Hyppää sisältöön
TACCU

Tampere Accessibility Unit

Accessibility in Digital Society follow-up study 2024-25

Privacy notice for scientific research 03.12.2024

EU General Data Protection Regulation (EU 2016/679), art. 12, 13, 14

  1. Title, nature and duration of research

Title of research: Accessibility in Digital Society follow-up study 2024-25

Nature of research: Online survey

Duration of research and duration of data processing: The data will be preserved until end of 2029.

  1. Data controller

Tampere University Foundation sr

  • Street address: Kalevantie 4, 33100 Tampere
  • Postal address: FI-33014 Tampere University
  • Business ID: 2844561-8

  1. Contact person regarding the research registry and responsible of the research

  • Tero Avellan, Faculty of Information Technology and Communication Sciences, Tampere University, Finland, tero.avellan@tuni.fi
  • Pauliina Baltzar, Faculty of Information Technology and Communication Sciences, Tampere University, Finland, pauliina.baltzar@tuni.fi

  1. Contact information of the Data Protection Officer

 dpo@tuni.fi

  1. Researchers

TACCU Researchers will be responsible of the research and will have access to the data.

  1. Content of research records

No directly identifying personal data, in other words direct identifiers, will be collected in the research questionnaire.

  1. Sources of personal data

The research material is collected in its entirety from the respondents themselves with an online survey.

  1. Purpose of processing personal data

The research aims to analyze and enhance accessibility, and data is collected to understand better accessibility knowledge and how it will be developed in the future, identifying the challenges and opportunities.

  1. Lawful basis for processing personal data

The lawful basis for processing under the EU’s General Data Protection Regulation, Article 6 Paragraph 1, and the Personal Data Act, Section 4: Public interest or the exercise of official authority:

Scientific or historical research purposes or statistical purposes

  1. Sensitive personal data (special categories of data and criminal records)

No sensitive personal data nor criminal convictions or offences will be processed in the research.

Lawful basis for processing of sensitive personal data

The lawful basis for processing under the EU’s General Data Protection Regulation, Articles 9 (special categories of personal data) and 10 (personal data relating to criminal convictions and offences), and the Personal Data Act, Sections 6 and 7:

Scientific or historical research in the public interest, statistics, or the exercise of official authority.

  1. Transfer or disclosure of data to external parties

Personal data will not be transferred from the person conducting the research to anyone else during the research.

  1. Transfer or disclosure of data outside the EU/EEA

The data in the research register will not be transferred to a third country or to an international organization outside the EU or the EEA region.

  1. Automated decision-making

Decisions will not be made by automated means.

  1. Data protection principles

Manual material will not be collected.

Protection of digital materials

The collection, processing, and storage of the digital research material is done using Tampere University’s digital services, which are protected by a username, password, and partly multifactor authentication (MFA), and with Tampere University’s digital device, which is protected with a username and password. The username and password are personal and only known by the persons conducting the research.

Processing of direct identification data

Direct identifications will not be composed with research answers.

The collection, processing, and storage of the digital research material is done using Tampere University’s digital services, which are protected by a username, password, and partly multifactor authentication (MFA), and with Tampere University’s digital device, which is protected with a username and password. The username and password are personal and only known by the persons conducting the research.

Protecting data in transit

Data will not be transferred from the person conducting the research to other persons. The communication between the device and the digital services used in the work takes place using a WPA2-secured network connection. In addition, the device and the digital services are protected by a username and password, and partly by multi-factor authentication (MFA).

  1. Processing of personal data after the research project has been concluded

The research register will be anonymized and archived without personally identifiable data. The data will remain in TACCU’s archives. When anonymized, the material no longer contains personal data and therefore does not form a personal register.

  1. Data subjects’ rights and possible restriction thereof

Because no directly identifying personal data, in other words direct identifiers, are collected in the research, it is not possible to identify an individual data subject in the research register. Therefore, it is not possible to realize the following data subject’s rights:

  • Right to inspect data (right to access personal data)
  • Right to correct data
  • Right to erase data
  • Right to restrict processing
  • Right to object
  • Right to transfer the data from one system to another

The data subject instead has, where applicable:

  • Right to lodge a complaint with a supervisory authority

Data subjects have the right to lodge a complaint with a supervisory authority in their permanent place of residence or place of work, if they consider the processing of their personal data to violate the provisions of the GDPR (EU 2016/679). In addition, data subjects may follow other administrative procedures to appeal against a decision made by a supervisory authority or seek a judicial remedy.

Data Protection Ombudsman Contact Information:

The Data Controller follows a GDPR-compliant procedure for responding to subject access requests.