Go back to previous page

List of active policies

Name Type User consent
GDPR 2025 Privacy policy All users
GDPR Privacy policy All users

GDPR 2025

Summary

Please read the following Privacy Policy, click 'Next' and then click the box with the text 'I agree to the GDPR'.


Full policy

EUNICE MOODLE PRIVACY POLICY 2025

This Privacy Policy follows the JOINT CONTROLLER AGREEMENT REGARDING THE EUNICE MOODLE LEARNING PLATFORM, signed December 20, 2024. EUNICE AISBL and Mediamaisteri Oy, both identified below, signed a Service Agreement for the supply of a digital online training platform Moodle, dated on 1st of January 2025. The Present Joint Controller Agreement is defined in Appendix 6 to the mentioned Service Agreement.

1. Data Controller (Joint Controllers)

POLITECHNIKA POZNAŃSKA
Pl. Marii Skłodowskiej-Curie 5
60-965 Poznan
POLAND
+48 61 833 3881

BRANDENBURG UNIVERSITY OF TECHNOLOGY (BTU)
Cottbus-Senftenberg
Postfach 101344
03013 Cottbus
GERMANY
+49 355 69-0

UNIVERSITÉ POLYTECHNIQUE HAUTS-DE-FRANCE
Campus Mont Houy
59313 Valenciennes cedex 9
FRANCE
+33 3 27 51 12 34

UNIVERSIDAD DE CANTABRIA
Avda. de los Castros, s/n
39005 Santander
SPAIN
+34 942 20 22 23

UNIVERSITÉ DE MONS
Place du Parc , 20
7000 Mons
BELGIUM
+32 65 37 31 11

UNIVERSITÀ DI CATANIA
Piazza Università, 2
95131 Catania
ITALY
+39 095 730 7777

VAASAN YLIOPISTO
Wolffintie 32
65200 Vaasa
FINLAND
+358 29 449 8000

UNIVERSITY OF PELOPONNESE
Erythrou Stavrou 28 & Karyotaki 22131
Tripolis
GREECE
+302710230000

INSTITUTO POLITÉCNICO DE VISEU
Av. José Maria Vale de Andrade
Campus Politécnico
3504-510 Viseu-
PORTUGAL
+351 232 469 703

KARLSTAD UNIVERSITY
Universitetsgatan 2,
65188 Karlstad
SWEDEN
+46 54-700 10 00

EUNICE AISBL
Place du Parc 20
7000 Mons
BELGIUM
+32 492 033 760

2. Personal data processor
Mediamaisteri Oy,
PO Box 82 (Erkkilänkatu 11),
33101 Tampere,
FINLAND

Phone: +358 10 281 8000
E-mail: info@mediamaisteri.com

3. Name of the register

Learning management system’s user register.


4. Purpose of processing personal data

The personal data is processed for the following purposes:
  • Management of user rights in the learning environment (1) (2) (3)
  • Management and assessment of completed studies and compilation of related statistics (1) (2)
  • Communication as well as study-related advice and guidance (1) (2) (3)
  • Resolution of technical problems and misuse (2) (3)
  • Monitoring of student activity (1) (2)
5. Legal basis for processing personal data

Each Party is responsible for ensuring that there is always a legal basis for its processing of personal data.
The processing of personal data is based on (1) compliance with a legal obligation (e.g. national legislation
regarding registers of education records), (2) performance of a task in the public interest or in the exercise
of official authority vested in the controller, and (3) legitimate interest.


6. Categories of personal data to be processed
  • Basic data
    • Identifiers: name, national learner ID
    • Login data: login method, username, linked login profiles
    • Contact data (email address)
  • Study-related data
    • Course registration data
    • Course and other study-related assessments/grades
    • Assignments returned in courses and their assessments/grades
  • Communication data
    • Discussions and communication stored in the system by users regarding, for example, study-related advice and guidance
    • Blog entries
  • Data about the use of Eunice learning platform
    • Browser session data
    • Support requests
7. Regular sources of information
The Joint Controllers obtain personal data in the EUNICE learning platform related to user logins from the organisation that manages the credentials in question (eduGain federation, Google login, Moodle login). Study-related data are obtained from the users themselves, or they are generated in connection with the use of the service and the completion of studies. Users themselves can produce data for the service, e.g., by publishing blog entries and storing files. Communication-related data are obtained from users. Browser session data are automatically generated in connection with the use of the service.

