jamk.fi

The Library’s customer register – privacy notice

(EU’s General Data Protection Regulation (2016/679), Personal Data Act 523/1999)

Last update 11.4.2018

1. Controller

JAMK Library

2. Contact person in matters concerning the register, contact information during office hours

Library Director Teemu Makkonen, Rajakatu 35 F, FI-40200 Jyväskylä, tel. +358 40 594 6587

3. Name of the register

JAMK Library Customer Register

4. Purpose of the processing of personal data

The library user’s customer relationship management. The Library uses the register to supervise borrowing and borrowing rights and to compile statistics. The Library uses the register to control access to the self-service library and to compile usage statistics. Check the Library's recording surveillance video system register.

5. Data contents of the register

The register contains the customer’s personal data:

  • name
  • social security number or date of birth
  • addresses
  • telephone number(s)
  • email address
  • library card barcode
  • patron group and statistical category
  • the date of the latest transaction in the library’s circulation system


The register contains information about the customer’s current loans, reservations and fees, including fees related to unreturned materials and administrative handling invoicing. When a loaned item is returned, its lending data related to the borrower in question is removed from the register.

The library has the right to register the customer's social security number (the Finnish Data Protection Board's decision 57/29.11.1993). The social security number is used when giving or taking away a library card and borrowing rights. The social security number is also used in the library’s debt collection. The customer’s patron group and statistical category data is used for the library’s statistics and to enable the use of the self-service library.

Library borrowing rights expire when the customer has no unreturned loaned items and no fees and they have not used the library in three years. The customer can get back their borrowing rights if they so wish.

6. Regular sources of data

One becomes a library customer by giving their personal data via a form via the library’s website or at the library’s customer service desk. JAMK students can permit data transfer from JAMK’s student management system (ASIO). The customer’s notice, the student register, the Population Register Centre and other address information services can be used to update the customer’s contact data. 

7. Regular transfer of data and transfer of data into countries outside the European Union or the European Economic Area

In invoicing cases, data is handed over to the collection agency used by JAMK.

Personal or address data is not handed over for any other outside use outside the EU or the European Economic Area.

The self-service library saves the user data (the name and library card barcode of the registered customer) received from the library system for 14 days. The customer data and visual surveillance camera material collected by the self-service library can be handed over for the purposes of taking care of JAMK’s internal safety or to the police for preliminary investigation.

8. Principles of register protection

A. Printed material

The application forms used by the borrower will be destroyed immediately after the data has been saved in the customer register.

B. Electronic data

Standard methods are used to ensure the technical protection of data. The library system’s and self-service library’s servers are located in a closed place and the data held in the servers is backed up. The use of the system requires a personal user name and password. The library staff is bound by professional secrecy.

9. Right of access to the registered data

A registered data subject (i.e. the customer) can personally check their personal data and borrowed items by logging in to the Library’s web service.

A registered data subject has the right to check by personal request that their personal data stored in the register is valid and up to date. The request must be made either in writing, hold enough distinctive information about the requester and be accompanied by a personal signature, or alternatively personally to the library staff, in which case the identity of the requester is checked. Personal data can be checked during the Library’s customer service hours at the Library’s customer service desk. The register does not contain data that the right of access does not apply to.

Written requests are addressed to: JAMK University of Applied Sciences Library, Postal address PL 207, 40101 Jyväskylä. tel. +358 20 743 8100.

10. Right to demand rectification

A registered data subject (i.e. the customer) has the right to check that their personal data in the register is valid and up to date. The registered data subject can check their personal data and borrowed items by logging in to the Library’s web service.

The data in the register will be updated immediately upon notice from the registered data subject. The request must be made either in writing, hold enough distinctive information about the requester and be accompanied by a personal signature, or alternatively personally to the library staff, in which case the identity of the requester is checked. If necessary, the correctness of the registered data subject’s personal data will be checked from the Population Register Centre.

The rectification of personal data can be done at the Library’s customer service during customer service hours. The library staff will immediately rectify the mistakes they notice. Written requests are addressed to: JAMK University of Applied Sciences Library, Postal address PL 207, 40101 Jyväskylä. tel. +358 20 743 8100.

11. Right to erase data

A registered data subject (i.e. the customer) has the right to request the erasure of their personal data from the register if they have returned all their borrowed items and paid all their fees. The erasure request must be made either in writing, hold enough distinctive information about the requester and be accompanied by a personal signature, or alternatively personally to the library staff, in which case the identity of the requester is checked. Before the erasure of data, the staff will make sure that the aforementioned obligations have been fulfilled.

Written requests are addressed to: JAMK University of Applied Sciences Library, Postal address PL 207, 40101 Jyväskylä. tel. +358 20 743 8100.

12. Data Protection Officer

Mirja Nojonen
Asiantuntija, Specialist
+358 40 576 4450
Jyväskylän ammattikorkeakoulu | JAMK University of Applied Sciences
ICT-palvelut | Data Administration
Rajakatu 35
FI-40200 Jyväskylä, Finland

Last update 11.4.2018