What is personal data?
Personal data refers to all information relating to an identified or identifiable natural person, such as name, personal identification number, home address, telephone number, car registration number and patient information.
How the City of Vaasa handles personal data?
Most of the services in the City of Vaasa are based on the implementation of a statutory obligation, public interest or the exercise of public authority. In these cases, the processing of personal data does not require separate consent from the customer.
Personal data received will be processed carefully and will only be handled by those persons whose duties they belong to. This is done in accordance with a data-safe and customer-friendly policy. The persons who process the information are bound by a confidentiality requirement and receive appropriate training.
Various log systems monitor especially the processing of sensitive personal data. Information systems are protected using a firewall and constantly updated virus protection software, for example.
Where to find personal data and why is it collected?
As a rule, personal data can be obtained directly from the customer or obtained from the registers of various authorities, e.g. the Social Insurance Institution of Finland (Kela) and the Population Register Centre.
When a customer obtains a service, the City of Vaasa collects only the personal information needed to produce this service. The personal information collected is determined by the particular service being used.
Disclosure of personal data
Personal data may be disclosed to another department within the City of Vaasa or to another authority, such as the Finnish Social Insurance Institution of Finland (Kela) or the Tax Administration, within the limits of the law.
- The right to information concerning what, how and why personal data is processed.
- The right to restrict the processing of data until the legality of the processing is verified.
- The right to data rectification, in which case incorrect or inaccurate information is corrected.
- The right to be forgotten. This right cannot be used in registers based on law.
- The right to access information, i.e. whether the city processes the customer’s personal data and what information is being processed. The city has one month to respond to this information request. If the information request is complex, the response time can be extended by two months.
- The right to object. The Customer may oppose the processing of their personal data, for example, to prohibit direct marketing. The City of Vaasa does not disclose personal information to direct marketing companies.
- Information on a data breach. In the event of a potential high-risk security breach, the city is obliged to notify the customer without undue delay.
- The right to lodge a complaint with a supervisory authority, if the Customer considers that his/her personal data are being infringed upon in the processing of his/her personal data.
Using Your Rights
If you wish to use your rights, contact the appropriate agency / institution or, if possible, use the electronic service.
An electronic service, for example via Suomi.fi, requires strong authentication with bank identifiers, a certificate card or a mobile certificate, so that the data user can be identified reliably. Data is generally provided free of charge. If information requests often come from the same person or are exceptionally extensive, a reasonable fee may be charged.