GDPR Privacy Notice

1. Register Holder
Name:                                Satakunta University of Applied Sciences
Business-ID:                     2388924-4
Postal address:              P.O. Box 1001, FI-28101 PORI
Visiting address:            Satakunnankatu 23, PORI
Tel:                                      +358 2 620 3000
Email:                                  kirjaamo@samk.fi
 
2. Register Manager
Name:                                Teemu Heikkinen
Tel:                                     +358 44 710 3289
Email:                                 teemu.heikkinen@samk.fi
 
3. Head of Information Security
Name:                                Osmo Santamäki
Tel:                                     +358 44 710 3035
Email:                                 tietosuojavastaava@samk.fi
 
4. Purpose of the Register
The personal information collected is used to authenticate and manage user (later customer) access to the portmate.eu service.
 
5. Basis for Collecting and Processing Data
Customer information is collected and processed with the customer's consent. Consent is given when creating a new user account, i.e. when registering for the service.
 
6. Information Content of the Register
First name, last name, e-mail address, username, password, user role in the service and choice of default user language (FI / SV / EN). In addition, any port information added by the customer.
 
7. Retention Period of Data
Personal data will be retained for as long as is necessary to implement a contract with the customer or to improve customer service. After the end of the customer relationship, the data is stored for a maximum of one year.
 
8. Regular Sources of Information
The register collects information from the person himself. Data is also collected through the Google Analytics tool. For more information: https://support.google.com/analytics/answer/3379636?hl  and https://policies.google.com/privacy
 
9. Regular Disclosures and Transfers of Information Outside the EU or the EEA
Information is not disclosed outside the company. Some of the external service or software providers used by the company may store data outside the EU or the European Economic Area.
 
10. Use of cookies
We use cookies in the pages. A cookie is a small text file sent to and stored on a user's computer that allows the webmaster to identify the visitors who frequently visit the site, to facilitate visitor sign-in to the site, and to enable composite information about the visitors. This feedback enables us to continually improve the content of our pages. Cookies do not harm users' computers or files. We use them to provide our customers with information and services tailored to each individual's needs.
 
If a Visiting User of our site does not want us to receive the above information through cookies, most browser programs allow user to disable cookie functionality. This is usually done through the browser settings. However, it is good to note that cookies may be necessary for the proper functioning of some of the pages we maintain and the services we provide.
 
11. Register protection
The data is transferred over an SSL secure connection. Electronic information is protected by a firewall, usernames and passwords. Only those persons employed by the controller who need the information in the course of their duties shall have access to the information.
 
12. Automatic decision making
No automated individual decisions will be made (Article 22 of the EU Data Protection Regulation).
 
13. Customer Data Protection Rights
 
Customer shall have the right of access to the personal data contained in the personal data file. The access request must be sent to the register manager.
 
Customer has the right to request the correction or deletion of incorrect or outdated data or the transfer of data from one system to another. Customer also has the right to restrict or object to the processing of the data in accordance with Articles 18 and 21 of the EU Data Protection Regulation.
 
Customer shall have the right to withdraw his or her prior consent to the processing of data or to lodge a complaint with the supervisory authority regarding matters relating to the processing of the personal data.