CSCfi · joonas-somero · Dec 3, 2024 · Nov 28, 2024 · Nov 28, 2024 · Nov 28, 2024
diff --git a/docs/data/sensitive-data/single-register-submission.md b/docs/data/sensitive-data/single-register-submission.md
@@ -34,6 +34,8 @@ After you have been set as the owner of the organization profile, you can create
 2. **License** specifies the terms of use for the data, which the applicants need to approve when they fill in the access application form. In the license, you can for example refer to the terms specified in the data permit.
 3. With a **workflow**, you define who will manage the access applications of the organization in SD services. These named users will always receive a notification via email about new access applications and can approve or reject the applications in SD Apply.
 
+License and form are optional so if you don't need to define additional terms of use or ask applicant to provide more information with a form, you don't need to create them. 
+
 The forms and licenses are public in SD Apply, so these should not include any sensitive information. These three objects will be used for all secondary use datasets coming from your organization, so they should also be as general as possible. **Resource** and **Catalogue item** will be created for each dataset automatically when the data is transferred via SFTP. 
 
 ### Step 3: Establishing a secure SSH connection with CSC
@@ -81,9 +83,9 @@ You can now encrypt and transfer the dataset securely. While there are multiple
 With the SDA Uploader tool, you need to collect all the data to one folder on your computer before transfer.
 
 !!! Note 
-    The folder name determines the indentifying information visible in SD Apply. Therefore, it is a good practice to use the journal number or other unique identifier for the folder name. This ensures that the correct data are always sent to the correct applicant, even in additional data transfers.  
+    Name the folder with a short name (max. 64 characters) that does not include spaces or personal information, such us person's names. The folder name will become publicly visible in SD Apply. Therefore, it is a good practice to use the journal number or other unique identifier for the folder name. This ensures that the correct data are always sent to the correct applicant, even in additional data transfers. 
 
-1. Create a folder on your computer and name it with the journal number or other suitable unique identifier. Add all the files belonging to the dataset to that folder.
+1. Create a folder on your computer and name it with the journal number or other suitable short unique identifier that doesn't contain spaces. Add all the files belonging to the dataset to that folder.
 2. Download the SDA (Sensitive Data Archive) Uploader tool available on [GitHub](https://github.com/CSCfi/sda-uploader/releases), for Linux, Mac and or Windows. You might need permissions from your administrators to install the SDA Uploader tool on your laptop.
     * Windows (sdagui-python3.11-windows-amd64.zip )
     * Mac (sdagui-python3.11-macos-amd64.zip)
@@ -109,7 +111,7 @@ This SDA (Sensitive Data Archive) Uploader tool is available on GitHub, via  com
 
