Tur­ni­tin-käyt­tä­jä-so­pi­mus

tekijä: Asko Tapani Soukka Viimeisin muutos tiistai 30. heinäkuuta 2019, 16.54
Tässä on lyhennelmä englanninkielisen Turnitin End-User License Agreement -sopimuksen tärkeimmistä kohdista ja kopio alkuperäiskielisestä sopimuksesta.
  1. Rekisterinpitäjänä toimii JY ja henkilötietojen käsittelyn oikeutus perustuu tietosuoja-asetuksen 6 artiklaan.
  2. Turnitin on käsittelystä vastaavana yhtiönä sitoutunut siihen, että tietojenkäsittelyssä noudatetaan EU:n tietosuoja-asetuksen edellyttämiä suojaustoimenpiteitä.
  3. Turnitin vastaa henkilötietojen käsittelyyn mahdollisesti käyttämiensä alihankkijoiden toiminnasta kuin omastaan.
  4. Turnitin-ohjelman käytössä tallentuvat henkilötiedot ovat salattuja ja tallennettuja tietoja käytetään ainoastaan järjestelmään ohjattujen tutkimusten alkuperäisyyden tarkistamiseen
  5. Opiskelijalla on oikeus pyytää rekisterinpitäjänä toimivalta JY:ltä tietosuoja-asetuksen 16-18 artiklaan perustuvia tietojen korjaus- ja rajoitustoimenpiteitä.

Turnitin End-User License Agreement

Protecting your personal data and privacy is our top priority. We are fully committed to transparency, accountability and using technology responsibly, no matter what changes emerge from our rapidly evolving digital world. We implement appropriate technical and organizational measures to protect your personal data.

  1. Turnitin is compliant with the General Data Protection Regulation (GDPR) effective as of 25 May 2018. The legal basis for the processing of Your Personal Data is that such processing is necessary for the performance of a task in the public interest or in the exercise of the official authority vested in the Controller (Article 6(1)(e) GDPR). The 'Controller' is the institution instructing You to submit Your work through the Turnitin service, and they have official authority to subject Your work to originality checks. As such, Your consent to such processing is not required. Turnitin's Data Protection Officer can be contacted at DPO@turnitin.com.

  2. Where the Controller is not a public authority, processing of Your Personal Data is also lawful because it is necessary for the purposes of the legitimate interests pursued by the Controller (Article 6(1)(f) GDPR).

  3. The provision of Your Personal Data is necessary in order for Your institution to perform its contract with Turnitin. You are obliged to provide Your Personal Data so that Your institution can carry out the official authority vested in it to assess Your work. Failure to do so may have adverse consequences with regard to Your relationship with Your institution or may be contrary to any terms of use You have agreed with your institution.

  4. Turnitin may transfer Your Personal Data from the European Economic Area to the USA. When it does so, adequate safeguards are in place to ensure that the Personal Data is handled securely in the USA. Turnitin is Privacy Shield certified, a mechanism recognized by the European Commission as being adequate. Turnitin's Privacy Shield certification can be viewed at www.privacyshield.gov/list.

  5. Turnitin adheres to the EU Model Contract Clauses on data transfer (according to EU Commission Decision 87/2010/EC). The EU Model Contract Clauses are also recognized as an adequate mechanism by the European Commission.

  6. Where a sub-processor is utilized in the performance of the Turnitin Services, they will be restricted to those sub-processors that are necessary in the technical performance of the Services, such as data centre and software providers. Turnitin ensures that such sub-processors are GDPR compliant by way of written contracts.

  7. Your Personal Data is encrypted in storage. Unless otherwise instructed by the Controller, it will be stored indefinitely in encrypted form and may be used to assess originality of other submissions in the future. Turnitin adds student papers to a private, proprietary database (which is not publically accessible) indefinitely unless its customer requests deletion of such Personal Data. Such archiving is compatible with the purposes for which the Personal data was collected.

  8. You have the right to request from the Controller (Your institution) access to, rectification of, or erasure of Personal Data, or restriction of such processing as well as the right to Personal Data portability. You have the right to complain to the Controller and/or your national Supervisory Authority in the event of non-compliance.

  9. No automated decision making or profiling is undertaken by Turnitin in relation to Your Personal Data.

  10. Your institution may decide to process Your Personal data.

  11. The terms and conditions in Section A above shall apply to your use of the Services, except that:

    a. Turnitin's processing of your Personal Data is governed exclusively by the GDPR;

    b. If a conflict between Section A and Section B exists, Section B shall govern; and

    c. Consent to the processing of Your Personal Data is not required due to the lawful basis for processing described at Section B, paragraphs 1 and 2 above.

  12. Your 'click-through' of this User Agreement signifies that you have read and understood the information within it.