Updated 1 September 2017
Aalto University (”Aalto”) collects personal data from the users of its website. Aalto is committed to processing personal data in accordance with the legislation on the protection of personal data.
Purpose of processing the personal data
We process your personal data for the purposes of technical maintenance and development of the Aalto website as well as for communicating and marketing, analysing and developing the website contents.
What information do we collect?
Information you supply to Aalto
The website asks for your name and email address when you give feedback or when you subscribe to a mailing list.
Information collected through observing service use
Aalto collects information about the Aalto website users with the help of cookies, for instance. A cookie is a small text file sent to the browser of the website user, usually containing an anonymous identification number; the cookie is not harmful to the device used.
We collect statistics on, for example, the number of visitors, country of visitor, length of visit, browser used and contents visited by the user. Additionally, we keep statistics on whether the visitors are internal or external to Aalto University. The data collected is not personally identifiable.
We collect data from emails in accordance with the terms and conditions of MailChimp. For details, see https://mailchimp.com/legal/privacy/
Random browsing sessions are recorded to analyse user experience and behaviour. Form input information is not stored in recordings.
How do we use the information collected?
The website stores and compiles statistics of the data submitted by the user through feedback forms, mailing list subscriptions, and cookies, for instance. We analyse this data using tools such as Google Analytics. For more information on Google Analytics, visit http://www.google.com/analytics/. You can prevent Google Analytics from collecting data by downloading an browser add-on at: https://tools.google.com/dlpage/gaoptout.
Recordings and heatmaps are analyzed from user experience and behaviour point of view.
For service requests, we use the eSupport system, which saves the data supplied by the users when they give feedback. For details on the system, go to https://into.aalto.fi/pages/viewpage.action?pageId=12328707.
If you wish to subscribe to a mailing list, your e-mail address will be stored. Since we use MailChimp for mailing lists, data from e-mails is collected in accordance with their terms and conditions. For details on MailChimp go to https://mailchimp.com/legal/privacy/.
Additionally, the Aalto website contains third-party components related to social media services like Twitter and YouTube. The third-party plugins on the Aalto website are loaded from the servers of the service providers. The Aalto website does not submit any client data through social plugins.
The third-party services or applications on the Aalto website are subject to the terms and conditions of the third-party service providers.
Do we disclose personal data?
We transfer personal data only within the Aalto organisation and to the extent necessary for the technical administration and development of the website and for maintaining, analysing and developing the communication and marketing of the website contents.
Aalto discloses personal data to third parties only in the following circumstances:
Your personal data may be disclosed with your express consent for uses related to a third-party services, e.g. to the mailing list service provider MailChimp when you subscribe to a mailing list. You can withdraw your consent at any point, after which your data will no longer be collected.
For research purposes
In some cases, we may disclose data for scientific or other research purposes, such as student projects, in compliance with the legislation on personal data protection.
For legal reasons
Aalto may disclose your personal data to third parties where access to or processing personal data is necessary to i) satisfy any applicable law and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues. Aalto will inform those concerned of this type of use of personal data when possible.
Disclosure of information outside the EU/EEA countries
Aalto aims to provide its services and to process personal data in collaboration with actors and services in the EU/EEA countries. In some cases, however, the Aalto services may be provided with the help of actors, services or servers located in other countries, in which case your personal data may be transferred between countries. Such transfers may involve disclosing personal data to non-EU/EEA countries where legislation on personal data processing differs from that of Finland, such as the United States. In such cases, Aalto will ensure that personal data is duly protected.
Protection of data
The data is collected into databases contained in locked and supervised facilities that are accessible only by designated staff.
Right to request rectification of error
You have the right to request the rectification of any erroneous, inaccurate, incomplete, obsolete or unnecessary data by contacting us.
Right to request erasure of data
You have the right to request that your personal data be erased from our systems. We will take the measures requested unless we have a justified reason for not erasing the data. Your data may not be erased immediately from all our backup systems or other similar systems.
Right to prohibit processing
You have the right to request restrictions to us processing your data for other purposes than providing our services or fulfilling our legal obligations. You can also prohibit the processing of your data even if processing was based on your prior consent. Such a prohibition may limit your possibilities to use the Aalto website. You have a right to prohibit any direct email marketing by following the instructions included in all our marketing emails.
The right to restrict processing of data
You have the right to restrict our rights in processing certain personal data, but such restrictions may restrict your possibilities to use the Aalto website and services.
Right to transfer data between systems
You have a right to obtain the personal data we have collected of you in an organised and generally accepted form so you can submit them to another controller of a personal data file.
Right of access
You have a right to check the data we have saved on you into the contact details register.
Who is the controller of this personal data file and who can I contact?
The controller is:
Aalto University Foundation
P.O. BOX 11000
tel: (09) 47001 (exchange)
The contact person in matters regarding the personal data file (i.e. the personal data collected from Aalto website users) is Elina Kuuluvainen, Senior Communications Specialist, Content Strategy
You can exercise your above-mentioned rights by sending a letter to the address below or emailing to viestinta [at] aalto [dot] fi.
Communications Services / Aalto University
P.O. BOX 17800
If your request relates to personal data contained in a cookie, you must attach a copy of the cookie to your letter or e-mail. We may ask for additional information to verify your identity. We can reject requests that are unreasonably frequent, excessive or unjustified.