Customer registers

The Jamk Library Customer registers

The Library’s customer register - privacy notice

EU’s General Data Protection Regulation (2016/679)

Updated 30.10.2025

1. Name of the register

Jamk Library Customer Register

2. Controller

Jamk University of Applied Sciences
Library
P.O. Box 207
FI-40101 Jyväskylä, Finland

3. Contact person in matters concerning the register, contact information during office hours

Library Director Birgitta Kurvinen (tel. +358 40 556 3830)
firstname.surename[a]jamk.fi

4. Purpose of the processing of personal data

The library user’s customer relationship management. The Library uses the register to supervise borrowing and borrowing rights and to compile statistics. The Library uses the register to control access to the self-service library and to compile usage statistics. Check the Library's recording surveillance video system register.

5. Data contents of the register

The customer data stored in the register:

name
social security number or date of birth, individualized user identifier generated by the Peppi student and study information system or date of birth and individualized user identifier generated by the Alma library management system
addresses
telephone number
email address
PIN number
preffered language
expiration date of customership
student ID
library card barcode
patron group and statistical category
the date of the latest transaction in the library’s circulation system
notes if necessary
current requests
transaction data, e.g. loans and fees

The personal data of Jamk students are transferred automatically from the Peppi system. The personal data of other customers are maintained in the library system.

Reservations are picked up from a self-service shelf wherein the customer’s name can be seen connected to the reserved material. If the customer does not want their name to be shown connected to the reservation, they need to contact the Library’s customer service and ask that the reservation is kept at the customer service desk. In this case the reservation can be picked up only during the Library’s customer service hours.

The Library has the right to register the customer's social security number (the Finnish Data Protection Board's decision 57/29.11.1993). The social security number is used when giving or taking away a library card and borrowing rights.

6. Legal bases for processing personal data

The consent of the data subject

How can you withdraw your consent?
See paragraph 10.

7. Regular sources of data

Jamk students:
The data of Jamk students are transferred automatically from the Peppi student and study information system into the library system. Students update their own contact information in the Peppi system and the library borrowing rights are valid for the duration of the studies.

Other customers:
One becomes a library customer by giving their personal data via a form via the Library’s website or in person at the Library’s customer service desk. The customer’s notice, the student register, the Population Register Centre and other outside address information services can be used to update the customer’s contact data.

8. Regular transfer of data and transfer of data into countries outside the European Union or the European Economic Area

In invoicing cases, data is handed over to Jamk's sales invoice team.

The self-service library saves the user data (the name and library card barcode of the registered customer) received from the library system for 14 days. The customer data and visual surveillance camera material collected by the self-service library can be handed over for the purposes of taking care of Jamk’s internal safety or to the police for preliminary investigation.

Data is not transmitted outside the EU or EEA, or international organizations.

9. Principles of register protection

A. Printed material

The application forms used by the borrower will be destroyed immediately after the data has been saved in the customer register.

B. Electronic data

Standard methods are used to ensure the technical protection of data. The library system’s and self-service library’s servers are located in a closed place and the data held in the servers is backed up. The use of the system requires a personal user name and password. The library staff is bound by professional secrecy.

10. Retention period or criteria for determining

Jamk students:
The library borrowing rights of Jamk students expire when the customer graduates and has no unreturned loaned items and no fees. The customer can get back their borrowing rights if they so wish as Other customer.

Other customers:
The library borrowing rights of other customers end when the customership expires and there are no unreturned items or fines. The customer can continue their customership by notifying the library. The customer can also reestablish their customership if they so wish. The customer can check their customership expiry date in the Janet online library.

At least twice a year customers with an expiry date in the past and no obligations (unreturned loans, fees) are deleted from the register.

11. Automatic decision-making/profiling

Automated profiling related to personal data is not conducted.

12. Rights of the Data Subject

The registered data subject can check their personal data by logging in to the Janet Finna service or during service hours at the library’s customer service desk where the data can be updated if necessary. The customer’s identity is confirmed.

Jamk students are responsible for the correctness of their contact information and personal data in the Peppi system.

Jamk students have library borrowing rights for the duration of their studies via the Peppi system.

Other customers have the right to request the erasure of their personal data from the register if they have returned all their borrowed items and paid all their fees. Data can be erased during the Library’s service hours at the Library’s customer service desk. The identity of the customer is checked. Before the erasure of data, library staff will make sure that the aforementioned obligations have been fulfilled.

For further information about the data protection office and the rights of the data subject and their implementation, see Jamk's privacy statements.