8. Recipients of personal data and transfers outside the EU or EEA
Personal data may not be transferred outside the EU or EEA.

The administration of the EUNICE learning platform has been outsourced to Mediamaisteri Oy (the processor as defined in 1.2). As part of providing the services pursuant to the Service Agreement, the processor will process personal data on behalf of the Joint Controllers. The administrator is bound by a non-disclosure obligation and does not have the right to disclose data to third parties or use data for purposes other than the implementation of the Joint Controllers’ commission. The data protection of the service has been arranged with the administrator, for example, by concluding agreements on the processing of personal data.

9. Storage periods
User profiles will be removed 12 months after the last login. Users are being notified by mail two months before.
Course log data and participation data older than 12 months will be removed.
Students’ course data (assignments, forum posts, etc.) will be removed from a course 12 months after the defined course end date.

To the extent data are transferred to be processed in registers independently managed by controllers, and then not covered by this agreement, the storage periods will be determined in accordance with national legislation and with the archiving plans or information management plans of the educational institutions in question.

10. General description of the technical and organizational security measures
The Parties ensure that the processing of personal data takes place using appropriate technical and organizational measures to achieve a satisfactory level of security in terms of the nature and scope of the processing, the technical development, implementation costs and from relevant risks to persons’ rights and freedoms The right to use personal data has been limited with the help of user right groups so that each user can only access the data they need in their work.

Systems containing personal data at Mediamaisteri Oy are protected by firewalls and other technical safeguards. Login and use of the systems is monitored. Devices and servers containing personal data are located in locked facilities and can be accessed only by designated persons.

11. Rights of Data Subjects and information
Data Subjects have the right to obtain information on the processing of personal data and to inspect the data concerning them that are stored in in the EUNICE learning platform. Data Subjects have the right to request the rectification or supplementation of erroneous, deficient or inaccurate data as well as the erasure of unnecessary personal data.

The Parties commit themselves to provide the Data Subjects with any information referred to in Articles 13 and 14 of the GDPR in a concise, transparent, intelligible, and easily accessible form, using clear and plain language. The information shall be provided free of charge.

Enquiries regarding the subject's rights should be addressed to the data controller dpo@eunice-university.eu.

Back to top

GDPR

Summary

Please read the following Privacy Policy, click 'Next' and then click the box with the text 'I agree to the GDPR'.


Full policy

EUNICE MOODLE PRIVACY POLICY

1. Data controller
University of Vaasa
Wolffintie 34
65200
Vaasa
Finland

2. Data processor
Mediamaisteri Oy
PL 82 (Erkkilänkatu 11 A)
33101 Tampere
010 281 8000
Finland
info@mediamaisteri.com

3. Name of the register
Learning management system’s user register.

4. The purpose of the processing
The provisioning of learning management services.

5. Description of the categories of data subjects and personal data
Registry consists of user’s basic contact information such as name, username, password, country, photo, town, birthday, nationality, native language and email address. Additionally, user can submit more personal data, such as interests, instant messenger contact info, phone number, home address, website address and language selection.

6. Regular sources of information
Personal data is collected:
•    when user becomes a customer, signs up as a user, uses the services or has an appropriate contact with the data controller
•    from third parties within the limits of law for purposes stated in this privacy policy

7. Transfers of personal data
Personal data (learning assignments etc.) can be transferred to Turnitin plagiarism service. Name of the user is accessible by other users. Furthermore, user may allow their email address and other attributes to be accessible by other users.

8. Envisaged time limits for erasure
Personal data will be removed when the data is not needed unless the applicable law states otherwise.

9. General description of the technical and organizational security measures
Records are secured with usernames, passwords and firewalls. The required network traffic of the service is protected. Records are available only to specifically selected personnel. Data processing personnel are under formal obligation of professional secrecy.
Your personal data will be protected according to the Code of Conduct for Service Providers (http://www.geant.net/uri/dataprotection-code-of-conduct/v1), a common standard for the research and higher education sector to protect your privacy.

10. Data subject’s rights
Data subject (“user”) is provided the following rights:
•    The right to be informed
•    The right of access
•    The right to rectification
•    The right to erasure
•    The right to restrict processing
•    The right to data portability
•    The right to object
•    Rights in relation to automated decision making and profiling.

Enquiries regarding the subject's rights should be addressed to the data controller tietosuojavastaava@uwasa.fi
Back to top