Privacy Notice

Service Description

Aplus is a virtual learning and course management system. Users of the system consist of students and teachers.

Using this system, teachers are able to manage courses and related exercises. In addition, the system makes it possible to utilize exercises hosted in external systems without exposing personal course-related information to those systems.

Students are primarily using the system to submit course-related exercises, and read the submission feedback.

Privacy Policy

The common privacy notice of University of Turku covers this instance of APlus learning management system.

Controller of the personal data file and contact information

University of Turku, Faculty of Computing
aplus@utu.fi

Name of the registry

Aplus user registry

Purpose

Personal data is used to manage access to services restricted to teachers and/or students, contacting other users, course completion status information and improving courses and teaching. In addition, information is used to monitor capacity of the servers and network connections, solve techical probelms, investigate abuse of the system and to further improve the service. One of the primary functionalities of the service is to allow submitting exercises and automatically grading them. Students are allowed to see their attempts and the results of individual submissions. Teaching facilty accesses student information while assessing submissions. In addition the information may be used statistically to improve teaching in faculty.

Usage of personal data

Basic information: name, user id, email. Users studying in University of Turku: student number, university, attendance, enrollment to the course, starting year as a student.
Submission-related information: all submissions to assignments with timestamps, assesment and grading.

Sources of information

1) Haka federation
2) Student registry of University of Turku
3) The data provided manually by students and teachers, such as submissions

Regular transfer of personal data to third parties

No personal information is regularly transferred outside the faculty. Personal information may be processed and given for scientific research, statistical analysis and development tasks following terms defined in Finnish data protection legislation.

Transferring data outside EU or ETA

No personal data will be transferred outside EU/ETA without excplicit approval of the registered user.

Principles of protecting personal data

A) Manual data: No data is being stored manually
B) Data stored electrically: The data is only stored electrically. Data transfers over network are protected by SSL. The servers containing personal data are located in a server rooms with access restricted to server administrators. The access to the database containing personal data is restricted using networking methods (such as firewalls) and by user names and passwords. The administration rights are only granted to the administrators of the service. The data will be stored until the use of the registry ends.

Registrant's right of access for his/her personal data

Registrant may access his/her personal data related to active courses by using the www user interface. After this, data may be accessed by sending a written request to the contact person of the registry.

Rectification

If the user information related to your home organization is incorrect, contact your home organization. If the information related to this service (Univeristy of Turku instance of Aplus) is incorrect, send a request to the contact person of the registry.

Other rights

Registered user can request deletion of their data from the registry with a written request after the minimum time for storing course completion data, defined by University of Turku, has elapsed.