Twitter 
Facebook Data protection
Data protection at Cupore
Everyone has the right to know what information has been stored in different registers concerning them. The right of access to personal data, the use of this right, and the rectification of data are provided for in the Finnish Data Protection Act (1050/2018).
Cupore maintains a stakeholder register containing the contact information of its stakeholders for communication and marketing purposes. In Cupore’s research projects, project-specific personal data files are created. The privacy policy statement for each project is drawn up as part of the project’s data management plan. The project-specific privacy policy statements are held at Cupore’s offices and can be accessed upon request.
On this webpage, you will find A) Cupore’s general privacy policy statements for all research projects and B) Privacy policy statement for the Cupore’s stakeholder register.
A) Privacy policy statement: Cupore’s research projects
This is the general privacy policy statement for the Center for Cultural Policy Research Cupore’s research projects. The purpose of this document is to provide general information on how Cupore processes personal data in connection with research projects.
1. Controller
The controller of research projects is the Center for Cultural Policy Research Cupore, maintained by the Foundation for Cultural Policy Research (1771249-3). Its address is Pitkänsillanranta 3 B, 00530 Helsinki.
If you have general questions regarding data protection, you can contact the person responsible for data protection at Cupore (Director Marjo Mäenpää). In questions regarding a specific research project, please contact the principal investigator.
2. Data processed in research projects
In some of Cupore’s research projects, personal data may be collected in order to carry out scientific research. Personal data are processed when it is relevant for the on-going project. Cupore only processes data necessary for scientific research. The personal data collected are listed in the project-specific privacy policy statement.
3. Purpose and legal basis of personal data processing
The purpose of processing personal data in research projects is to produce new scientific data using scientific research methods. Cupore processes personal data for research purposes when processing is essential for the research to be carried out. The processing of personal data in Cupore’s research projects is based on the performance by the controller of a task carried out in the public interest.
4. Data sources
Cupore collects personal data directly from the data subjects in connection with conducting the research (e.g. interviews). In addition, Cupore may collect information from existing registers when conducting register-based research.
5. Personal data processing and data protection principles
Detailed information on personal data processing is always separately provided in the appropriate research plan and the privacy policy statement for each research project.
Cupore’s research projects are the responsibility of the researcher or research group designated for them. The researchers and research group leaders of each project are named in the project description published on Cupore’s website. For each project, a contact person is designated for matters regarding personal data processing.
All personal data collected for Cupore’s research projects are processed securely in accordance with the data protection practices applicable to the processing of Cupore’s research data.
Personal data are collected and processed and personal data are reported in research results in accordance with the law and in a manner agreed upon with the research subjects in connection with the respective projects.
6. Personal data retention period
Personal data used in research are erased when they are no longer necessary for the performance of research or for the verification of the relevance of the results.
Data containing personal data may be archived for the purpose of later research in accordance with data protection legislation, the appropriate research plan and Cupore’s data protection practices. In such a case, direct identifiers are erased.
7. Transfer/disclosure of data to countries outside the EU/EEA
Personal data are not transferred nor disclosed to countries outside the EU/EEA.
If data are transferred or disclosed to countries outside the EU/EEA in an individual research project, details of this are given in the appropriate research plan and the research-specific privacy policy statement.
8. Automated decision-making
Personal data collected by Cupore for research projects are not used for automated decision-making.
9. Recipients of personal data
Recipients of personal data include the third parties, controllers and processors to whom the registered data are transferred or disclosed.
Cupore may use subcontractors or service providers for the purpose of processing personal data. These parties process the data on behalf of Cupore as processors or sub-processors. Cupore concludes with them, directly or indirectly, the agreements required by the Data Protection Regulation to ensure the safe and lawful processing of data.
Research data are only disclosed for the purpose of historic or scientific research to partners selected by Cupore and in accordance with data protection legislation.
10. Rights of the research subject
A person participating in a research project has the following rights under the Data Protection Regulation:
- The right to be informed whether and what personal data are processed in a project. The research subject also has the right to request a copy of these personal data.
- The right to request the rectification of inaccurate personal data concerning him or her.
