Research information system Converis and TUTKA – Privacy notice

This privacy notice applies the research information systems Converis and TUTKA.

Published

23.8.2023

What should you know about the processing of your personal data?

The University of Jyväskylä collects personal data about you to carry out its duties. You have rights to this data, such as the right to access the data and the right to be sure that it is stored securely and only for the necessary time. Above all, you have the right to know the following:

what information we collect about youand why,
for how long, and where we keep this information, and
to whom we share this information.

All of these points are explained in this privacy notice.

How to find the information you are looking for?

We have created this privacy notice to be as easy as possible to use and understand. That is why you will find the key points summarised under each section. If you are interested in knowing more, please follow the links in the sections or contact the data protection officer of the University of Jyväskylä.

Contact the data protection officer

Why we process your personal data?

Personal data are collected in order to form an overall picture of scientific activities pursued by the staff and other people working for the University.

What data we process and how long?

The storage time of data is stated in the University’s data management plan. Personal data are imported to and updated in the system from the staff and student registers. In addition, persons may, under certain provisions, enter data themselves, for example, their self-acquired identification labels (such as ORCID ID).

What rights you have and how to exercise them?

You have the following rights:

Right to access your data.
Right to have any incorrect information corrected.
Right to have your data erased (right to be forgotten), in certain situations.
Right to restrict processing.
Right to have the responsible unit inform the party to which your data is disclosed of your data being corrected, erased, or the processing being restricted.
Right to object processing, e.g. direct marketing.
Right to have your data transferred from one system to another, when processing is based on an agreement or your consent.
Right to be notified of any information security breaches resulting in a high risk.
Right to file a complaint with the supervisory authority.
Right to withdraw consent

You can exercise your rights by sending a request to the university's Registry Office. You can use the form on the Registry Office's website or send your request informally. Keep in mind that withdrawing your consent doesn’t change the processing that happened before the withdrawal.

Get to know your rights

Use the form of the Registry Office

Send an informal request to the Registry Office

Who can access your personal data?

Within the University, access to personal data is restricted by means of access rights, which are granted only for specific needs based on work tasks confirmed by the head of unit.

Also, the service providers we use can access your personal data in their role as data processors. However, these providers do not actively process your personal data, but they have access to it for maintenance reasons.

The provider of the research information system (Clarivate Analytics) has access to registered data for the sake of technical maintenance for the service. However, this access is restricted to case-specific problem solving. Clarivate Analytics is committed to the General Data Protection Regulation of the European Union.

Learn more about data processors

To whom we transfer your data?

Within the university, the personal data described in this privacy notice are transferred to the University’s data warehouse. The data warehouse is used for performing the above-described duties as well as for statistical purposes in accordance with the data controller’s legitimate and public interests, and also for responding to data delivery requests. For more information, see the links below.

Data warehouse of the University of Jyväskylä

We transfer your personal details to several bodies outside the university, such as the Ministry of Education and Culture and to the national Metax metadata pool.

Find more information about the transfer of your personal data outside the university below.

The University is obliged to submit any data required for the purposes of evaluation, development, statistics and other means of monitoring and steering of education and research to the Ministry of Education and Culture. The Ministry also decides how the data are to be delivered (Universities Act 2009/558, Section 51). Universities are obliged to review their education, research and artistic activities and their impact (Universities Act 2009/558, Section 87).

In addition, personal data are submitted to the VIRTA publication info service of the Ministry of Education and Culture and from there further to the OpenAIRE portal and the OpenAPC service.

Metadata for published research data sets are delivered from the research information system to the national Metax metadata pool, to the JYU catalogue of the the Etsin service and further to the national research data pool.

By the researcher’s permission, their publication data are transferred to the international ORCID service and thereby outside the EU/EEA area. Otherwise, no data are transferred outside the EU/EEA area. You can find a list of transfers outside the EU/EEA through the link below.

Personal data processors and transfers outside the EU/EEA

On what basis we process your personal data?

We process your personal data based on legal grounds, agreements, or your consent. If you want to dive deeper into our legal bases, such as the relevant legal provisions, you can find more information through the menu below.

The lawful basis for processing the personal data pertains to performing a duty for public benefit (EU GDPR, Article 6, Section 1e) and filling a statutory obligation (EU GDPR, Article 6, Section 1c, and the Universities Act, Section 2 ). The University processes, makes statistics, analyses and publishes personal data related to the University’s research activities and social interaction in order to carry out its duties

according to the Universities Act, Section 2. The University communicates actively about its research activities according to the responsible conduct of research.

The processing of personal data is necessary to implement an agreement involving the data subject, or to carry out, on the data subject’s request, relevant measures preceding the signing of such agreement (EU GDPR 679/2016, Article 6, Section 1b).

The publicly displayed data of the research information system can be browsed in the Converis portal.

How to contact us?

If you want more information about the processing of your personal data, do not hesitate to contact our data protection officer via email or phone (+358 40 805 3297).

Contact our data protection officer

Contact information of units

Below you find the contact information of the responsible unit. If you wish, you can directly contact the unit instead of the data protection officer.

If you want to exercise your rights (withdraw your consent for example) you can contact the Registry Office by email:

Send a request to the Registry Office