Finna Register Details

1a. Data controller

  • National Library of Finland
  • Library Network Services
  • P.O. Box 26 (Kaikukatu 4)
  • 00014 University of Helsinki
  • Phone: 09 1911

1b. Data protection officer

  • Tuomas Tähtinen, University of Helsinki
  • Email: tietosuoja(at)helsinki.fi

2. Contact person of the register

  • Erkki Tolonen, Head of Development
  • Library Network Services
  • National Library of Finland
  • P.O. Box 26 (Kaikukatu 4)
  • 00014 University of Helsinki
  • Phone: 050 576 2869
  • Email: erkki.tolonen(at)helsinki.fi

3. Name of the register

User register for the Finna search portal

4. Purpose and justification for the use of personal information

We use your personal information to maintain the unique identity of our customers and to identify users when they log onto Finna. We also use personal information to be able to provide users with customer services and personalized services on Finna. An example of a personalized service is the new entry alerts service that allows users to receive emails about new references related to their searches. Information is collected and managed for the execution of the Finna service at the National Library of Finland and CSC – IT Centre for Science (service providers).

Additionally, we use the personal data of our users to monitor the use of the service via an analytical system. The analytical system used in our usage analyses is configured to anonymize the user's IP address by resetting the last two octets of the IP address to zero. We use the analytical system on the servers of CSC - IT Centre for Science so that tracking data cannot be leaked out of this safe environment.

When logging onto this online service, information about the event (e.g. the user’s IP address) is stored temporarily for processing.

This processing of personal data is based on the legitimate interest of the data controller.

5. Register contents

Basic user information

  • Username
  • Language
  • Name
  • Relationship to educational institution or other organisation/li>
  • Email address
  • Library card information

Information collected for personalised services

  • Personal settings
  • Favouritese
  • Tags
  • Comments
  • Reviews
  • Reservations
  • Loans
  • Fees
  • References added to bookshelf
  • Materials added to My materials
  • Journal references added to My journals

KInformation collected for data analysis by the analytical system

  • Anonymised IP address (anonymisation occurs by resetting the last two octets of the IP address to zero)
  • Browser Type / Version (e.g. Internet Explorer 11)
  • Browser language (e.g. Finnish)
  • Operating system (e.g. Windows 10)
  • Device brand, type, model
  • Display type
  • Plug-ins used (e.g. Flash, Java)
  • Referring URL (the last page you visited)
  • Loaded pages
  • Clicks
  • The country, region, and city from which the request was sent
  • Search terms
  • Filters used (facets)
  • Type of search and target (Solr, PCI, EDS, Summon)
  • The format of the viewed record
  • The source of the viewed record
  • Whether the viewed record is available online

6. Regular sources of information

We obtain personal information about users from the customer register of the user’s home organisation, or users save the data on Finna themselves. Users always save information needed for personalised services themselves.

7. Regular sources of information

Sensitive personal information will not be processed on Finna.

8. Length of time personal information is stored and the removal of extraneous information

Personal information is stored on Finna until 12 months have passed from the date of the last login, or the user closes their account.

9. Automated processing of personal data and profiling

The service does not use automated decision-making or profiling based on personal information.

10. Regular information sharing

The service processes information that is transferred while using the library’s service interface. This information is processed in conjunction with activities like loaning and renewing materials, reserving items and making or browsing payments. Personal information is forwarded to the library system where the library system administrator is responsible for their management.

11. Transfer of information outside the EU or EEA

Information is not transferred outside the EU or EEA

12. Principles of registry protection

Information is stored only in electronic format. Access to information is restricted to system administrators who are identified by their username and password.

13. The right to data inspection

In order to inspect what personal information has been collected on the service, the user should contact the service administrator at the National Library by using the following feedback form https://finna.fi/Feedback/Home.

14. The right to correct data or have it removed

You may at any time remove your personal information on Finna by closing your account on the service. If there are any errors in the personal information retrieved from your home organisation, you must contact your home organisation. If needed, you can contact the service administrator at the National Library by using the feedback form. https://finna.fi/Feedback/Home

15. Other rights related to the use of personal information

The user has the right to contact the Data Protection Ombudsman (tietosuoja@om.fi) to verify the legality of the operation of the service.