List of active policies

Name Type User consent
GDPR Privacy policy All users


Please read the following Privacy Policy, click 'Next' and then click the box with the text 'I agree to the GDPR'.

Full policy


1. Data controller
University of Vaasa
Wolffintie 34

2. Data processor
Mediamaisteri Oy
PL 82 (Erkkilänkatu 11 A)
33101 Tampere
010 281 8000

3. Name of the register
Learning management system’s user register.

4. The purpose of the processing
The provisioning of learning management services.

5. Description of the categories of data subjects and personal data
Registry consists of user’s basic contact information such as name, username, password, country, photo, town, birthday, nationality, native language and email address. Additionally, user can submit more personal data, such as interests, instant messenger contact info, phone number, home address, website address and language selection.

6. Regular sources of information
Personal data is collected:
•    when user becomes a customer, signs up as a user, uses the services or has an appropriate contact with the data controller
•    from third parties within the limits of law for purposes stated in this privacy policy

7. Transfers of personal data
Personal data (learning assignments etc.) can be transferred to Turnitin plagiarism service. Name of the user is accessible by other users. Furthermore, user may allow their email address and other attributes to be accessible by other users.

8. Envisaged time limits for erasure
Personal data will be removed when the data is not needed unless the applicable law states otherwise.

9. General description of the technical and organizational security measures
Records are secured with usernames, passwords and firewalls. The required network traffic of the service is protected. Records are available only to specifically selected personnel. Data processing personnel are under formal obligation of professional secrecy.
Your personal data will be protected according to the Code of Conduct for Service Providers (, a common standard for the research and higher education sector to protect your privacy.

10. Data subject’s rights
Data subject (“user”) is provided the following rights:
•    The right to be informed
•    The right of access
•    The right to rectification
•    The right to erasure
•    The right to restrict processing
•    The right to data portability
•    The right to object
•    Rights in relation to automated decision making and profiling.

Enquiries regarding the subject's rights should be addressed to the data controller