- Processing of personal data
- Data protection principles
- Demonstrate your compliance with data protection regulations
- Inform data subjects about processing
- Rights of the data subject
- Data protection officers
- Processors
- Personal data breaches
- Transfers of personal data out of the European Economic Area
Data breach notification
Purpose of processing
If a personal data breach can cause a risk to the rights and freedoms of natural persons, the supervisory authority must be notified. In Finland, the Office of the Data Protection Ombudsman functions as the supervisory authority.
Personal data breaches must be reported to the Office of the Data Protection Ombudsman without undue delay and, where feasible, not later than 72 hours after the controller has become aware of the personal data breach.
Our data protection policy: Electronic services at the Office of the Data Protection Ombudsman
Use secure e-mail when necessary
Please do not use the form to send sensitive (e.g. information concerning your state of health, social welfare services or your financial position) or confidential information. You can send such information separately by secure e-mail.
Sending e-mail messages through the Ministry of Justice's secure e-mail system is a safe way of delivering sensitive or confidential information to the Office of the Data Protection Ombudsman. Please refer to the form you sent earlier in the subject of your message, for example:
Data breach notification – name of your organisation – date of sending the form
Please also read the instructions for sending secure e-mai (pdf) before using the service.