Haku

Euroopan tietosuojaneuvoston ohjeet Euroopan tietosuojaneuvosto vastaa EU:n yleisen tietosuoja-asetuksen ja poliisi- ja rikosoikeusviranomaisia koskevan tietosuojadirektiivin yhdenmukaisesta soveltamisesta Euroopan unionissa. Tietosuojaneuvosto ju...

List compiled by the Office of the Data Protection Ombudsman of processing operations which require data protection impact assessment (DPIA) Updated 21.12.2018 Article 35 (1) GDPR requires a DPIA when the processing activity is likely to result in...

Pseudonymised and anonymised data Pseudonymised personal data Pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific person without the use of additional information...

Impact assessment Impact assessments are designed to identify, evaluate and control risks involved in the processing of personal data. They are designed to be a continuous process for identifying and controlling risks. Impact assessments must be c...

Guidelines of the European Data Protection Board The European Data Protection Board (EDPB) is responsible for the uniform application of the EU's General Data Protection Regulation and the Data Protection Directive applying to police and criminal ...

Anvisningar av Europeiska dataskyddsstyrelsen Europeiska dataskyddsstyrelsen ansvarar för en harmoniserad tillämpning inom Europeiska Unionen av EU:s allmänna dataskyddsförordning och dataskyddsdirektivet, som gäller för polis- och strafrättsmyndi...

Lifespan of personal data processing, data protection principles and the protection of data in scientific research If processing of personal data is necessary for the implementation of the study, the lifespan of the processing must be planned from...

Frequently asked questions about mobile location Why do telecommunications companies process location data? Thanks to communications networks, users are available wherever they are. In order to create a connection between the caller and recipient ...

What is personal data? All data related to an identified or identifiable person are personal data. In other words, data that can be used to identify a person directly or indirectly, such as by combining an individual data item with some other piec...

Scientific research and data protection Taking care of data protection builds trust in research subjects and is a requirement for the success of any study. It is essential to plan the processing of personal data for its entire lifespan before the ...

Data protection in the development and use of AI systems These pages have information on the requirements arising from data protection legislation that should be taken into account when artificial intelligence (AI) systems are developed and used. ...

Tietosuojavaltuutetun toimiston sähköinen uutiskirje Tietosuojavaltuutetun toimisto julkaisee sähköistä uutiskirjettä, jonka voi tilata toimiston verkkosivujen kautta. Kirje lähetetään sähköpostitse sen tilanneille (opt-in). Henkilötietoja käytetä...

Carrying out an impact assessment 1. Draw up a systematic description of the envisaged processing operations and the purposes of the processing Draw up a description of the nature, scope, context and purposes of the processing of personal data. Id...

Right to erasure In certain cases, the data subject has the right to have the controller erase data concerning him or her without undue delay. This right is also known as the right to be forgotten. The controller is obligated to erase the personal...

4.7.2025 | On 1–2 July, the European Data Protection Board met in Helsinki for a two-day high level meeting to discuss common outlines for future work. In the statement issued at the meeting, the data protection authorities agreed on new measures to facilitate compliance with data protection regulations, to increase dialogue with stakeholders and to develop cooperation between authorities in different sectors.

17.1.2023 | The Deputy Data Protection Ombudsman has issued a reprimand to the libraries of the cities of Helsinki, Espoo, Vantaa and Kauniainen for infringements of data protection legislation in the processing of personal data. The websites of the Capital Region's Helmet libraries have used tracking technologies that may have conveyed data on, for example, the books and other materials searched for by users to third parties. Personal data has also been unlawfully transferred to the United States.

31.7.2023 | ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2022 ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2022 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of individuals with regar...

13.8.2024 | TIETOSUOJAVALTUUTETUN TOIMISTON TOIMINTAKERTOMUS 2023 K 13/2024 vp TIETOSUOJAVALTUUTETUN TOIMISTON TOIMINTAKERTOMUS 2023 3 Sisällys Tietosuojavaltuutetun toimisto turvaa ihmisten oikeuksia ja vapauksia henkilötietojen käsittelyssä....................

25.6.2025 | ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN OF FINLAND 2024 ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN OF FINLAND 2024 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of ...

27.9.2021 | ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2020 2 ANNUAL REPORT OF THE OFFICE OF THE DATA PROTECTION OMBUDSMAN 2020 3 Contents The Office of the Data Protection Ombudsman safeguards the rights and freedoms of individuals with reg...