- The right to request the erasure of his or her personal data if they are no longer necessary for the purposes for which they were processed, if the research subject withdraws his or her consent, if he or she objects to such processing, if the personal data have been unlawfully processed or if they have to be erased for compliance with a legal obligation. This right does not apply if the erasure renders impossible or seriously impairs the achievement of the objective of processing in scientific research.
- The right to request the restriction of processing of his or her personal data if he or she contests the accuracy of the personal data, if the processing is unlawful and the research subject requests the restriction of their processing, or if Cupore no longer needs the data but the research subject requires them for the establishment, exercise or defence of legal claims.
- The right to receive the personal data that he or she has provided to Cupore in a structured, commonly used and machine-readable format and the right to transmit those data to another controller, subject to certain conditions.
- The right to oppose the processing of his or her personal data if the processing is based on public interest or legitimate interest. In such a case, Cupore may not use the research subject’s personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or unless it is necessary for the establishment, exercise or defence of legal claims. Cupore may continue to process the research subject’s personal data also when it is necessary for the performance of a task carried out in the public interest.
- The rights of the research subject may be derogated from in individual cases in so far as the rights render impossible or seriously impair the achievement of the objectives of processing for scientific or historical research purposes or statistical purposes. The need to derogate from the research subject’s rights is always assessed on a case-by-case basis.
11. Complaint to the Data Protection Authority
The data subject has the right to lodge a complaint with the supervisory authority if he or she considers that the processing of his or her personal data infringes the applicable data protection legislation. In Finland, the supervisory authority is the Data Protection Ombudsman.
12. Updates
Cupore may update this data protection statement from time to time. It was last updated on 21 April 2020.
*
B) Privacy policy statement: Cupore’s stakeholder register
1. Controller:
Center for Cultural Policy Research Cupore, maintained by the Foundation for Cultural Policy Research (1771249-3)
Pitkänsillanranta 3B, 00530 Helsinki
2. Contact person of the register:
Anu Oinaala, Marjo Mäenpää
Pitkänsillanranta 3B, 00530 Helsinki
info@cupore.fi; 050 577 2246
3. Name of register
Stakeholder Register of the Center for Cultural Policy Research Cupore
4. Purpose of processing personal data
To store and maintain the contact information of the stakeholders of the Center for Cultural Policy Research Cupore, maintained by the Foundation for Cultural Policy Research. The data is used in Cupore’s communication and marketing activities.
5. Data content of the register
The person’s name, title, place of work, postal and email addresses and telephone number.
6. Regular sources of information
Data in the register are regularly collected from the data subjects themselves in meetings, by telephone, on the internet or in other similar ways. Personal data may be collected and updated from publicly available data sources, such as the webpages of organisations, the Trade Register and other public registers.
7. Regular disclosures of information
Personal data are not disclosed without a basis provided by an Act. The Center for Cultural Policy Research Cupore, maintained by the Foundation for Cultural Policy Research, may also use the services of its partners in its communication and marketing activities, in which case data may be disclosed to the partner for the purpose of carrying out Cupore’s communication and marketing activities. In such a case, the protection of personal data is subject to a separate agreement.
8. Transfer of data outside the EU or the EEA
Data in the register are not transferred outside the EU or the EEA.
9. Security principles of the register
The register does not contain manual data. Cupore’s stakeholder register is stored and updated in the contact information management service. Access to the service is restricted to those of Cupore’s employees who need the data to fulfil their duties. Access to data is by user name and password. Logs are kept of the use of the registered information. The data are protected by a firewall and other technical means.
10. Right of access
Data subjects may access their personal data stored in the system by contacting Cupore.
11. Right to request the rectification of data
Data subjects may request the rectification of data stored in the register by contacting Cupore.
12. Other rights regarding the processing of personal data
Personal data are retained for an indefinite period. Data subjects may at any time withdraw their consent to the processing of their personal data and have the data removed from the address register.
Cookies
This website uses cookies. We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.
Cookies are small text files that can be used by websites to make a user’s experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.
Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy.
Please state your consent ID and date when you contact us regarding your consent.
