Data Management Policy

1.      General description of the administrative data of the RI

As administrative data, of each person who uses the lab, the following information can be processed within the RI:

  • Name
  • Email
  • Phone number
  • Reason for usage

Practices related to processing administrative data are described in the RI administrative privacy policy. RI administrative privacy policy can be found at Privacy notice – Users.

The booking system VELLO is utilized in the facility bookings. VELLO´s privacy policy can be found at

2.      General description of research data managed within RI

Several different types of data can be processed within the RI, including focus group and interview data, survey data, and data gathered through sensors and/or during observation sessions.

Examples of data processed within the RI are

  • Textual data
  • Video recordings
  • Audio recordings
  • Eye tracking data
  • Galvanic Skin Response data
  • Electrocardiography data (e.g. Heart Rate data)
  • Facial recognition data

The most common file formats are video files (.wmv, .mp4, .mov), spreadsheet files (.xlxs, .xls), text files (.doc, .docx, .txt, .csv), images (.jpg, .png), and documents (.pdf).

Research data is gathered directly from the participants. The RI´s equipment and software might be used in the data gathering. Research data from different sensors might be combined into one dataset using suitable software, for example biometric data gathered through different sensors can be combined using iMotions software.

3.      Ethical and legal compliance for personal or sensitive research data

The research data processed in RI may include personal data and sensitive research data.

All data collected, stored, used, and managed within the RI should comply with the ethical guidelines by the Finnish Advisory Board on Research Integrity and with the EU General Data Protection Regulation (GDPR) and the Finnish data protection act.

RI´s privacy policy for research participants can be found at Privacy Notice – Research participants . In addition, users of the RI should provide research participants research specific privacy policies when necessary.

Research done in the RI might require acquiring research permit(s) and/or conducting ethical evaluations depending on the type of the study. In those cases, users conducting the study are responsible for acquiring the permits and/or conducting the evaluations. The RI is not responsible for reassuring that the users have acquired required permits.

4.      Agreements on research data rights

Research data gathered at RI is owned solely by the user(s). Data will be stored at the RI minimum required time. The users should follow the license agreements that apply to hardware and/or software at the RI.

The users are advised to acknowledge the RI in publications where data is gathered in the RI. This applies to all forms of publication including scientific and popularized articles, presentations, and theses. RI can be mentioned in the methods section, attributed in the “Acknowledgements” section, or included as a reference. In the “Acknowledgements” section the preferred version is “Part of the work was carried out with the support of the VME Interaction Design Environment, University of Vaasa, Finland.”

5.      Documentation and metadata

To make sure the data is of high quality during the data gathering the users are encouraged to follow hardware and/or software best practices.

Eventually the users are responsible for the quality of the data while all effort is done by the RI to ensure the data quality. Users are also responsible for data storage. RI is responsible for the maintenance of the equipment and software. Users of the RI are required to notify RI staff in case they notice any issues with the equipment or software.

The RI encourages users to archive suitable data at The Finnish Social Science Data Archive, who also provide services to ensure metadata quality (according to The Data Documentation Initiative (DDI) metadata standard) as well as provide URNs for datasets.

6.      Access control, backup, storage, and disposal of the administrative and research data

Access control, storage and disposal of the administrative data is described in the RI administrative privacy policy (see point 1).

The following descriptions apply to research data. During the data gathering, the data can be accessed only by the user(s) and the RI administrator. As a general rule, research data should be stored locally on a computer that is protected by username and password, and that is located on locked premises. In case the users need to derive from this recommendation, they should carefully make sure that the data is stored safely.

Yearly approximately 200 GB research data is produced in the RI.

Making backup copies of the research data is the responsibility of the user(s). RI recommends users to make a backup copy of the data always after a data gathering session. Backup copies are advised to be stored either on a computer, that is protected with username and password, or in a protected external memory storage (e.g. external hard drive or network drive). Data transfer is advised to be done with high data security (e.g. with encrypted memory stick) and in compliance with the research’s privacy policy.

For selected software, the RI can provide a certain amount of student licenses that can be used for analyzing data on user(s) own computer.

Research data is stored at the RI only for the minimum required time. The RI cannot be made liable in case of unavailability or loss of data. The RI cannot be made liable in case of unavailability or loss of data analysis software.

Users are recommended to follow the guidelines of their own institution regarding long term preservation of research data.

7.      Opening research data and/or metadata

RI encourages users to archive and publish suitable data as open data and/or metadata in archives such as The Finnish Social Science Data Archive ( ). Users should consult their home organizations for possible guidelines related to open access publishing.

Personal or sensitive research data should always be treated according to the ethical guidelines by the Finnish Advisory Board on Research Integrity and with the EU General Data Protection Regulation (GDPR) and the Finnish data protection act. Data that cannot be feasibly anonymized, such as audio or video recordings, cannot be made openly available. The RI recommends sharing data using Creative Commons and Open Data Commons licenses.