Exploring Accessible Theatre: Student Perspectives - Privacy Notice

Privacy notice for scientific research 19.03.2026

EU General Data Protection Regulation (EU 2016/679), art. 12, 13, 14

1. Title, nature and duration of research

Title of research: Exploring Accessible Theatre: Student Perspectives

Nature of research: online survey, interviews

Duration of research and duration of data processing: The data will be preserved until end of 2029.

2. Data controller

Tampere University Foundation sr

• Street address: Kalevantie 4, 33100 Tampere
• Postal address: FI-33014 Tampere University
• Business ID: 2844561-8

3. Contact person regarding the research registry and responsible of the research

• Pauliina Baltzar, Faculty of Information Technology and Communication Sciences, Tampere University, Finland, pauliina.baltzar@tuni.fi

4. Contact information of the Data Protection Officer

 dpo@tuni.fi

5. Researchers

TACCU Researchers will be responsible of the research and will have access to the data.

6. Content of research records

There are two different surveys. The first survey focuses on the subtitling application. In this survey, no directly identifying personal data (direct identifiers) will be collected. However, some indirect identifiers, such as age and how often you attend theatre performances, will be collected. The second survey focuses on the overall experience. In this survey, students may choose to leave comments with their names, as some responses may be used for social media purposes. The answers from the two surveys will not be combined. In addition, there will be surveys for theatre staff, in which their role will be collected.

7. Sources of personal data

The research material is collected from the respondents themselves with an online survey and interviews.

8. Purpose of processing personal data

The research aims to understand accessibility in theatre settings and to examine whether accessibility solutions, such as subtitling, make theatre visits more accessible. The study seeks to explore how theatre accessibility can be improved, assess the effectiveness of current solutions, and support the theatre in developing its accessibility services and overall customer experience.

9. Lawful basis for processing personal data

The lawful basis for processing under the EU’s General Data Protection Regulation, Article 6 Paragraph 1, and the Personal Data Act, Section 4: Public interest or the exercise of official authority:

Scientific or historical research purposes or statistical purposes

10. Sensitive personal data (special categories of data and criminal records)

No sensitive personal data nor criminal convictions or offences will be processed in the research.

Lawful basis for processing of sensitive personal data

The lawful basis for processing under the EU’s General Data Protection Regulation, Articles 9 (special categories of personal data) and 10 (personal data relating to criminal convictions and offences), and the Personal Data Act, Sections 6 and 7:

Scientific or historical research in the public interest, statistics, or the exercise of official authority.

11. Transfer or disclosure of data to external parties

Personal data will not be transferred from the person conducting the research to anyone else during the research.

12. Transfer or disclosure of data outside the EU/EEA

The data in the research register will not be transferred to a third country or to an international organization outside the EU or the EEA region.

13. Automated decision-making

Decisions will not be made by automated means.

14. Data protection principles

Manual material will be collected and digitalized. Manual materials will be destroyed properly after digitalization.

Protection of digital materials

The collection, processing, and storage of the digital research material is done using Tampere University’s digital services, which are protected by a username, password, and partly multifactor authentication (MFA), and with Tampere University’s digital device, which is protected with a username and password. The username and password are personal and only known by the persons conducting the research.

Processing of direct identification data

Direct identifications will not be composed with research answers.

The collection, processing, and storage of the digital research material is done using Tampere University’s digital services, which are protected by a username, password, and partly multifactor authentication (MFA), and with Tampere University’s digital device, which is protected with a username and password. The username and password are personal and only known by the persons conducting the research.

Protecting data in transit

Data will not be transferred from the person conducting the research to other persons. The communication between the device and the digital services used in the work takes place using a WPA2-secured network connection. In addition, the device and the digital services are protected by a username and password, and partly by multi-factor authentication (MFA).

15. Processing of personal data after the research project has been concluded

The research register will be anonymized and archived without personally identifiable data. The data will remain in TACCU’s archives. When anonymized, the material no longer contains personal data and therefore does not form a personal register.

16. Data subjects’ rights and possible restriction thereof

Because no directly identifying personal data, in other words direct identifiers, are collected in the research, it is not possible to identify an individual data subject in the research register. Therefore, it is not possible to realize the following data subject’s rights:

• Right to inspect data (right to access personal data)
• Right to correct data
• Right to erase data
• Right to restrict processing
• Right to object
• Right to transfer the data from one system to another

The data subject instead has, where applicable:

• Right to lodge a complaint with a supervisory authority

Data subjects have the right to lodge a complaint with a supervisory authority in their permanent place of residence or place of work, if they consider the processing of their personal data to violate the provisions of the GDPR (EU 2016/679). In addition, data subjects may follow other administrative procedures to appeal against a decision made by a supervisory authority or seek a judicial remedy.

Data Protection Ombudsman Contact Information:

• Street address: Lintulahdenkuja 4, 00530 Helsinki
• Postal address: PL 800, 00531 Helsinki
• Switchboard: 029 566 6700
• Email address: tietosuoja@om.fi
• Other contact information: https://tietosuoja.fi/en/contact-information

The Data Controller follows a GDPR-compliant procedure for responding to subject access requests.