What is personal data?
Personal data refers to all information relating to an identified or identifiable natural person, such as name, personal identification number, home address, telephone number, car registration number and patient information.
How the City of Vaasa handles personal data?
Most of the services in the City of Vaasa are based on the implementation of a statutory obligation, public interest or the exercise of public authority. In these cases, the processing of personal data does not require separate consent from the customer.
Personal data received will be processed carefully and will only be handled by those persons whose duties they belong to. This is done in accordance with a data-safe and customer-friendly policy. The persons who process the information are bound by a confidentiality requirement and receive appropriate training.
Various log systems monitor especially the processing of sensitive personal data. Information systems are protected using a firewall and constantly updated virus protection software, for example.
Where to find personal data and why is it collected?
As a rule, personal data can be obtained directly from the customer or obtained from the registers of various authorities, e.g. the Social Insurance Institution of Finland (Kela) and the Population Register Centre.
When a customer obtains a service, the City of Vaasa collects only the personal information needed to produce this service. The personal information collected is determined by the particular service being used.
Disclosure of personal data
Personal data may be disclosed to another department within the City of Vaasa or to another authority, such as the Finnish Social Insurance Institution of Finland (Kela) or the Tax Administration, within the limits of the law.
- The right to information concerning what, how and why personal data is processed.
- The right to restrict the processing of data until the legality of the processing is verified.
- The right to data rectification, in which case incorrect or inaccurate information is corrected.
- The right to be forgotten. This right cannot be used in registers based on law.
- The right to access information, i.e. whether the city processes the customer’s personal data and what information is being processed. The city has one month to respond to this information request. If the information request is complex, the response time can be extended by two months.
- The right to object. The Customer may oppose the processing of their personal data, for example, to prohibit direct marketing. The City of Vaasa does not disclose personal information to direct marketing companies.
- Information on a data breach. In the event of a potential high-risk security breach, the city is obliged to notify the customer without undue delay.
- The right to lodge a complaint with a supervisory authority, if the Customer considers that his/her personal data are being infringed upon in the processing of his/her personal data.
Using Your Rights
If you wish to use your rights, contact the appropriate agency / institution or, if possible, use the electronic service.
An electronic service, for example via Suomi.fi, requires strong authentication with bank identifiers, a certificate card or a mobile certificate, so that the data user can be identified reliably. Data is generally provided free of charge. If information requests often come from the same person or are exceptionally extensive, a reasonable fee may be charged.
The vaasa.fi website collects information on:
- types of devices used to access the website
- the online address from which users access the website
- the individual pages visited
- How many users a site has, visitors to a single page only appear as numbers
The vaasa.fi website does not collect the following information:
- does not collect information about user IP addresses
- the website does not send personal information to third parties
- does not collect information on a user’s location more accurately than on the municipal level
The information is in such a format that it cannot be associated with an individual user without additional information.
Chat service privacy
The chat service is one of the customer service channels belonging to the City of Vaasa. In chat, visitors can post anonymously and are not required to register.
In a chat, the conversation between the visitor and the customer advisor is deleted immediately after the conversation, and no personal information is stored about the conversation. The visitor is also not asked for any personal information and is unable to handle their personal affairs in the chat function.
During the conversation, the visitor can also subscribe to the conversation history in their own e-mail.
The chat service collects the following analytics data from conversations:
- The time of the conversation
- Name of the customer advisor
- Visitor location (country)
- The visitor’s email address when they subscribe to the conversation in their email. The email address will be deleted once the conversation has been sent to the customer.
Purpose of the data
The information will be used to ensure the technical functionality and security of the site, to analyze and develop the site, and to target marketing communications as described below.
Website analysis and development
The vaasa.fi website uses the web analytics tool Google Analytics, which uses the site’s data to collect statistical information. The data is collected in order to analyse the number of visitors, the interest of the content and the usage of the service, and to develop the website.
- Purpose: To collect and analyze site statistics for site development.
- Google Analytics does not collect personal information about users of the site.
- Learn more about Google Analytics: How Google uses data on partner sites and applications: www.google.com/policies/privacy/partners/
A cookie is a small text file that an internet browser stores on a user’s device. Cookies are set on the user’s terminal only with the site the user invites. Only the server that sent the cookie can later read and use the cookie. Cookies or other technologies do not damage the user’s terminal or files, and cookies cannot be used to access programs or spread malware.
Targeting marketing communications
We use advertising cookies in social media and advertising. The use of advertising cookies requires the consent of the user. Advertising cookies allow us to place targeted content for you. In marketing campaigns, cookies are precisely activated through our selection of marketing partners in our online services. Such third-party cookies may also be used by those companies to understand users’ interests with the objective of displaying relevant ads on other sites. Third-party cookies can also be used in social media services.