Search

Choosing the processing basis and ensuring its lawfulness in scientific research As a rule, the controller is free to choose the basis for processing that is most applicable to the implementation of the study. The processing of special categories ...

Destruction, anonymisation or archiving of data at the conclusion of research When a study ends, the controller must ensure that data is appropriately destroyed, anonymised or archived. Data protection regulations specify a lifespan for personal d...

Impact assessment Impact assessments are designed to identify, evaluate and control risks involved in the processing of personal data. They are designed to be a continuous process for identifying and controlling risks. Impact assessments must be c...

Frequently asked questions about credit information When is a payment default entry made in the credit information register? You can get a payment default entry in approximately two months from the payment's due date at the earliest. A payment def...

Rights of the data subject in scientific research The rights of the data subject arising from the basis for processing should be considered at the planning stage of the study. Research subjects must be informed of how their personal data will be p...

Automated decision-making and profiling What does profiling mean? Profiling means the automated processing of personal data for evaluating the personal aspects of an individual. In particular, profiling refers to the analysis or prediction of aspe...

Frequently asked questions about banking Are banks permitted to copy my ID? Yes. Banks have a statutory obligation to know and identify their customers. Among other things, this means that the bank must verify the customer’s identity in a reliable...

Scientific research and data protection Taking care of data protection builds trust in research subjects and is a requirement for the success of any study. It is essential to plan the processing of personal data for its entire lifespan before the ...

Frequently asked questions about personal identity code Is it permitted to ask for the personal identity code when a guest checks into a hotel? Yes. According to the Act on Accommodation and Food Service Activities (308/2006), an accommodation pro...

Data protection for children and youth A lot of information called personal data is collected on you when you use the internet, social media or the apps on your phone, or play video games. Personal data is also collected for your hobbies and at sc...

Have you misplaced personal data? This page provides instructions on what to do if your personal data has been lost, stolen or acquired with a phishing message. Act fast especially if: you have lost payment card details or your online bank ID and ...

Controller's legitimate interests The processing of personal data can sometimes be justified due to the legitimate interests of the controller or a third party. The use of legitimate interests as a basis for processing requires particularly carefu...

7.12.2022 | ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2021 2 ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2021 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of individuals with reg...

Have you been affected by a personal data breach? This page contains instructions for people who have been affected by a personal data breach. If you have been affected by a personal data breach, first check what data about you could have been dis...

Annual report 2024 The Office of the Data Protection Ombudsman safeguards the rights and freedoms of individuals with regard to the processing of personal data The Office of the Data Protection Ombudsman is an autonomous and independent authority ...

27.9.2021 | ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2020 2 ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2020 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of individuals with reg...

Frequently asked questions about health care Rectifying patient records How can I rectify my patient records? If there are errors in your patient records, you can ask for their rectification. The rectification request is made to the health care un...

17.12.2020 | ANNUAL REPORT OFFICE OF THE DATA PROTECTION OMBUDSMAN 2019 2 ANNUAL REPORT OFFICE OF THE DATA PROTECTION OMBUDSMAN 2019 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of individuals with regard to the pro...

23.5.2018 | ARTICLE 29 DATA PROTECTION WORKING PARTY This Working Party w as set up under Article 29 of Directive 95/46/EC. It is an independent European advisory body on data protection and privacy. Its tasks are described in Article 30 of Directive 95/46/EC...

6.8.2018 | ARTICLE 29 DATA PROTECTION WORKING PARTY This Working Party was set up under Article 29 of Directive 95/46/EC. It is an independent European advisory body on data protection and privacy. Its tasks are described in Article 30 of Directive 95/46/EC ...