The Office of the Data Protection Ombudsman safeguards your data protection rights

The Data Protection Ombudsman is a national supervisory authority which supervises the compliance with data protection legislation. With Data Protection Ombudsman and two Deputy Data Protection Ombudsmen there works approximately 40 data protection specialists in the office.

The present Data Protection Ombudsman, Reijo Aarnio, has held the post since 1997. The Deputy Data Protection Ombudsmen Jari Råman and Anu Talus were appointed from May 1st 2019 onwards.

The Data Protection Ombudsman is an autonomous and independent authority who are appointed by the government. Their term of office is five years.

Duties of the Data Protection Ombudsman

  • supervising compliance with data protection legislation and other laws concerning the processing of personal data
  • promoting awareness of the risks, rules, safeguards, obligations and rights related to the processing of personal data
  • carrying out investigations and inspections
  • imposing administrative sanctions for violations of the General Data Protection Regulation
  • issuing statements on legislative and administrative changes that affect the protection of the rights and freedoms of individuals with regard to the processing of personal data
  • issuing statements on offences involving the processing of personal data
  • supervising the processing of credit status information and corporate credit ratings
  • processing requests for issuing orders with regard to the rights of data subjectsand notifications of other violations related to the processing of personal data
  • receiving declarations of Data Protection Officers
  • receiving reports of personal data breaches
  • drawing up a list of circumstances in which a data protection impact assessment is required
  • evaluating prior consultations concerning high-risk data processing
  • approving code of practice and standard clauses
  • encouraging the adoption of certificates, accrediting certification bodies and revoking issued certificates
  • cooperating with the EU's other data protection authorities within the scope of the one-stop-shop principle and referring matters to the European Data Protection Board when required.

Data Protection Ombudsman represents Finland in the European Data Protection Board.