Data protection

Data protection statement

We process personal data relating to communications, marketing, donations, subscriptions, registrations and student applications on our public website and in systems connected to the website. This statement provides more information about how we process personal data.

The controller of the data file, or the party responsible for processing your data, is the University of Helsinki.

Controller of the data file:

University of Helsinki
PO Box 3
00014 University of Helsinki

Exchange: 02941 911
Contact details for the data protection officer: tietosuoja@helsinki.fi
Service address: digiviestinta@helsinki.fi

Why do we process your personal data, or what is the purpose of the processing?

Your personal data are processed on the helsinki.fi website, because they are needed for the technical maintenance of the website, for communications and marketing as well as for analysing the use of the website and its further development.

Why do we have the right to process your personal data, or what is the legal basis for the processing?

The helsinki.fi website will process your personal data when they are relevant for communications, marketing or the provision of the service, or you have consented to the processing of your data. The personal data are processed in ways that are relevant to the provision of the service, and appropriate processes are in place for the processing of the personal data.

Primary legislation
Data Protection Act
Act on the Openness of Government Activities (621/1999)

What kind of personal data are we processing?

We primarily process the kind of personal data from which you cannot be identified. Our page analytics collects information on visitors’ IP addresses. Whenever we process your contact details, we will ask for your permission. We will process your contact details when you

  • Give feedback on the website
  • Sign up for an event that requires registration in advance
  • Subscribe to messages or publications from the University, e.g., a newsletter or Yliopisto magazine, or you join a mailing list
  • Submit a student application
  • Make an online donation
  • Register as an alumnus/alumna
  • Order University products

We do not process confidential personal information.

Cookies and third-party applications

The website uses cookies and third-party applications to develop the service and to improve the user experience and service.

Third-party services offered through the helsinki.fi website, or applications with third-party vendors, will fall under the terms and conditions issued by the third party.

Use of cookies

Cookies are used to track online behaviour, e.g., how users navigate to the website or what the most popular pages and user paths are, as well as to collect use-related technical data, such as the device and browser, whether the user is a University of Helsinki internal or external user as well as the number of shares on social media with the help of social media extensions. Cookies are also used to recommend content, target marketing and improve quality.

The information will not be used to identify individual users. 

By visiting the University’s website, you accept the use of cookies. If your browser does not use cookies, please consider that blocking cookies for certain services may impact your experience.

Applications

Google Analytics and Google Tag Manager
User monitoring to analyse the use of webpages and their components, not to be connected with other types of cookies. These enable us to improve the user experience of our pages and applications as well as user reporting.

Leiki
A content recommendation application

Hotjar
This application records visual information on the use of the website and enables users to send feedback on their use of the website.

SiteImprove
Used to improve the accessibility, quality and search engine findability of the website. The application can be used to find and remove personal data from the website.

YouTube, Facebook,Twitter, LinkedIn

Social media applications to track shares on social media

With the help of information from cookies, the University of Helsinki’s partners can also track the user numbers and use of the service. Our partners typically need user data to create targeted marketing based on user interests as well as to monitor the effectiveness of their communications and marketing.

Third-party applications

The University of Helsinki’s public website uses third-party applications to maintain the site and to offer services to its users, clients and partners.

  • The Drupal publication system is used to maintain the helsinki.fi website. Drupal only collects personal data in conjunction with accounts for the members of the University community who use and maintain the service.
  • The University of Helsinki uses MailChimp to create its newsletters. The application processes personal data relating to subscriptions, interests and use analysis. Read the MailChimp Privacy Policy here https://mailchimp.com/legal/privacy/.
  • The University’s event calendar (eTaika) processes your personal data when you sign up for an event.
  • The University of Helsinki’s client management system (Salesforce) processes stakeholder data, such as information on alumni and donors. The public website is linked to a client register in cases that relate to donating, alumni activities as well as communications and marketing.
  • In the case of third-party applications, the terms and conditions of the third party will be followed.

You will not be added to subscriber lists or registers without explicit consent. You can withdraw your consent at any time by cancelling any newsletters or sending a request for removal to the University of Helsinki via the feedback page. This means that your data will no longer be collected.

How long will we store your personal data?

We do not store personal data permanently.

Transferring data outside the EU or EEA

The University’s data protection policy is to apply particular care to the processing of personal data if such data are to be transferred outside the EU and the EEA to countries which do not provide data protection that complies with the EU’s General Data Protection Regulation (GDPR).

On the website, IP addresses and personal data are processed outside the EU and the EEA by the following applications: social media extensions to track social media shares, MailChimp newsletters and Google Analytics. The transfer of personal data outside the EU and EEA must be carried out according to the requirements of the GDPR.

Your rights

You have the right to know whether we are processing your personal data. If we are processing your personal data, you have the right to know which data we are processing.

1. The right to demand that information be rectified and removed

You have the right to demand that incorrect information be rectified by contacting us.

You may request us to remove your personal data from our systems. We will comply with your request if we have no justified reason to refrain from removing the data. The data may not be immediately removed from all of our backup and other equivalent systems.

2. The right to refuse direct marketing

You have the right to refuse direct digital marketing by following the instructions included in all of our marketing messages. We never send direct marketing messages without consent from the recipient.

3. The right to restrict the processing of data

You may request that we refrain from processing specific personal data. A request to restrict the processing of data may result in a limited experience of our webpages and services.

4. The right to know when data are transferred between systems

If we need to transfer your data from one system to another, we always request permission from you personally, and the processing of such data is based on consent.

Further information

The University of Helsinki’s data protection statements and data file descriptions are available on the website (in Finnish)