Data Protection and Information Security
Personal data is processed in the context of teaching, RDI activities, where employee information is processed, and in any cooperation projects that Metropolia participates in. The processing of personal data imposes obligations on the controller based on law. We comply with the applicable legislation and Metropolia’s data protection policy, which applies to all processing of personal data including the processing of the personal data of Metropolia employees, students, and any third parties (including continuous learning and business customers).
Information security is one of the methods used for the implementation of data protection. We will protect our data, systems, services, and telecommunications appropriately. We will comply with Metropolia's information security guidelines and ensure that our knowledge of information security related matters is up to date. We will use the systems and software recommended by Metropolia's IT Services.
Intellectual Property Rights
We will respect intellectual property rights, their ownership, and the confidentiality of information. In our activities, we will only use materials that have been cleared for use by the owner of the relevant intellectual property rights and clearly specify in our agreements the manner in which materials protected by Metropolia's intellectual property rights can be used or how and under what terms rights of ownership are transferred or access rights granted. We will require that the original sources are recognized in accordance with the accepted practices.
We Approach the Undesirable Use of Information Responsibly
Information, competence, results, or technologies that could also be used for undesirable applications, such as military purposes or purposes that violate human rights may be created during the activities of Metropolia. We aim to identify such undesired applications when choosing our research topics, partners, and sources of funding, and in the dissemination of knowledge through results, education, publications, and data exchange. Metropolia complies with international and national legislation, guidelines, and sanctions pertaining to such dual-use items.
How should I act?
General instructions
I will ensure that my data protection competence remains up to date by familiarizing myself with Metropolia's data protection instruction
I will ensure that my information security competence remains up to date: Information Security Guidelines by Metropolia’s IT Services
I will observe information security at all times when handling personal data
or confidential information.
I will use a strong password and refrain from using my Metropolia password in other services.
I will not open suspicious emails, and I will watch out for scam messages in other communication channels as well.
I will not disclose my information to unknown parties.
In case of any uncertainty, I will contact Metropolia's Information Security Officer and Data Protection Officer.
I will always indicate the source of any information I use.
I will familiarize myself with Metropolia's IPR strategy (pdf).
Personnel
I will identify any information that must be kept secret, such as customer data, and treat said information as confidential.
Students
I will familiarize myself with Metropolia's data protection instructions in Oma intranet.
Students are offered support for data protection related matters.
Partners
I will comply with the guidelines of Metropolia.