Course feedback system's privacy statement

Articles 13 and 14 of the EU General Data Protection Regulation

Data Protection Act (1050/2018)

Articles 13 and 14 of the Combined Data Subject Information Document (EU Data Protection Regulation 2016/679).

1. Controller

Seinäjoki University of Applied Sciences
Kampusranta 11, Frami F
FI-60320 Seinäjoki, Finland
+358 20 124 3000

2. Controller’s representative

Johanna Säilä-Jokinen, Director of Administration

2a. Official responsible for the personal data file

Vesa Vuolio, Quality Manager

2b. Contact persons in matters relating to the data file

Vesa Vuolio, Quality Manager

2c. Contact details of the Data Protection Officer

Jarmo Jaskari, Data Protection Officer, Seinäjoki University of Applied Sciences
tel. +358 40 868 0680

3. Name of the data file

Course feedback (OPJAPA).

4. Purpose of processing personal data/data file use

At Seinäjoki University of Applied Sciences, students are offered an opportunity to give feedback on each course. The purpose of collecting feedback is to ensure the continuous development and critical evaluation of courses. Course feedback is part of SeAMK’s quality work.

SeAMK is in the process of upgrading its course feedback system. The use of OPJAPA application will be discontinued at the end of 2018.

5. Purpose of maintaining the data file

Other relevant connection between the controller and the data subject: a student-customer relationship.

5a. Data content of the file

The file is used to record feedback related to course implementations. The following data concerning the data subjects are stored in the file.


  • Student number
  • Name
  • E-mail
  • Implementation in which the student has participated
  • Responded/Did not respond flag

Note: the actual feedback is given anonymously


  • Name
  • Implementation you are participating in

5b. Information systems using the data file

6. Regular sources of data

The personal data are transferred to the Course feedback system from Winha’s basic file.

7. Regular disclosure of data

8. Transfer of data outside the EU or the EEA

No data stored in the file is transferred outside the EU or the EEA.

9. Principles of data file protection

A.      Manual material

B.      Computer-processed data

Data maintenance is protected by AD credentials and passwords. A limited group with user rights has access to the file data stored in the system. CRM is only enabled on the Intranet and across a remote connection.

The database is protected by the server’s user IDs and passwords.