 ##### Advanced option 1
 
-With the SDA CLI tool, you also first create a folder on your computer and name it with the journal number or other unique identifier. Add all of the files belonging to the dataset to that folder. Then you add the following command to the command line (replace example_dataset_123 with the directory name, [email protected] with your credentials, and X:\folder\filename.key (or ~/.ssh/filename for Linux/macOS) with the location of your SSH key):
+With the SDA CLI tool, you also first create a folder on your computer and name it with the journal number or other short unique identifier that does not contain spaces. Add all of the files belonging to the dataset to that folder. Then you add the following command to the command line (replace example_dataset_123 with the directory name, [email protected] with your credentials, and X:\folder\filename.key (or ~/.ssh/filename for Linux/macOS) with the location of your SSH key):
 
 ```
 sdacli example_dataset_123 -host porin.lega.csc.fi -p 50527 -u [email protected] -i X:\folder\filename.key -pub registry.pub
@@ -147,17 +149,13 @@ After a successful upload, the dataset is visible in SD Apply. With the direct S
 
 ## Data access management
 
-After the data has been submitted, it is discoverable in SD Apply with the dataset ID (organization's identifier + the journal number).
-
-The researcher who has received the data permit can contact the CSC service desk and ask for a CSC project with the data permit. After the project has been established, they can log in to SD Apply and apply for data access.
+After the data has been submitted, it is discoverable in SD Apply with the dataset ID (organization's identifier + the journal number). 
 
-The assigned representatives of the data controller will receive a notification of the application via email. They can review and approve the application and set an end date for the data access in SD Apply. The access right can also be cancelled manually in the future, but automated end date is preferred to avoid unauthorised access after the data permit has expired.
+The researcher who has received the data permit should create a secondary use CSC project and send the data permit to CSC service desk to be validated. The data permit issuer should tell the researcher what is the dataset identifier in SD Apply they should apply access to.
 
-### Step 1: Confirm availability
+The assigned representatives of the data controller will receive a notification of new applications via email. They can review and approve the application and set an end date for the data access in SD Apply. The access right can also be cancelled manually in the future, but automated end date is preferred to avoid unauthorised access after the data permit has expired.
 
-When a new dataset you are associated with is uploaded to CSC, you will receive an automated email via SD Apply asking you to confirm your availability to act as a data access controller. Follow the link in your email or log in directly to SD Apply at https://sd-apply.csc.fi/ and confirm your availability. 
-
-### Step 2: Login
+### Step 1: Login
 
 As a data access controller, you receive email notifications each time when an applicant applies for data access to the dataset you are associated with.
 
@@ -168,7 +166,7 @@ To start processing applications, follow the link in your email or log in direct
 !!! note
     Always use the same identity provider when you log in to SD Apply because all your actions are connected to your login identity.
 
-### Step 3: Process the application
+### Step 2: Process the application
 
 In SD Apply, navigate to the "Actions" tab to see all the applications that are waiting for approval. Select *View* to open the application you want to process. You do not have to follow any specific order when you process the applications. The approval process is fully dynamic.
 
@@ -182,8 +180,10 @@ When approving the application, you can also set an end date for the access righ
 
 The applicant will receive an email notification about the decision. Once you approve or reject the application, the decision is final. You cannot edit it later. If the applicant has added members to their application, the members will get access rights too when the application is approved, if they have accepted the terms of use. Any member not having accepted the terms of use by that time will get access rights after they log in to SD Apply and accept the terms of use.
 
+CSC Service Desk will add access to the data to the researchers after they send a pdf file of the approved application to the CSC Service Desk. 
+
 !!! note
-    If the owner of the dataset has removed the dataset that applicant is applying for access, SD Apply will give a warning, but you can still process the application. However, if the dataset has been removed, you cannot approve or reject the application.
+    If the dataset that applicant is applying for access has been taken out of use, SD Apply will give a warning to application handlers, but you can still approve or reject the application. 
 
 #### Close the application
 You can close the application at any stage of the process by selecting *Close application*. Closing means that the application process is cancelled and that the application cannot be modified or opened again. Write a comment on the comment field to explain why did you close the application.

diff --git a/docs/support/faq/sensitive-data-desktop-audited.md b/docs/support/faq/sensitive-data-desktop-audited.md
@@ -6,25 +6,26 @@ The SD Desktop service is a certified environment for data processing under the
 
 ## How does processing secondary use data on SD Desktop differ from standard use of Sensitive Data services?
 
-With register data, there are some restrictions to the service compared to the standard use of SD Desktop. The restrictions are necessary to comply with the  regulation of the Health and Social Data Permit Authority (Findata). Most important limitations include: the CSC project and data access is managed by CSC instead of the user and other services (for example SD Connect) are not available. Read more in SD Desktop service description.
+With register data, there are some restrictions to the service compared to the standard use of SD Desktop. The restrictions are necessary to comply with the  regulation of the Health and Social Data Permit Authority (Findata). Most important limitations include: the service and data access is managed by CSC instead of the user and other services (for example SD Connect) are not available. Read more in [SD Desktop service description](https://research.csc.fi/-/sd-desktop).
 
 ## How can I access register data with SD Desktop?
 
-First, you need to have a data permit from Findata. Then you need to request for a CSC project from our service desk ([email protected]) with the data permit and create a CSC account if you do not have one already. The data will be transferred directly to the service from Findata and available only for verified project members on the virtual desktop. For more information see: [SD Desktop for seconday use](../../data/sensitive-data/sd-desktop-audited.md).
+First, you need to have a data permit from Findata or a single public register. Then you need to create a CSC account, if you do not have one already, and a specific Findata type CSC project for your data. Next, you can request for service access from our service desk ([email protected]) with the data permit. The data will be transferred directly to the service from the data controller, and it will be available only for verified project members on the virtual desktop. For more information see: [SD Desktop for seconday use](../../data/sensitive-data/secondarydata-access.md).
 
 ## Can I combine my own data with register data on SD Desktop?
 
-In a project using secondary use health and social data, all the data processed on SD Desktop must be provided by Findata. If you want to combine your own findings with register data, you need to specify it in your application for a Findata permit. 
+In a project using secondary use health and social data, all the data processed on SD Desktop must be provided by the data controller (Findata or a single register). If you want to combine your own findings with register data, you need to specify it in your application for the data permit. 
 
 ## Is it possible to install software to SD Desktop when processing secondary use data?
 
-The programs available on the Desktop are [listed in the user guide](../../data/sensitive-data/sd-desktop-secondary-access.md). Only Findata can provide additional file/software/script to CSC, where you can access then in SD Desktop.
-If the software you need is not pre-installed on SD Desktop, you need to 1) contact our service desk ([email protected]) to check if the program is compatible with the service, and 2) request Findata to import the files to your Desktop. Read more on [Findata website](https://findata.fi/en/permits/#selecting-and-completing-an-application-form).
+The programs available on the Desktop are [listed in the user guide](../../data/sensitive-data/sd-desktop-secondary-working.md#default-software-available-in-sd-desktop).
+
+If the software you need is not pre-installed on SD Desktop, you need to contact our service desk ([email protected]) to check if the program is compatible with the service and available for installation in the secondary use projects.
 
 ## How can I export my results from SD Desktop?
 
 You need to make a request to our service desk ([email protected]) to export your results. The results will be exported directly to Findata and you will receive them after the authority’s scrutiny.
 
 ## What will happen to my data after the secondary use data permit expires?
 
-You will not be able to access your virtual desktop after the validity period of your data permit ends. If you do not send an amendment application to Findata and request us to extend the duration of your project, you will be removed from the CSC project and the project will be considered inactive. The project and all the data will be deleted after 90 days, according to CSC’s data retention policy. You need to have all your results exported from the virtual desktop before the data permit expires – otherwise you cannot access them when the permit is no longer valid.
+You will not be able to access your virtual desktop after the validity period of your data permit ends. If you do not apply for extension for the data permit from the data controller and request us to extend the duration of your CSC project, your project will close automatically after the expiration of the data permit. All data from a closed project will be deleted after 90 days, according to CSC’s data retention policy. You need to have all your results exported from the virtual desktop before the data permit expires – otherwise you cannot access them when the permit is no longer valid.