Privacy - Biobord

Customer Register Privacy Statement

1 CONTROLLER

JAMK University of Applied Sciences

School of Technology

FINLAND

2 DATA PROTECTION OFFICER & CONTACT PERSON FOR REGISTER-RELATED MATTERS

Please find the name and contact information of the data protection officer and deputy data protection officer.

Riikka Kumpulainen, Biobord Network Secretary

School of Technology, JAMK Institute of Bioeconomy

Phone: +358 50 575 9454

E-mail: riikka.kumpulainen@jamk.fi

Anna-Stina Kuula, Biobord administrator

School of Technology, JAMK Institute of Bioeconomy

Phone: +358 40 632 5576

E-mail: anna-stina.kuula@jamk.fi

3 NAME OF THE REGISTER

The name of the register is the Biobord user register.

4 PURPOSE AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

Personal data are collected for specified, explicit and legitimate purposes to fulfill obligations related to platform user relationships. Data are collected to the register from the users, and the users can manage and erase their user data directly.

Personal data are collected according to this privacy statement and will not be used, altered or transferred differently from what is mentioned in this privacy statement.

5 DATA CONTENT OF THE REGISTER

The register contains personal data of the Biobord users, which include name, email address, user group, rights to content management system of Biobord and other information related to the roles and rights of the Biobord user relationship.

6 REGULAR DATA SOURCES

The data included in the user register is collected from the data subjects themselves.

7 REGULAR DISCLOSURE OF DATA

In individual cases, necessary user data may be disclosed for legal purposes to authorities. JAMK University of Applied Sciences discloses data on a customer or stakeholder to the designated party if the data subject so requests or if a competent authority requires JAMK University of Applied Sciences on legal grounds to disclose specified data in the database in our possession. Data may also be transferred to the marketing register of JAMK University of Applied Sciences with the specific approval of the data subject.

There are currently no regular destinations of disclosed data outside the data controller. Within the Biobord network, user data overviews can be used to analyze the community building progress of Biobord platform. However, this usage does not involve sharing or transferring any contact information or names of the users.

8 DATA TRANSFER TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS

Data is not transferred to third countries or organizations outside the partnership.

9 RIGHT OF ACCESS

Data subjects have the right to inspect what data concerning them has been stored in the register. In addition, having submitted a sufficiently precise and specific inspection request, a data subject has the right to access the data that concerns them and is included in the records. The inspection request must be submitted in writing and signed to the contact person of the controller and a copy of a personal identification document containing a photo of the data subject must be included with the request.

10 RIGHT OF RECTIFICATION AND ERASURE

The controller must rectify incorrect data included in the register specified by a concerned party. The controller is also independently obligated to verify that the data included in the register is accurate and up to date. Data subjects may also request the controller to remove data concerning them from the register. The procedure is managed by the Data Protection Officer.

11 OTHER RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA

The data subjects have the right to request restriction of processing personal data. Data subjects also have the right to receive the personal data concerning them, which they have provided to the controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller. In addition, the data subjects have the right to object to the processing of data concerning them, decisions based on automated processing, and profiling.

12 ERASURE OF DATA AND DATA RETENTION PERIOD

JAMK University of Applied Sciences will erase the user’s data from the register when operational grounds for processing the data no longer exist. Personal data is processed for the duration of the user relationship and subsequently for the period deemed necessary to manage the warranty and error liabilities.

Data are erased by overwriting when grounds no longer exist for processing or storing the data. However, data will not be erased if specific provisions have been issued by laws or regulations or if a competent authority has initiated a process that requires JAMK University of Applied Sciences to retain the data or another party has requested a Finnish court of law to decide on safeguarding the data.

13 APPROVAL OF THE PRIVACY STATEMENT

The privacy statement was reviewed and approved for continued use on 9.6.2021.