata themselves.
• Research activities (by main category: Prize or distinction; Presentations; Peer review or editorial work; Membership or position of trust; Organisation of event or conference; Media visibility and popularisation; Scientific and societal impact; Evaluation or assessment; Research leadership, supervision, and funding; Thesis supervision or examination; Other teaching merit; Other research or development task) with JYU experts involved. Research activities include the names of their related authors and JYU units (for external authors, only names). Information about other people related to the activity may also be included, such as the name of the supervised person in the case of theses. Researchers record the data of research activities and can choose their visibility (public; shown to logged-in people; private) themselves.
• Converis database contains timestamped log information about changes and document downloads. The log data includes the user id of the person who changed or downloaded the data.

Who can access your personal data?

Within the University, access to personal data in research information system is restricted by access rights granted on the basis of organisational status and work role, as well as for justified reasons confirmed by the Head of Unit. User rights provide access to personal data primarily in the context of information relevant to the role (e.g. OSC publication staff process information related to publications and project controllers process information related to project proposals and projects). Only technical support (Digital Services) has access to all the information in the system. On the other hand, certain basic information about people and other information marked as public or visible to logged-in users is visible in the system more extensively, and partially to APIs (e.g. publication lists) or reports (e.g. Power BI) available in the University network or otherwise.

The publicly displayed data of the research information system can be browsed in the Converis portal.

Also, the service providers we use can access your personal data in their role as data processors. However, these providers do not actively process your personal data, but they have access to it for maintenance reasons.

The provider of the research information system (Clarivate Analytics) has access to registered data for the sake of technical maintenance for the service. However, this access is restricted to case-specific problem solving. Clarivate Analytics is committed to the General Data Protection Regulation of the European Union.