Search

In the description of public access to documents, we describe what kind of information the Office of the Data Protection Ombudsman stores and how you can request information for yourself.

Frequently asked questions about personal identity code Is it permitted to ask for the personal identity code when a guest checks into a hotel? Yes. According to the Act on Accommodation and Food Service Activities (308/2006), an accommodation pro...

Carrying out an impact assessment 1. Draw up a systematic description of the envisaged processing operations and the purposes of the processing Draw up a description of the nature, scope, context and purposes of the processing of personal data. Id...

Have you misplaced personal data? This page provides instructions on what to do if your personal data has been lost, stolen or acquired with a phishing message. Act fast especially if: you have lost payment card details or your online bank ID and ...

Have you been affected by a personal data breach? This page contains instructions for people who have been affected by a personal data breach. If you have been affected by a personal data breach, first check what data about you could have been dis...

Right to erasure In certain cases, the data subject has the right to have the controller erase data concerning him or her without undue delay. This right is also known as the right to be forgotten. The controller is obligated to erase the personal...

Frequently asked questions about health care Rectifying patient records How can I rectify my patient records? If there are errors in your patient records, you can ask for their rectification. The rectification request is made to the health care un...

Find out whether the Data Protection Ombudsman can help you Is the violation you have noticed related to The processing of personal data The publicity or confidentiality of a document The actions of authorities in your case The confidentiality of ...

Frequently asked questions about banking Are banks permitted to copy my ID? Yes. Banks have a statutory obligation to know and identify their customers. Among other things, this means that the bank must verify the customer’s identity in a reliable...

Lifespan of personal data processing, data protection principles and the protection of data in scientific research If processing of personal data is necessary for the implementation of the study, the lifespan of the processing must be planned from...

Controller's record of processing activities The obligation to draw up a record of processing activities applies to all organisations with more than 250 employees. Smaller organisations are also required to draw up the record if the personal data ...

Frequently asked questions on data protection and the coronavirus What does health data mean? Health data refers to information about an individual’s health, diseases, disability or treatment. Health data belongs to the special categories of perso...

Regulation on political advertising and the powers of the Data Protection Ombudsman The EU regulation on the transparency and targeting of political advertising sets out rules on how political advertising may be targeted. The Data Protection Ombud...

Personal data breaches What is a personal data breach? A personal data breach means an event leading to the destruction, loss, alteration or unauthorised disclosure of, or access to, personal data. Examples of personal data breaches include lost d...

Frequently asked questions about genealogy What personal data can I process for purposes of genealogical research? The General Data Protection Regulation (GDPR) does not specify what personal data may be processed for genealogical purposes. The es...

13.8.2024 | ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2023 ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2023 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of individuals with regar...

25.6.2025 | ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN OF FINLAND 2024 ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN OF FINLAND 2024 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of ...

31.7.2023 | ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2022 ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2022 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of individuals with regar...

6.8.2018 | ARTICLE 29 DATA PROTECTION WORKING PARTY This Working Party was set up under Article 29 of Directive 95/46/EC. It is an independent European advisory body on data protection and privacy. Its tasks are described in Article 30 of Directive 95/46/EC ...

23.5.2018 | ARTICLE 29 DATA PROTECTION WORKING PARTY This Working Party was set up under Article 29 of Directive 95/46/EC. It is an independent European advisory body on data protection and privacy. Its tasks are descr bed in Article 30 of Directive 95/46/EC ...