1 Name of the register
An Authentication Solution for Degree Certificates
JAMK University of Applied Sciences
P.O. Box 207
FI-40101 Jyväskylä, Finland
3 Contact person in matters concerning the register, contact information during office hours
Director in charge of the register: Vice Rector Heikki Malinen
Responsible for the process: Student Services Manager Kristiina Korhonen
Main users in content: Jaakko Ijäs
4 Purpose of the processing of personal data
The purpose of the processing of personal data is to ensure the authenticity of the degree certificate. Authentication is shown in the certificate as a two-dimensional barcode containing a digital certificate. Verification of the degree certificate is verified by reading the barcode on a smartphone for the service provider’s online service.
5 Data contents of the register
- ID number
- Date of birth
- Student ID
- Degree programme
- Field of study
- Name of the theses
6 Legal bases for processing personal data
The controller’s legal obligation/the legitimate interests of the controller.
7 Regular information sources
Information on the service is provided by the student administration system.
8 Regular information disclose and information transfer outside the EU or the European Economic Area
The processing of personal data has been outsourced by contract: Prime Authentication Solutions Finland Oy.
Data is not transmitted outside the EU or EEA, or international organizations.
9 Register protection principles
The register does not contain manually collected material.
The information provided by the Finnish customer organizations of the service provider is stored in Finland. Information can not be accessed by external parties. Communications are encrypted. Access to the information is limited to the technical maintenance of the service.
10 Retention period or criteria for determining
JAMK stores any information on documents pertaining to degree certificates and transcripts of records electronically and permanently (Decision of the National Archives of Finland AL/20757/07.01.01.03.02/2016 ).
The encryption key is located in the protected document as a QR code. The document holder must provide the encryption key to the certification service for each authentication. The encryption key is only used for authentication purposes. It will be removed immediately after verification has been completed.
11 Automatic decision-making/profiling
Automated profiling related to personal data is not conducted.