Required cookies

This website uses cookies necessary for its operation in order to provide the user with content and certain functionalities (e.g. language selection). You have no control over the use of these cookies.

Website visitor statistics

We collect visitor statistics on the use of the site. The data is not personally identifiable and is only stored in the Matomo visitor analytics tool managed by CSC.

By accepting visitor statistics, you allow Matomo to use various technologies, such as analytics cookies and web beacons, to collect statistics about your use of the site.

Change your cookie choices and read more about visitor statistics and cookies

CSC

Data Policy

Our mission is to develop, integrate and offer high-quality ICT services for research, education, culture, public administration and companies as part of the national research system. In order to achieve our strategic goals, we have to promote and adhere to good data management practices within our own operations and for our designated user communities. For our customers, we provide services together with instructions, tools and guidelines to ensure and improve the quality of their data its appropriate management and readiness for future use.

Purpose

This public data policy will promote best data management practices to:

  • Emphasize that we undertake appropriate institutional steps to help customers to safeguard the availability, usability and retention of their data.
  • Help us to assure compliance with all applicable laws and regulations as well as internal requirements with respect to data management.

This policy covers both customer-owned and CSC-owned data. Depending on the service or action and if data includes personal data, CSC can be in the role of controller or processor of personal data. It should be noted that data types and detailed management practices might vary for service and customer sectors. Furthermore, CSC identifies different data management practices and solutions required by different data types. These are further detailed in the services’ terms of use and customer contracts.

This policy is relevant to all our customers and staff, including contractors and visitors. We have appointed a data protection officer with whom this policy may be discussed. Our data protection officer may be reached using the address privacy@csc.fi.

Principles

The following data management principles are set in this policy:

1. Data ownership is clear and management responsibilities agreed upon

We do not assert ownership or any intellectual property rights to customers’ data in our services. It is the responsibility of the customer to ascertain that they have the necessary rights over data destined for our services. Data management plans may be used in the process of providing data services to customers.

2. Data are documented and their lifecycle defined

Data management aims to ensure data quality, accuracy, retention and availability along its lifecycle. Data management will be planned in accordance with relevant standards, best practice and FAIR data principles. Data should be systematically produced, structured, identified and documented with metadata and a unique identifier (preferably permanent UI). Documentation will be updated and added along data lifecycle. Beyond technical control and internal integrity checks the quality and accuracy of the data are the responsibility of the data owner. For more information see support for persistent identifiers.

3. Data publicity and protection are managed appropriately

Data protection and security will be planned and maintained so that data access, retention and removal are managed in an appropriate and controlled way. Customers as data owners and controllers are responsible for classifying their data according to publicity and protection requirements. Personal data will have a controller and possibly processor(s). We will act as the data processor for customer data when so agreed. These roles and responsibilities will be further detailed in our services’ terms of use and customer contracts, when applicable. For more information see security and privacy at CSC.

4. Data are made as open and as interoperable as possible

Reuse of data is encouraged when possible. We recognize that some data are more sensitive than others and specific issues related to e.g. legislation, ethics, privacy, security should be considered when data is made publicly available. Standardized file formats should be used and data documentation including identifiers, metadata and relevant licensing information released together with the data.

5. Data management solutions favor open standards, protocols and software

Data management solutions used by us and offered by us to customers will build on open solutions whenever feasible. We also contribute back to the open source community.

6. Data management competencies are recognized and developed in order to support these principles and their implementation

We will further these principles within our internal activities, customer interaction, training and collaboration with other organizations and infrastructures to ensure compliance with and further development of this policy.