Your consent applies to the following domains: www.cupore.fi
Your consent ID: 17soyuSMOZx+FhryPSX41zxzu9l4ARFjN4oXl/HTChO8koFI5qCTHA==Consent date: Monday, April 3, 2023 at 01:13:20 PM GMT+3
Cookie declaration last updated on 23.1.2024 by Cookiebot:
Necessary (5)
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
| Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| __cf_bm | Vimeo | This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. | 1 day | HTTP Cookie |
| 1.gif | Cookiebot | Used to count the number of sessions to the website, necessary for optimizing CMP product delivery. | Session | Pixel Tracker |
| CONSENT | YouTube | Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website. | 2 years | HTTP Cookie |
| CookieConsent | Cookiebot | Stores the user’s cookie consent state for the current domain | 1 year | HTTP Cookie |
| hex (32) | www.cupore.fi | Used to manage server calls to the website’s backend systems. | Session | HTTP Cookie |
Statistics (7)
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
| Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| _ga | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 2 years | HTTP Cookie | |
| _ga_# | Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit. | 2 years | HTTP Cookie | |
| _gat | Used by Google Analytics to throttle request rate | 1 day | HTTP Cookie | |
| _gid | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | 1 day | HTTP Cookie | |
| p.gif | Adobe Inc. | Keeps track of special fonts used on the website for internal analysis. The cookie does not register any visitor data. | Session | Pixel Tracker |
| td | Registers statistical data on users’ behaviour on the website. Used for internal analytics by the website operator. | Session | Pixel Tracker | |
| vuid | Vimeo | Collects data on the user’s visits to the website, such as which pages have been read. | 2 years | HTTP Cookie |
Marketing (20)
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
| Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| collect | Used to send data to Google Analytics about the visitor’s device and behavior. Tracks the visitor across devices and marketing channels. | Session | Pixel Tracker | |
| LAST_RESULT_ENTRY_KEY | YouTube | Used to track user’s interaction with embedded content. | Session | HTTP Cookie |
| LogsDatabaseV2:V#||LogsRequestsStore | YouTube | Pending | Persistent | IndexedDB |
| nextId | YouTube | Used to track user’s interaction with embedded content. | Session | HTTP Cookie |
| remote_sid | YouTube | Necessary for the implementation and functionality of YouTube video-content on the website. | Session | HTTP Cookie |
| requests | YouTube | Used to track user’s interaction with embedded content. | Session | HTTP Cookie |
| ServiceWorkerLogsDatabase#SWHealthLog | YouTube | Necessary for the implementation and functionality of YouTube video-content on the website. | Persistent | IndexedDB |
| TESTCOOKIESENABLED | YouTube | Used to track user’s interaction with embedded content. | 1 day | HTTP Cookie |
| VISITOR_INFO1_LIVE | YouTube | Tries to estimate the users’ bandwidth on pages with integrated YouTube videos. | 180 days | HTTP Cookie |
| VISITOR_PRIVACY_METADATA | YouTube | Stores the user’s cookie consent state for the current domain | 180 days | HTTP Cookie |
| YSC | YouTube | Registers a unique ID to keep statistics of what videos from YouTube the user has seen. | Session | HTTP Cookie |
| ytidb::LAST_RESULT_ENTRY_KEY | YouTube | Stores the user’s video player preferences using embedded YouTube video | Persistent | HTML Local Storage |
| YtIdbMeta#databases | YouTube | Used to track user’s interaction with embedded content. | Persistent | IndexedDB |
| yt-remote-cast-available | YouTube | Stores the user’s video player preferences using embedded YouTube video | Session | HTML Local Storage |
| yt-remote-cast-installed | YouTube | Stores the user’s video player preferences using embedded YouTube video | Session | HTML Local Storage |
| yt-remote-connected-devices | YouTube | Stores the user’s video player preferences using embedded YouTube video | Persistent | HTML Local Storage |
| yt-remote-device-id | YouTube | Stores the user’s video player preferences using embedded YouTube video | Persistent | HTML Local Storage |
| yt-remote-fast-check-period | YouTube | Stores the user’s video player preferences using embedded YouTube video | Session | HTML Local Storage |
| yt-remote-session-app | YouTube | Stores the user’s video player preferences using embedded YouTube video | Session | HTML Local Storage |
| yt-remote-session-name | YouTube | Stores the user’s video player preferences using embedded YouTube video | Session | HTML Local Storage |