911±¬ÁÏÍø privacy notice for partnership services
This privacy notice provides information to 911±¬ÁÏÍø alumni, donors and stakeholders about the processing of their personal data in CRM-system as part of the partnership services of 911±¬ÁÏÍø.
Privacy notices
911±¬ÁÏÍø's privacy notices provide information on the processing of personal data in the university's operations. The privacy notices describe the purpose and legal basis of the processing of personal data and specify which type of personal data needs to be processed in each activity. The privacy notices inform if personal data will be shared, or transferred outside the European Union. In addition, the data subject is informed about their data protection rights.
Due to the many tasks of 911±¬ÁÏÍø, we maintain several privacy notices. You can get familiar with their contents through the links and attachments on this page. In the context of university activities, you are data subject, i.e. person whose data is processed, if you are for example our student, staff, alumni, partner or customer. Please note that depending on the relationship between the data subject and Aalto, either one or more of the privacy notices may apply.
Have you been invited to a university event or are you visiting our website?
The following privacy notices describe the processing and protection of personal data when organizing university events and communications.
Privacy notice for our alumni, donors and stakeholders
We inform on the processing of personal data of 911±¬ÁÏÍø alumni, donors and stakeholders in the CRM system in this privacy notice.
Privacy notices at 911±¬ÁÏÍø
IT services privacy notice
IT Services Privacy Notice
This privacy notice describes the 911±¬ÁÏÍø policy on the personal data collected and processed by the 911±¬ÁÏÍø IT Services (ITS) in connection with the services it produces and the processes it executes.
Privacy notice for researchers, professionals and visiting scholars
This data protection notice provides information on the processing of your personal data when you are a researcher, expert or academic visitor at 911±¬ÁÏÍø.
Privacy notice for researchers, professionals, visiting scholars and users of Aalto research portal
Privacy notice for researchers, professionals, visiting scholars and users of Aalto research portal
Privacy Notice for aalto.fi
911±¬ÁÏÍø ('Aalto') collects personal data that relates to the users of the aalto.fi website ('website'). This privacy notice applies to the website aalto.fi. Aalto acts as the controller for personal data that users of the website provide when they visit the website or by other means or that is collected automatically in conjunction with website browsing activity.
Video surveillance
911±¬ÁÏÍø uses video surveillance to safeguard security as well as to prevent and investigate criminal activity and vandalism. This page provides information about the processing and protection of your personal data, as well as your rights in relation to surveillance.
Privacy Notice for Archives and Records Management Services
The Learning Centre customer register - Privacy notice
Privacy notices for our students and applicants
You find information on the protection of personal data of our students and applicants to bachelor’s, master’s and doctoral education on the pages:
Privacy notices of research and other projects at 911±¬ÁÏÍø
Rights of the data subject
Under the GDPR, you have the right to review your information and rectify any inaccurate or erroneous personal data. In addition, with certain exceptions, you have the right to erase your data. If he processing of personal data is based on your consent, you also have the right to withdraw your consent. You find more information on your rights listed below.
According to the GDPR, you have a right to know what information on yourself is stored in the personal data file. You have the right to request that any inaccurate or erroneous data on yourself be rectified without undue delay. If data you wish have rectified or erased is maintained by an Aalto partner, we will request that the partner take the appropriate measures.
Barring certain exceptions, the GDPR guarantees your right to have your erased, or as it is termed, your right to be forgotten. However, this right does not obtain in cases where the university’s right as the controller to process personal data is based on the university’s obligation to perform tasks carried out in the public interest or in the exercise of official authority. If the processing of personal data is based on your consent, you may also withdraw your consent. In that case, you may submit a request to us to erase data concerning yourself from our system. If there is no other legal grounds for processing your data, we will erase it.
If you contest the accuracy of the personal data or the lawfulness of the processing, or or if you have exercised your right to object to the processing, you may request that the processing of the personal data be restricted to storage only. The processing of the data is then confined to its storage only until, for example, the accuracy of the data is verified. If you do not have the right to request erasure of the data, you may request instead that 911±¬ÁÏÍø limit its processing to only that needed in order to store the data.
You always have the right to object to the processing of your personal data when the processing is for marketing purposes.
Data subject´s rights and data protection officer
In this section, you will find information on how you can exercise the rights of the data subject at 911±¬ÁÏÍø if necessary.
Requests under the GDPR concerning the processing of personal data can be submitted through our personal data portal:
Please note, however, that regular service addresses or contact person named in privacy notice for different services will still be used primarily for contact information changes and other routine changes.
You may also contact the data protection officer of 911±¬ÁÏÍø if you have questions or demands relating to the processing of personal data:
DPO: Sirpa Syrjälä
Phone: 09 47001
Email: dpo(at)aalto.fi
If you consider the processing of your personal data to be an infringement of data protection legislation, you have the right to lodge a complaint with the Data Protection Ombudsman, which is the supervisory authority. Read more:
We have an obligation to communicate personally any security breach of personal data to those data subjects whom the breach concerns. The right enters into force if the breach is likely to result in a high risk to the rights and freedoms of the individual, e.g. in the form of identity theft, payment fraud or other criminal activity.
An information security team operates at Aalto (email security(at)aalto.fi) to process reported data protection and information security incidents concerning the university and to help resolve them, investigating whether data breaches have occurred.
We process personal data with care, and take proper care of data security. Up-to-date technical solutions such as firewalls and encryption are used.
In our processes, the personal data is processed only by our employees or our partners' employees who are entitled to process personal data. Access and read-only access to the data systems are determined and granted only to the extent required by the task and only to the individuals who need the personal data in the data system concerned in order to perform the task assigned to them.
We process your personal data in accordance with General Data Protection Regulation (GDPR), in a way that respects the rights and freedoms of the data subject. We ensure that data protection principles are followed at all stages of the processing of personal data.
Personal data is be processed manually (on paper) electronically and in various different data systems which are administered by either Aalto or its partner.
We have selected as service providers only those processors who comply with good personal data processing practices through appropriate technical and organizational measures, meet the requirements of the General Data Protection Regulation and are able to enforce your rights.