System privacy policies

In order to offer you IT services, we must process different types of data through which you can be identified. The University’s IT services that require the processing of personal data include, for example, login, network connections, computers, various types of software, disk space, and email.

IT Center’s general data protection statement

The general data protection statement of the IT Center’s services can be found on “Data protection” page at helsinki.fi, where the University has collected general data protection statements related to its services. The general data protection statement contains information about, among other things, what kind of personal data we process in different situations and why.

The system-specific privacy policies on this page supplement the general data protection statement with information about the processing of personal data in certain University systems and services. If you have any questions about the processing of personal data at the IT Center, you can always contact our IT Helpdesk at helpdesk@helsinki.fi.

System- and service-specific privacy policies

Zoom is a video communications service designed for online meetings and events.

The Zoom service of the University of Helsinki was obtained through NORDUnet, a collaboration between the networks of Nordic higher education institutions. The Zoom offered by NORDUnet works using the “on-premise” principle and the servers are located in the data centres of NORDUnet. The IT Center for Science (CSC), a representative owned by Finnish higher education institutions, distributes the Zoom service to the University of Helsinki.

The Zoom service is available to all university staff and students. The use of the service and the authentication process require a valid user account and e-mail address under the information systems of the University of Helsinki.

We process and store the personal data (name, e-mail address IP address) and some meeting data (name, date, time and duration) of the users of the university’s Zoom service. Only the administrators of the IT Center have special rights to access this data. The organisers of individual events can also access the data of their event. This data is typically used to save lists of participants, among other things.

If necessary, administrators of the service provider (NORDUnet) and the distributor of the service (CSC) may also be given access to the data described above. Data is not disclosed to third parties without users’ consent.

The traffic in the service remains in the EU and the data is stored on NORDUnet servers in the Nordic countries.

Right of access

IT Center, University of Helsinki 18.6.2020

Data controller

University of Helsinki
IT Center
P.O. Box 62 (Viikinkaari 11, Info Centre Korona)
00014 University of Helsinki
02941 911

Person in charge of registry matters

Juha Myllys
P.O. Box (Viikinkaari 11, Info Centre Korona)
00014 University of Helsinki
02941 40163
atk-verkko@helsinki.fi

Name of the register
Data protection statement for HelsinkiUni Guest wireless network log files

Intended use of the register

The log files of the HelsinkiUni Guest network are used for the maintenance and development of the HelsinkiUni Guest network as well as for the investigation of any faults or misuse.

Data contents of the register

The log files store the following information about the user:

session start time
possible session renewal times
session end time
duration of connection
IP addresses of the connections used (source and target addresses)
ports of the connections used (source and target ports)
number of packets sent
location at building level
address of the device (MAC address)
network application identification information

Regular disclosure of data

Data is not disclosed outside of the European Union or the European Economic Area. Data collected from the University of Helsinki’s wireless networks can be disclosed to other registers produced by the University of Helsinki’s IT Center. In order to develop and monitor operations, the contents of the register are used in reports. However, no individuals can be identified from the reports.

Security principles for the register

data is stored on University of Helsinki’s server located in a locked data center with restricted access
data can only be viewed by an authorised employee who is identified by a username and password
users’ rights to system information are limited through access roles
securing the operation of equipment and telecommunications is based on the IT architecture of the University of Helsinki
data is stored in electronic form only

Unitube lataamo is a user interface for all university staff and students to upload and store video materials in the main component of the backend system (Opencast). In addition to Opencast, the backend system includes other components that enable the user to play the videos in a selected location.
In the Unitube video service, we process the usernames of the University of Helsinki and the users’ IP addresses. We also process any personal data potentially included in the actual video materials.
We obtain the usernames from card authentication in classroom and studio recordings, from any video files stored by the user through the lataamo user interface and from user accounts linked to series of videos.
Information containing usernames connected to recordings (e.g. so-called media package) will be stored for the same length of time as the recordings.
For more information on the processing of personal data at the IT Center of the University of Helsinki, please visit the page ‘Processing of personal data and privacy protection notice’.

Right of access

IT Center, University of Helsinki 18.6.2020

Data controller

University of Helsinki
IT Center
P.O. Box 62 (Viikinkaari 11, Info Centre Korona)
00014 University of Helsinki
02941 911

Person in charge of registry matters

Juha Myllys
P.O. Box 62 (Viikinkaari 11, Info Centre Korona)
00014 University of Helsinki
02941 40163
atk-verkko@helsinki.fi

Name of the register
Data protection statement for university’s wireless networks

Intended use of the register

The information collected from the users of the University of Helsinki’s wireless networks is used for the maintenance and development of wireless networks and for the investigation of any faults, problems or misuse.

Data contents of the register

For devices connected to the University of Helsinki’s wireless network, user-specific information is stored in the register as follows:

address of the device (MAC address)
IP address of the device
username (if required)
general information about the device used
information about the wireless network used
connection protocol used by the device login time
duration of connection
wireless connection strength
amount of data transferred during the session
location at building level
information about the base station to which the user is connected
HelsinkiUni Guest, guest network: IP addresses of client connection ports (source and target addresses)
HelsinkiUni Guest, guest network: client connection ports (source and target ports)

Regular disclosure of data

Security principles for the register

data is stored on University of Helsinki’s server located in a locked data center with restricted access
data can only be viewed by an authorised employee who is identified by a username and password
users’ rights to system information are limited through access roles
securing the operation of equipment and telecommunications is based on the IT architecture of the University of Helsinki
data is stored in electronic form only