Privacy and data protection
Specific guidelines on privacy and data protection can be found here (behind login):
The main principle is personal data is to be processed lawfully, fairly and in a transparent manner to protect the rights of the data subject.
How do we process personal data?
All processing of personal data is to comply with current and applicable law including the European Data Protection Regulation.
In case we use a provider or partner to process personal data, we will sign a data processing agreement to ensure that the processing complies the requirements of this policy.
We protect the personal data we process with data security based on data protection impact assements. Processing is also protected by following best practices based on guidelines and descriptions.
We aim to protect the rights of the data subjects by applying privacy by design when we deploy IT services and procedures. We will meet the requirement of privacy by default by minimising processing of personal data.
We will document handling of personal data by descriptions according to legal requirements.
In case of a data breach, we will report it to the Data Protection Officer. We will also inform you about an incident if it would cause a big risk for you. Contact the Data Protection Officer at Hanken, firstname.lastname@example.org, in case of a personal data breach or in case of a suspected or high risk on inappropriate leaks of personal data.
What personal data do we collect?
If you log in as a user, logs will be generated on what you read and write.
We collect your postal address and e-mail in order to communicate with you.
We collect logs in IT and library services on how you use the services. To ensure physical security we have installed access control and logging enabled for some facilities. The access to logs is restricted.
If you are studying at Hanken we will collect information about your studies and your presence.
We protect personal data in research by best practices and code of conducts.
If you are employed at Hanken we will collect and process your personal data according to requirements regarding employers.
For what purposes do we process personal data?
We process personal data on our web sites to adapt the service for you based on your choices.
We need your contact information to be able to communicate with you.
We register your contact information, your presence and your study results to make it possible for to study at Hanken.
If you are employed at Hanken we will collect such information about you which is required by the law.
When do we erase personal data?
We can erase your personal data upon request in case of marketing or alumni activities.
We have legal requirements to preserve information about your study results. Information about tasks related to a course will be erased according to our information management plan.
If you are employed by Hanken, we have a legal obligation to preserve information about you.
The information management plan of Hanken will define in detail when personal data is to be erased.
Disclosure of personal data
We will not disclose your personal data to third parties if the party is not our data processor.
We will not disclose your personal data to third countries if compliant data protection cannot be ensured.
Right to object and right to rectification
You have the right to obtain information and obtain rectification on processing of your personal data.
Contact primarily the contact person in the unit who handles your personal data in question.
If it is unclear who to contact of if you want to file a complaint, contact our Data Protection Officer, email@example.com.
Data Protection Officer
Hanken has appointed a Data Protection Officer to support processing of personal data in an appropriate way and act as a point of contact for data subjects and for supervising authority,
You can contact our Data Protection Officer through firstname.lastname@example.org.