Search
- Fess search
Showing 101 to 120 of 393 entries.
-
Rights of the data subject When a controller processes personal data, it must take appropriate measures to ensure that the data protection rights of data subjects are fulfilled. Controllers are also required facilitate the exercise of the data sub...https://tietosuoja.fi/en/rights-of-the-data-subject
-
Choosing the processing basis and ensuring its lawfulness in scientific research As a rule, the controller is free to choose the basis for processing that is most applicable to the implementation of the study. The processing of special categories ...https://tietosuoja.fi/en/choosing-the-processing-basis-and-ensuring-its-lawfulness
-
Data protection principles The data protection principles must always be observed when processing personal data . The controller must also be able to demonstrate the effective implementation of the data protection principles in the processing of p...https://tietosuoja.fi/en/data-protection-principles
-
Accountability in scientific research The controller must be prepared to demonstrate that data protection regulations have been taken into account in the study. Researchers must document the implementation of data-protection principles and other p...https://tietosuoja.fi/en/accountability-in-scientific-research
-
Declaration of Data Protection Officer Purpose of processing The purpose of processing the personal data of Data Protection Officers is to enable communication between the supervisory authority and the Data Protection Officers of controllers and p...https://tietosuoja.fi/en/declaration-of-data-protection-officer
-
Minimisation of data Personal data may only be processed when necessary for the purposes of the processing. The personal data being processed must be appropriate , i.e. data that can be used to fulfil a specified purpose of processing relevant , i...https://tietosuoja.fi/en/minimisation-of-data
-
Duties of the Data Protection Ombudsman supervising compliance with data protection legislation and other laws concerning the processing of personal data promoting awareness of the risks, rules, safeguards, obligations and rights related to the pr...https://tietosuoja.fi/en/duties
-
Lifespan of personal data processing, data protection principles and the protection of data in scientific research If processing of personal data is necessary for the implementation of the study, the lifespan of the processing must be planned from...https://tietosuoja.fi/en/lifespan-of-personal-data-processing-data-protection-principles-and-the-protection-of-data
-
Data breach notification Purpose of processing If a personal data breach can cause a risk to the rights and freedoms of natural persons, the supervisory authority must be notified. In Finland, the Office of the Data Protection Ombudsman functions ...https://tietosuoja.fi/en/data-breach-notification
-
Office of the Data Protection Ombudsman The Office of the Data Protection Ombudsman safeguards your data protection rights The Data Protection Ombudsman is a national supervisory authority which supervises the compliance with data protection legis...https://tietosuoja.fi/en/office-of-the-data-protection-ombudsman
-
Binding corporate rules Binding Corporate Rules (BCR) refer to common binding rules on the transfer of personal data to third countries within companies in the same group of undertakings or group of enterprises engaged in a joint economic activity...https://tietosuoja.fi/en/binding-corporate-rules
-
Risk assessment and data protection planning Controllers have a responsibility to assess the risks relating to the processing of personal data every time they are about to process personal data. A risk assessment allows controllers to plan the ste...https://tietosuoja.fi/en/risk-assessment-and-data-protection-planning
-
Codes of Conduct Codes of conduct are sector-specific guidelines on the application of data protection legislation. They are intended to help organisations comply with data protection requirements with concrete and practical instructions. By commi...https://tietosuoja.fi/en/codes-of-conduct
-
Storage limitation Personal data may only be stored for as long as necessary for the purposes of processing. The controller must plan and be able to justify the storage time of the personal data. The storage times of personal data must also be doc...https://tietosuoja.fi/en/storage-limitation
-
Transfers of personal data out of the European Economic Area Transferring personal data out of the EEA requires an appropriate basis for the transfer and compliance with the other requirements imposed by data protection legislation. This page desc...https://tietosuoja.fi/en/transfers-of-personal-data-out-of-the-eea
-
7.7.2022 | The Office of the Data Protection Ombudsman has investigated the procedures used by insurance companies when they request health information from insurance applicants and the insured from healthcare providers in order to determine the liability of the insurance company. Deficiencies were found especially in the appropriate limitation of information requested from healthcare services and the legality of processing the health information of insurance applicants.https://tietosuoja.fi/en/-/insurance-companies-have-gathered-excessive-amounts-of-health-information
-
Notification to the Data Protection Ombudsman Concerning your rights Data protection rights help you manage your data. If you would like to exercise your rights, first contact the company or organisation that is processing your data, i.e. the cont...https://tietosuoja.fi/en/notification-to-the-data-protection-ombudsman
-
19.3.2026 | This year, European data protection authorities will investigate how well organisations comply with the transparency and information obligations related to personal data processing. Data protection authorities from 25 countries across Europe will take part in the action.https://tietosuoja.fi/en/-/the-office-of-the-data-protection-ombudsman-to-investigate-the-transparency-of-personal-data-processing-as-part-of-eu-wide-action
-
Roles and responsibilities for processing personal data in scientific research A research project can involve a variety of parties in different roles. Personal data may be processed for research purposes by one or more research organizations, pers...https://tietosuoja.fi/en/roles-and-responsibilities-for-processing-personal-data
-
Processing involving several EU countries If your organisation operates in more than one EU country, you need to find out which country’s supervisory authority you are meant to deal with. This data protection authority is called the lead superviso...https://tietosuoja.fi/en/processing-involving-several-eu-countries