Skip to content

Data Protection

EU General Data Protection Regulation

Data protection means the protection of personal data. The aim of the EU General Data Protection Regulation (EU) 2016/679, which became fully applicable on 25 May 2018, is to improve the protection of personal data, increase the transparency of the processing of personal data for the data subjects or clients, and give them more ways to manage the processing of their personal data. Another objective of the Data Protection Regulation is to answer questions about data protection brought on by digitalisation and globalisation. The Data Protection Act complements and clarifies the provisions of the Data Protection Regulation.

Data protection in the services of the City of Helsinki

City service customers and other people with dealings with the City of Helsinki will have whatever personal data necessary to take care of the matters collected.

Personal data is whatever data that can be used to identify a person. Examples of personal data include: name, e-mail address, telephone number, positional information, personal identity code and patient data.

There is always a legal basis for the processing of personal data at the City of Helsinki. In the processing and archiving of personal data, the City also complies with data processing practices as well as national data security instructions and good practices. Personal data is processed with care and to its purpose. The personnel of the City is regularly trained for processing personal data. The processing of personal data is monitored and the use of systems that include personal data is tracked.

File descriptions

The City of Helsinki collects personal data to different registers according to the purposes of use. The personal data files have file descriptions from which you can see the purposes of the processing for each file and other useful information, such as the names of the data controller and the contact person for the filing system. Finnish and Swedish are the only official languages of Finland and, as such, most forms are only available in Finnish and Swedish. 

Your rights and their enforcement

As a data subject, you have rights related to your own personal data and the processing of them at the City of Helsinki. You have, among other things, the right to know whether your personal data are processed at the City and which data are processed and request access to the data about you. You also have the right to demand a rectification of inaccurate personal data. The rights are enforced in different manners depending on the reason for the processing.

A majority of the City's services are based on compliance with a legal obligation. In such cases, the City does not need a separate consent to process your personal data. However, part of the services are of the kind to which personal data are collected based on consent, in which case the City asks for your consent to process your data. You have the right to withdraw that consent at any time. 

The City of Helsinki's Data Protection Impact Assessment tools

The City of Helsinki has published its own data protection impact assessment (DPIA) tools. They are published to facilitate the cooperation connected to data protection between the City and its service producers.

Moreover, the City of Helsinki aims to further expand the realisation of integrated and default data protection outside City borders as well as make impact assessment tools available to everyone.

The impact assessment tools have been designed for the City of Helsinki's operations, which is why users outside Helsinki must consider the applicability of the tools for their own operations.

Further information

If you would like to know more about the processing of your personal data, please contact the City of Helsinki's Data Protection Officer.

Contact details

Data Protection Officer
City Executive Office
Administration
PO Box 1
00099 City of Helsinki
tietosuoja@hel.fi

Information about data protection and the data subject's rights (pdf)



15.10.2020 14:16