jamk.fi

The Library’s customer register - privacy notice

EU’s General Data Protection Regulation (2016/679)

Last update 10.12.2018

1. Name of the register

JAMK Library Customer Register

2. Controller

JAMK University of Applied Sciences
Library
P.O. Box 207
FI-40101 Jyväskylä, Finland

3. Contact person in matters concerning the register, contact information during office hours

Library Director Teemu Makkonen (tel. +358 40 594 6587)
firstname.surename[a]jamk.fi

4. Purpose of the processing of personal data

The library user’s customer relationship management. The Library uses the register to supervise borrowing and borrowing rights and to compile statistics. The Library uses the register to control access to the self-service library and to compile usage statistics. Check the Library's recording surveillance video system register.

5. Data contents of the register

The register contains the customer’s personal data:

  • name (obligatory)
  • social security number or date of birth (obligatory)
  • addresses (obligatory)
  • telephone number(s)
  • email address
  • student ID
  • library card barcode
  • patron group and statistical category
  • organization
  • the date of the latest transaction in the library’s circulation system


The register contains information about the customer’s current loans, reservations and fees, including fees related to unreturned materials and administrative handling invoicing. When a loaned item is returned, its lending data related to the borrower in question is removed from the register.

Reservations are picked up from a self-service shelf wherein the customer’s name can be seen connected to the reserved material. If the customer does not want their name to be shown connected to the reservation, they need to contact the Library’s customer service and ask that the reservation is kept at the customer service desk. In this case the reservation can be picked up only during the Library’s customer service hours.

The library has the right to register the customer's social security number (the Finnish Data Protection Board's decision 57/29.11.1993). The social security number is used when giving or taking away a library card and borrowing rights. The social security number is also used in the library’s debt collection. The customer’s patron group and statistical category data is used for the library’s statistics and to enable the use of the self-service library.

Library borrowing rights expire when the customer has no unreturned loaned items and no fees and they have not used the library in three years. The customer can get back their borrowing rights if they so wish.

6. Legal bases for processing personal data

The consent of the data subject

How can you withdraw your consent?
A registered data subject (i.e. the customer) has the right to request the erasure of their personal data from the register if they have returned all their borrowed items and paid all their fees. The erasure request must be made either in writing, hold enough distinctive information about the requester and be accompanied by a personal signature, or alternatively personally to the library staff, in which case the identity of the requester is checked. Before the erasure of data, the staff will make sure that the aforementioned obligations have been fulfilled.

7. Regular sources of data

One becomes a library customer by giving their personal data via a form via the library’s website or at the library’s customer service desk. JAMK students can permit data transfer from JAMK’s student management system. The customer’s notice, the student register, the Population Register Centre and other address information services can be used to update the customer’s contact data

8. Regular transfer of data and transfer of data into countries outside the European Union or the European Economic Area

In invoicing cases, data is handed over to the collection agency used by JAMK.

The self-service library saves the user data (the name and library card barcode of the registered customer) received from the library system for 14 days. The customer data and visual surveillance camera material collected by the self-service library can be handed over for the purposes of taking care of JAMK’s internal safety or to the police for preliminary investigation.

Data is not transmitted outside the EU or EEA, or international organizations.

9. Principles of register protection

A. Printed material

The application forms used by the borrower will be destroyed immediately after the data has been saved in the customer register.

B. Electronic data

Standard methods are used to ensure the technical protection of data. The library system’s and self-service library’s servers are located in a closed place and the data held in the servers is backed up. The use of the system requires a personal user name and password. The library staff is bound by professional secrecy.

10. Retention period or criteria for determining

Library borrowing rights expire when the customer has no unreturned loaned items and no fees and they have not used the library in three years. The customer can get back their borrowing rights if they so wish.

11. Automatic decision-making/profiling

Automated profiling related to personal data is not conducted.

12. Rights of the Data Subject

A registered data subject (i.e. the customer) can check their personal data and borrowed items by logging in to the Library’s web service.

Personal data can be checked during the Library’s customer service hours at the Library’s customer service desk. The request must be made either in writing, hold enough distinctive information about the requester and be accompanied by a personal signature, or alternatively personally to the library staff, in which case the identity of the requester is checked.

A registered data subject has the right to request the erasure of their personal data from the register if they have returned all their borrowed items and paid all their fees. The erasure request must be made either in writing, hold enough distinctive information about the requester and be accompanied by a personal signature, or alternatively personally to the library staff, in which case the identity of the requester is checked. Before the erasure of data, the staff will make sure that the aforementioned obligations have been fulfilled.

Written requests are addressed to: JAMK University of Applied Sciences Library, Postal address PL 207, 40101 Jyväskylä, Finland

Read more information about the JAMK’s Privacy Policy, Data Protection Officer and the rights of the data subject and their implementation.

13. Data Protection Officer

Mirja Nojonen
Asiantuntija, Specialist
+358 40 576 4450
Jyväskylän ammattikorkeakoulu | JAMK University of Applied Sciences
ICT-palvelut | Data Administration
Rajakatu 35
FI-40200 Jyväskylä, Finland

Last update 10.12.2018