Gå till huvudinnehållet

Research data management for students

Personal data and data protection

The term “personal data” is defined by the GDPR and other legislation. In short, personal data is considered to be the following:

  • Name, email address with name in it, social security number, photograph, voice or biometric identification (iris, fingerprint) are direct identification data. A combination of indirect identification data can also make a person recognizable.
  • Profession and workplace can be information that does not identify a person directly but indirectly, if several such data are combined. This also includes address, IP address, telephone number, gender and role as chairman.
  • An exhaustive list cannot be created because any information that can be linked to a natural person can serve as personal data.
  • Special personal data are data about ethnic origin, political opinions, health, religious or philosophical beliefs, health, sex life, genetic data, biometric uniquely identifying information.

Personal data must be stored with extra care! You may not collect or store personal data in, for example, commercial cloud services, on USB sticks, or in other ways that are not covered by ÅA's storage solutions. Please note that you may not feed sensitive data into an open, generative AI model, such as ChatGPT.

Intranet: Data protection for students

Intranet: Data collection for bachelor's and master's thesis

Pseudonymize or anonymize?

Pseudonymization is when data is processed so that it cannot be linked to a specific person without the help of a code key.

Anonymization is when personal data is removed or processed so that data about an individual person cannot be distinguished and cannot be restored.

Finnish Social Science Data Archive on Anonymization and Pseudonymization (in English): Anonymization and personal data