1.1. Privacy notice for scientific research
1. Title, nature and duration of research
Title of research: Perception of moral issues
☒ Case study
☐ Follow-up study
Duration of research: 1.1.2022−31.12.2023.
Duration of data processing: 1.1.2022−31.12.2024.
2. Data controller (pick one)
☒ Research will be conducted in an employment contract with the Tampere University, indicating the University to be the data controller.
Tampere University Foundation sr
33014 Tampere University
Kalevantie 4, 33100 Tampere
Business ID: 2844561-8
☐ Research is conducted by a student not employed by the Tampere University which makes the student the data controller
☐ Registry is jointly controlled with several data controllers.
3. Contact person regarding the research registry
Name: Jari Hietanen
Address: Pinni B 3140, Human Information Processing Laboratory, Faculty of Social Sciences / Psychology, 33014 Tampere University
Phone number: +358401901384
E-mail address: jari.hietanen@tuni.fi
4. Contact information of the Data Protection Officer
dpo@tuni.fi
5. Principal investigator or research group
Name: Jari Hietanen
Address: Pinni B 3140, Human Information Processing Laboratory, Faculty of Social Sciences / Psychology, 33014 Tampere University
Phone number: +358401901384
E-mail address: jari.hietanen@tuni.fi
6. Researchers
Jari Hietanen (jari.hietanen@tuni.fi)
Hironori Akechi (akechi.ac@gmail.com)
7. Content of research records
Responses to tasks
Demographic information (age, gender)
Technical information (e.g., Prolific ID number)
8. Sources of personal data
Participants themselves are the only source of data.
9. Purpose of processing personal data
The purpose of processing personal data is scientific research and public interest. The data is used only for answering the research questions. The aim of the research is to study human linguistic and visual perception.
The organisations listed in Section 1 serve as Joint Controllers that jointly determine the purposes and means of processing personal data.
10. Lawful basis for processing personal data
The lawful basis for processing under the EU’s General Data Protection Regulation, Article 6 Paragraph 1, and the Personal Data Act, Section 4:
☒ Public interest or the exercise of official authority
☒ Scientific or historical research purposes or statistical purposes
☐ Archiving of materials relating to research or cultural
☐ Consent
How consent can be cancelled:
Participation is voluntary, and participants may withdraw their consent and discontinue the study without having to state why by closing the browser window.
☐ Legal obligation of the data controlled
Regulations:
☐ Legitimate interests of the Data Controller or a third party
Please specify the legitimate interests:
☐ Other, please specify:
11. Sensitive personal data (special categories of data and criminal records)
☒ No sensitive personal data will be processed during the research project
☐ The following types of sensitive personal data will be processed during the research project:
☐ Racial or ethnic origin
☐ Political opinions
☐ Religious or political beliefs
☐ Trade union membership
☐ Genetic data
☐ Biometric data to uniquely identify a person
☐ Health data
☐ Data concerning a natural person’s sex life or sexual orientation
Will personal data concerning criminal convictions and offences be processed during the research project?
☒ No
☐ Yes
12. Transfer or disclosure of data to external parties
☐ Personal data will be regularly transferred or disclosed to parties other than the members of the research group.
☐ Processing activities will be outsourced (for example to a subcontractor).
13. Transfer or disclosure of data outside the EU/EEA
Will data stored in the research records be transferred to a country or an international organisation that is located outside the EU/EEA?
☐ No
☒ Yes, please specify: Data will be analysed by a member of the research group in Japan
14. Automated decision-making
Decisions will not be made by automated means.
15. Data protection principles
Protection of manual materials (e.g. paper documents):
☐ In a locked room
☐ In a locked cupboard
☒ Other, please specify: No paper documents or other manual materials will be collected.
Protection of digital materials (e.g. information systems and equipment):
☒ usernames
☒ password
☐ multi-factor authentication (MFA)
☐ access management (IP address)
☐ collection of log data
☒ physical access control: Nonanonymized data will be stored on a hard drive in a locked cupboard in a locked room.
☐ other, please specify
Processing of data that directly identifies an individual:
☒ Directly identifiable data will be removed during the analysis stage
☐ The materials will be pseudonymised
☐ The materials will be analysed without removing directly identifiable data, because (please provide the reasons for retaining personally identifiable data):
Protecting data in transit:
☒ secure transmission, please specify: The data will be transmitted securely by using a physical data storage device. The transmission will be conducted by the core research group and no one outside the core research group will have access to the data storage device. If a situation emerges in which the data must be transmitted over the Internet, it will be transmitted in encrypted form, the transmission will be conducted securely by the core research group and no one outside the core research group will have access to the file encryption key or the encrypted data.
☐ file encryption, please specify:
☐ other, please specify:
16. Processing of personal data after the research project has been concluded
☐ The research records will be destroyed
☒ The research records will be anonymised and archived without personally identifiable data
☐ The research records will be archived without anonymisation
17. Data subjects’ rights and possible restriction thereof
Data subjects have the following rights under the EU’s General Data Protection Regulation (GDPR):
– Right of access
o Data subjects are entitled to find out what information the University holds about them or to receive confirmation that their personal data is not processed by the University.
– Right to rectification
o Data subjects have the right to have any incorrect, inaccurate or incomplete personal details held by the University revised or supplemented without undue delay. In addition, data subjects are entitled to have any unnecessary personal data deleted from the University’s systems.
– Right to erasure
o In exceptional circumstances, data subjects have the right to have their personal data erased from the Data Controller’s records (‘right to be forgotten’).
– Right to restrict processing
o In certain circumstances, data subjects have the right to request the University to restrict processing their personal data until the accuracy of their data, or the basis for processing their data, has been appropriately reviewed and potentially revised or supplemented.
– Right to object
o In certain circumstances, data subjects may at any time object to the processing of their personal data for compelling personal reasons.
– Right to data portability
o Data subjects have the right to obtain a copy of the personal data that they have submitted to the University in a commonly used, machine-readable format and transfer the data to another Data Controller.
– Right to lodge a complaint with a supervisory authority
o Data subjects have the right to lodge a complaint with a supervisory authority in their permanent place of residence or place of work, if they consider the processing of their personal data to violate the provisions of the GDPR (EU 2016/679). In addition, data subjects may follow other administrative procedures to appeal against a decision made by a supervisory authority or seek a judicial remedy.
Contact information:
Office of the Data Protection Ombudsman
Street address: Ratapihantie 9, 6th floor, 00520 Helsinki, Finland
Postal address: PO Box 800, FI-00521 Helsinki, Finland
Switchboard: tel. +358 29 56 66700
Fax: +358 29 56 66735
Email address: tietosuoja@om.fi
The Data Controller follows a GDPR-compliant procedure for responding to subject access requests.