Description of technology-based security systems at the Kokkola University Consortium Chydenius – Privacy notice

The following technology-based security systems are used in the Kokkola University Consortium Chydenius:

Camera surveillance system
Access control system
Locking and key management system
Published
23.8.2023

What should you know about the processing of your personal data?

The Ä¢¹½Ö±²¥ collects personal data about you to carry out its duties. You have rights to this data, such as the right to access the data and the right to be sure that it is stored securely and only for the necessary time. Above all, you have the right to know the following:

  • what information we collect about youand why,
  • for how long, and where we keep this informationand
  • to whom we share this information.

All of these points are explained in this privacy notice.

How to find the information you are looking for?

We have created this privacy notice to be as easy as possible to use and understand. That is why you will find the key points summarised under each section. If you are interested in knowing more, please follow the links in the sections or contact the data protection officer of the Ä¢¹½Ö±²¥.

Contact the data protection officer

Why we process your personal data? 

The technology-based security systems are used to ensure the security of the staff and students of the Kokkola University Consortium Chydenius and other persons in the campus area and facilities, and to protect the property of the University Consortium.

Surveillance camera recordings can also be used to substantiate grounds for terminating an employment relationship, to investigate or prove harassment or inappropriate conduct referred to in the Equality Act and the Occupational Safety and Health Act if the employer has justified grounds to suspect that an employee is guilty of such conduct, and to investigate workplace accidents.

What data we process and how long? 

The time we store your personal data varies from 30 days to 365 days. To get more information about what personal data we collect and how long we keep certain information, check the sections below.

Intrusion alarm system does not process any personal data.

What rights you have and how to exercise them?

You have the following rights: 

  • Right to access your data.
  • Right to have any incorrect information corrected.
  • Right to have your data erased (right to be forgotten), in certain situations.
  • Right to restrict processing.
  • Right to have the responsible unit inform the party to which your data is disclosed of your data being corrected, erased, or the processing being restricted.
  • Right to object processing, e.g. direct marketing.
  • Right to have your data transferred from one system to another, when processing is based on an agreement or your consent.
  • Right to be notified of any information security breaches resulting in a high risk.
  • Right to file a complaint with the supervisory authority.
  • Right to withdraw consent

You can exercise your rights by sending a request to the university's Registry Office. You can use the form on the Registry Office's website or send your request informally. Keep in mind that withdrawing your consent doesn’t change the processing that happened before the withdrawal.

Get to know your rights
Use the form of the Registry Office
Send an informal request to the Registry Office

Who can access your personal data?

The information recorded in the technology-based security systems can only be accessed by staff members who use the systems as part of their work tasks. These staff members are

  • Ä¢¹½Ö±²¥ Security Manager
  • Ä¢¹½Ö±²¥ Safety Coordinator
  • Maintenance Managers and HR and Security Manager of local IT services of the Kokkola University Consortium Chydenius.
  • Data Protection Officer of the Ä¢¹½Ö±²¥.
  • Personnel of the equipment suppliers (in connection with essential installation and maintenance work).
  • Staff members responsible for similar tasks in the Centria University of Applied Sciences (access control only). The Ä¢¹½Ö±²¥ and the Centria University of Applied Sciences have a joint access control system.

Also, the service providers we use can access your personal data in their role as data processors. However, these providers do not actively process your personal data, but they have access to it for maintenance reasons.

Learn more about data processors

To whom we transfer your data?

Personal data recorded by the technology-based security systems can be used in the prevention and investigation of offences, accidents or other similar events involving human lives or property.

  • Example 1: showing surveillance camera recordings to a Ä¢¹½Ö±²¥ staff member or student in order to identify stolen property and/or a suspected offender.

Personal data can be disclosed to investigative authorities on justified grounds.

  • Example 2: disclosing surveillance camera recordings to the police for criminal investigation.

Personal data can be disclosed to third parties on justified grounds.

  • Example 3: disclosing surveillance camera recordings on request to an insurance company for the processing of an insurance incident.

No personal data stored in the technology-based security systems is transferred outside the EU/EEA.

On what basis we process your personal data?

We process your personal data based on legal grounds, agreements, or your consent. If you want to dive deeper into our legal bases, such as the relevant legal provisions, you can find more information through the menu below. 

How to contact us?

If you want more information about the processing of your personal data, do not hesitate to contact our data protection officer via email or phone (+358 40 805 3297).

Contact our data protection officer

Below you find the contact information of the responsible unit. If you wish, you can directly contact the responsible unit instead of the data protection officer.

If you want to exercise your rights (withdraw your consent for example) you can contact the Registry Office by email:

Send a request to the Registry Office