Processing personal data

The EU's General Data Protection Regulation dictates the tasks and obligations of both controllers and processors of personal data. The City of Vantaa, too, handles personal data in compliance with the regulation.

Ihmisiä kannettavan tietokoneen äärellä.

Both the public and the private sector apply the EU's General Data Protection Regulation—valid as of May 25, 2018—to processing of personal data. The aim of the regulation is to improve personal data protection, to meet the data protection issues related to digitization and globalization, as well as to standardize data protection regulation in all of the EU countries. 

Clear information documents

The EU's General Data Protection Regulation does not require compilation of a register or privacy statement of the previous kind. According to the regulation, the registered person must be informed about processing of their personal data in an easy-to-understand and compact format. The previous register and privacy statements are replaced with information documents. 

Familiarize yourself with the City of Vantaa’s information documents.

This page lists Vantaa's information documents per departments.

The right to check your own data

The registered person has the right to check how their personal data are processed in the city. The possibility of checking one’s data predates the data protection regulation. 

If your data have been collected, you can request a free-of-charge copy of your data. An inspection request is made in connection with a personal visit or by means of a personally signed or otherwise reliably verified document at Vantaa Info Your identity will be verified in connection with submitting the verification request. Information requests submitted over the phone or by email cannot be handled. 

The right to transfer data from one system to another

This right is applied when personal data are handled with the registered person’s consent, based on an agreement, and in case of automatic processing. The transfer right applies to such data in the city's registers that have been collected for the purpose of performing voluntary tasks. The transfer right does not apply to such data that have been collected for performing tasks related to the common good, or to public authorities. 

The right to rectify or to remove one's own data, to restrict or to object to handling of one’s own data

Faulty data will be corrected or removed in their entirety, based on a written request, similarly to the earlier practice. The registered person also has the right to cancel their consent on which the handling has been based. In this case, the registered person can request the controller to remove their data from the systems. This does not, however, apply to the city's statutory registers. 

During the time a data correction request or a data removal request is handled, processing of data can be restricted. Based on a personal special situation, a registered person has the right to oppose to handling of their personal data. This does not, however, apply to the city's statutory registers. 

The right to be informed about a security breach

If the data, regardless of encryption, end up in the wrong hands, the city will take immediate action to amend the situation. 

The City of Vantaa will inform of data seepage immediately or, at the latest, within 72 hours from the time the breach was noticed if the data seepage in question may cause significant disadvantage to your rights. If the security breach applies to many people and the matter does not require that you take any immediate measures, the security breach can also be informed in a general announcement. As regards breaches in handling of personal data, it is always possible to submit the matter to the data protection ombudsman. 

The city’s data protection officer monitors adherence to the data protection regulation in handling personal data. 

Read more about data protection related to personal data on the data protection ombudsman’s website

Familiarize yourself with Vantaa's data balance sheet

Vantaa publishes an annual data balance sheet that everybody—decisionmakers and all interested parties—are entitled to read. The data balance sheet gives an overall review of the state of handling personal data at the City of Vantaa. Furthermore, the report lists threats and development measures related to handling of personal data. 


Data protectionInformation requests