Processing of personal data

Why do we process your personal data?

We process your personal data in the following tasks:

• Processing job ads and applications
• Selecting a person for an employment relationship at the University of Eastern Finland.
• In addition in connection with recruitment, an analysis can also be made on some applicants’ personal operating methods, which is carried out as a self-assessment and with the relevant applicant’s consent. 

Do we use automated decision-making or profiling?

We do not make automated decisions or use profiling.

Why are we allowed to process your personal data?

The processing of personal data is based on EU’s General Data Protection Regulation. A more precise basis for processing is the legitimate interest of the data controller (significant relationship between the data controller and the data subject).

With regard to the self-assessment of the personal operating methods analysis, the basis for processing personal data is the data subject’s consent. 

What personal data do we process?

The following personal data is stored in connection with recruitment:

• Job applicant’s personal data (name, date of birth, gender) and contact information (email address, street address, telephone number)
• Information on the applicant’s education, language skills and work experience and other relevant competences, as well as information on their references.
• Depending on the job applied for; CV, list of publications, selected publications, research plan, application, teaching portfolio, scientific merit, international activities, postgraduate study plan and development plans for the applicant’s field of study.
• The analysis of the applicant’s personal operating methods includes processing their name, email address, gender and location (country), which are mandatory information. In addition, the applicant may choose to fill in other background information that are not mandatory (such as job title and organisation). The applicant chooses the characteristics proposed by the system that best and least describe them. Based on the responses, the system creates an HPA analysis proposal that is reviewed together with the person who has sent the request to fill out the information. The applicant comments and accepts/rejects their analysis during the feedback discussion.
• The applicant may also include their profiles from social media or research communities (for example, Twitter, LinkedIn, Instagram or ResearchGate) in their contact information.

How long do we store your personal data?

Applications are stored in the Saima recruitment system for 36 months after the application has been last updated. Open applications are stored for six months after they have been updated. The application of the person selected for the position will be permanently stored in the archives of the University of Eastern Finland.

Self-assessments of the analysis of personal operating methods are stored for six months.

Where do we obtain the personal data needed for processing?

Applicants store their own data in the Saima system. With the consent of the applicant, the information necessary for recruitment can also be requested from other data sources, such as from the applicant’s former employers. The data subject is obliged to provide the necessary personal data. If the data subject does not provide the necessary personal data, the recruitment process cannot proceed.

For the purpose of analysing the personal operating methods, personal data is obtained from the data subject themselves. 

Transfer of personal data

Data is transferred from the recruitment system to those involved in the application process and only to those in the position of a party concerned, with the consent of the applicant or on the basis of a right based on law.

In the case of applicants who are subject to an analysis based on the self-assessment of their personal operating method, the analysis approved by the applicant may be transferred on the basis of consent to the person responsible for recruitment. 

As a regular transfer, the recruitment data collection of the Ministry of Education and Culture must be carried out annually, in which the number of applicants by gender and nationality and the basic data on the candidates selected for the position are provided as statistical data.

The processor of personal data is used in analysing the personal operating methods. The processor of personal data is Thomas International Ltd, with whom the university has concluded a data protection agreement. 

Transfer or disclosure of data outside the EU or EEA and the basis for this

As a rule, personal data is not transferred outside the EU or EEA. 

The data controller responsible for the processing of your personal data:

University of Eastern Finland
Joensuu: Yliopistokatu 2, P.O. Box 111, FI-80101 Joensuu, Finland
Kuopio: Yliopistonranta 1, P.O. Box 1627, FI-70211 Kuopio, Finland
Telephone +358 294 45 1111 (switchboard)

Helena Eronen, Data Protection Officer

Learn more about how we protect your personal data.

Read more about the data subject’s rights. 

Why do we process your personal data?

We process your personal data for the following purposes:

The stakeholder groups of community relations in the University of Eastern Finland include people who contribute to the university’s activities as specialists, partners, guest lecturers, research subjects or in other similar university activity such as alumni relations. Stakeholder groups also include the people who have subscribed to the university newsletter or other communications and those who are being sent sales and marketing communications or needs assessment surveys to public services via various distribution channels. Stakeholder engagement also includes various search engines to our partners, stakeholder groups, and the public interested in research.

Sales, marketing, alumni relations, public relations, communications, attending events, and needs assessment surveys.

Do we use automated decision-making or profiling?

We do not use automated decision-making or profiling.

Why are we allowed to process your personal data?

The processing of personal data is based on the EU General Data Protection Regulation. The more precise legal bases are:

• Data subject’s consent
• Enforcement of contract (in which the data subject is a party), contracts: Subscription, attending an event or a previous customer relationship
• Data controller’s compliance with a statutory obligation. Universities Act (558/2009, section 2)
• A task carried out in the public interest/the exercise of public authority vested in the data controller
• Execution of data controller’s or a third party’s legitimate interests (the legitimate interest in question: Information Society Code [917/2014] chapter 24 on Electronic Direct Marketing and Cookies)

Concerning event attendance, we also process sensitive data (the dietary information can include sensitive data). The exception for the processing of this data is the data subject’s consent.

What personal data do we process?

We process the following data:

• Alumni: name, contact information, degree information, date of birth, professional status, interests.
• Donors: name, personal identity code/Business ID, address, phone number, email, amount and recipient of the donation.
• Attending events: name, contact information, event information, diet. 
• Communications: communication with alumni, donors, and partners
• Newsletters and marketing communications: emails
• UEF Connect and similar databases: name, contact information, profession, organizational information, information written by the person themselves, and the contact information of partners
• All the courses organized by the university

How long do we keep your personal data?

Personal data is retained for as long as is required for the service to be executed. 

• Donors: data is permanently retained

Where do we get the personal data that is needed?

• From the data subject themselves
• Data of the university staff is transferred from the Human Resources systems (Mepco, Helpnet, and SoleCris)

Transfers of personal data

The diet information is transferred to the caterer when signing up to events. Email addresses collected in needs assessment surveys can be transferred to the marketing of the university’s course selection if the respondent gives their consent. 

For public relations and communications, the personal data is available on the public website of the university.

Transfers outside the EU or the EEA and criteria for transfers

Personal data will not be transferred outside the EU or EEA. The UEF website can also be viewed outside the EU and EAA area.

Data Controller is:

University of Eastern Finland

Joensuu: Yliopistokatu 2, PO Box 111, 80101 Joensuu

Kuopio: Yliopistonranta 1, PO Box 1627, 70211 Kuopio

Phone 0294 45 1111 (exchange)

Helena Eronen Data Protection Officer

Learn more about how we protect your personal information.

Read more about the rights of the data subject