HATU - practical training support system's privacy statement

Articles 13 and 14 of the EU General Data Protection Regulation

Data Protection Act (1050/2018)

Articles 13 and 14 of the Combined Data Subject Information Document (EU Data Protection Regulation 2016/679).

1. Controller

Seinäjoki University of Applied Sciences
Kampusranta 11, Frami F
FI-60320 Seinäjoki, Finland
+358 20 124 3000

2. Controller’s representative

Johanna Säilä-Jokinen, Director of Administration

2a. Official responsible for the personal data file

Vesa Vuolio, Quality Manager

2b. Contact persons in matters relating to the data file

Vesa Vuolio, Quality Manager

2c. Contact details of the Data Protection Officer

Jarmo Jaskari, Data Protection Officer, Seinäjoki University of Applied Sciences
tel. +358 40 868 0680

3. Name of the data file

HaTu – practical training support system.

4. Purpose of processing personal data/data file use

The stages of each student’s practical training process are entered in SeAMK’s practical training support system.

5. Purpose of maintaining the data file

Other relevant connections between the controller and the data subject: student-customer relationship.

5a. Data content of the file

The following details of the company, organisation or other stakeholder are entered in the data file:

  • Name
  • Address information
  • Phone numbers
  • Email addresses
  • Website links
  • Location of head office
  • Basic company information (Business ID, number of employees, sector)
  • Agreements
  • Practical training events

Following details of the contact person:

  • Name
  • Address information
  • Phone numbers
  • Job title
  • Organisation
  • Practical training periods

Following details of the student:

  • Full name
  • Contact details
  • Winha number
  • Group
  • Unit
  • Study field
  • Degree programme

5b. Information systems using the data file

Details of the practical training are transferred to the CRM system of SeAMK.

6. Regular sources of data

The data file is updated manually by users during the practical training assignments.

Details of organisations and their responsible persons are stored in the CRM system. Student details are transferred from the student register to the HATU system.

Basic details of the SeAMK contact persons are transferred from the Active Directory.

7. Regular disclosure of data

The data will not be disclosed.

8. Transfer of data outside the EU or the EEA

No data stored in the file is transferred outside the EU or the EEA.

9. Principles of data file protection

A.      Manual material

B.      Computer-processed data

Data maintenance is protected by means of an AD identifier and password. The data entered in the system is accessible to a specific group of users provided with access rights. CRM is only accessible in the intranet and through remote access.

The database is protected by means of a server user IDs and passwords.