Notice:

Privacy Policy

Data Controller

Helsinki University Library

P.O.Box 53 (Fabianinkatu 30)

FI-00014 University of Helsinki

Tel: +358 (0) 2941 911

Contact details for the data protection officer: tietosuoja@helsinki.fi

Data Processor

Digital Curation Centre

University of Edinburgh

Argyle House

3 Lady Lawson Street

Edinburgh, EH3 9DR

Tel: +44 (0) 131 651 1239

Contact

Tuuli Office, admin@dmptuuli.fi

Name of the register

DMPTuuli

DMPTuuli

DMPTuuli ('the tool', 'the system', ‘the service’) is a tool developed by the Digital Curation Centre, University of Edinburgh, UK and California Digital Library as a shared resource for the research community. It is hosted at the University of Edinburgh by the DCC. The Tool is maintained as separate instance and tailored for Finnish research organisations by Tuuli Office. The data is stored at servers of EDINA, University of Edinburgh, UK.

Purpose for processing the personal data

The register is developed to manage information about users and data management plans created by users. The information about the users is needed to manage user accounts and give access to the DMPTuuli tool. The University of Edinburgh holds plans created by users on user's behalf, but they are user's property and responsibility.

In order to help identify and administer your account with DMPTuuli, we need to store your name and email address. We may also use it to contact you to obtain feedback on your use of the tool, or to inform you of the latest developments or releases.

The information user enter into this system can be seen by the User, people User have chosen to share access with, and - solely for the purposes of maintaining the service – organisational admins of the user’s home organisation and system administrators at the University of Edinburgh and Helsinki University Library. Administrators compile anonymised, automated and aggregated information from plans, but they will not make use of, or share content created by User with anyone else without users' permission.

Admin users authorised by the organisations have access to the data management plans in order to carry out their work tasks. Admin users are responsible for managing access to the documents and their responsibilities for data processing in accordance with data protection legislation and public access law.

Within the organisation, the content of the DMP and its metadata may be shared with other systems when necessary. The metadata include: name of the plan, ID, financial identifier, responsible investigator(s), ID of the responsible investigator(s), contact details of the plan, description of the plan, e-mail address.

DMPTuuli Super Admins at the University of Edinburgh and Helsinki University Library will only access the DMPs on request by DMP owner or organisational admin.

DMPTuuli Super Admins can inactivate, archive or delete user accounts that have not signed in within 2 years. The user will be notified 2 months in advance of account deletion.

Contents of the data register

User gives during registration information about:

  • First name
  • Last name
  • Email
  • Organisation

User gives by creating a DMP information about:

  • Project title name
  • Organisation ID
  • Funder (not compulsory)
  • Grant number/URL (not compulsory)
  • Data management plan

User gives by adding contributor information about:

  • Name
  • Email
  • ORCID number (not compulsory)
  • Phone number (not compulsory)
  • Affiliation (not compulsory)
  • Roles in the project

Regular sources of information

The data will be generated by the users.

Disclosure of personal data

We will not sell, rent, or trade any personal information you provide to us.

The principles of data protection

Data transmitted along information networks are encrypted by means of SSL technology. A register generated from data of Users and data management plans for a server is thereby protected.

The passwords are stored in encrypted form and cannot be retrieved. If forgotten it has to be reset.

Right of access by the data subject

The personal data is managed by the user (data subject). Therefore, they have full access to their own personal data at any point of time. We will hold the personal data you provided us for as long as you continue using the DMPTuuli service. Your personal data can be removed from this service upon request to the DMPTuuli team within a period of 28 days.

Right to lodge a complaint with a supervisory authority

The personal data is managed by the user (data subject). The system administrator will manage personal data of the user only based on request from the user.

Revisions

This statement was last revised on October 9th, 2023.