Processing of personal data Summer job voucher for youth employment

The personal data is processed for the identification of the young person and the employer/representative so that we can assess whether the prerequisites for granting the summer job voucher and for paying the settlement based on the summer job voucher are met. If necessary, personal data can be used to maintain contact between the City of Vantaa and you. In addition, the purposes of the processing of personal data include statistics, archiving and assessing how effective the summer job voucher is in terms of employment.

The purpose of the summer job voucher is to support the employment of young Vantaa residents, lower employers’ threshold for hiring young people and promote the vitality of the region. According to Section 18(2) of the Constitution of Finland, a public authority must promote employment.

We will never use the data for any other purposes, such as direct marketing or commercial aims.

The processing of personal data necessary for the provision of the summer job voucher is based on the authority’s performance of a duty in the public interest. The processing is also necessary to implement an agreement to which the data subject is a party or to implement, on the data subject’s behalf, measures that necessitate an agreement.

Legal basis for the processing:

Article 6(1)(e) of the EU General Data Protection Regulation (2016/679)

Section 4 of the Data Protection Act (2018/1050)

The following personal data are collected from the young person:

• first name
• last name
• personal identity code
• phone number
• email address
• home address
• postcode and city/town
• municipality of residence
• payslip

The data are collected from you when you apply for the summer job voucher and from your employer who applies for a payment based on the summer job voucher after employing you. The person who prepares the City of Vantaa’s decision will review from the Population Information System your data and, through them, your entitlement to the summer job voucher.

The following data are collected from the employer’s representative:

• first name
• last name
• phone number
• email address
• employer’s representative’s signature and name in block letters
• Data collected in the City of Vantaa’s application system for employment subsidies when using the system as identified through suomi.fi or with suomi.fi authorisation:
  • information on the e-service that requested the authentication
  • the user’s IP address, the browser used and the operating system
  • timestamps associated with the authentication event
  • personal identity code of the identified user, if banking credentials, mobile certificate or certificate card have been used for the authentication
  • information about the authenticator used and the personal data retrieved by the authenticator which include:
  • banking credentials: personal identity code, name information, bank transaction identifier
  • mobile certificates: phone number, transaction identifier sent to the mobile phone
  • identity card: electronic transaction identifier, information about the issuer of the certificate
  • professional card of social services and healthcare: unique registration number issued by the National Supervisory Authority for Welfare and Health Valvira, serial number of the certificate, information about the issuer of the certificate
  • organisation cards and certificate cards of other social welfare and healthcare personnel: unique personal identifier, serial number of the certificate, information about the issuer of the certificate
  • personal identity code of the identified user transmitted to the e-service and what other personal data retrieved from the Population Information System have been transmitted to the e-service. In addition to the personal identity code, the register does not contain actual data content with regard to other transmitted data

The employer’s representative must independently provide the information when applying for a payment on the basis of the summer job voucher. The above-mentioned information is collected/transmitted during the authentication.

Yes, it is. Without the personal data of the young person and the employer’s representative, we will not be able to assess their entitlement to the summer job voucher or make a payment to the employer on the basis of the summer job voucher.

We only disclose your data if the disclosure is based on legislation or if you have given your consent to the disclosure of your data. You can withdraw your consent to the disclosure at any time. The data will never be disclosed to third parties for marketing or other commercial purposes.

Data security and data protection have been secured by various technical and organisational measures to ensure your privacy. For example, personal data may be processed only by persons who need them to perform their work or official duties and only to the extent required by an individual task. In the client data system, this is monitored, among other things, by using log information. Paper documents are kept in city archives in a safe place that no outsider can access.

Staff are bound by the obligation of professional confidentiality and will continue to be bound by it even after the conclusion of their employment.

In cases where the processor of personal data handles personal data on behalf of the City of Vantaa, the appropriate level of data security and data protection has been agreed in an agreement with the processor. “Processor of personal data” means a party that processes personal data for the city, such as a service provider.

As a rule, data are only processed in the EU or EEA territory, but the processor can also transfer data outside the EU or EEA. However, such a transfer is only permitted if it meets the requirements set out in the data protection legislation and the agreement, which ensure an adequate level of protection for personal data.

When the young person provides their personal data in the Webropol system, the processing of personal data takes place in the EU or EEA territory, and the data are not transferred outside the area. The City of Vantaa’s subsidy application system, through which the employer applies for the payment on the basis of the summer job voucher, does not disclose data outside the EU or EEA territory.

In addition, the data are processed in the Microsoft Office 365 service of the City of Vantaa. The content of the services provided by Microsoft is saved in the EEA territory. However, Microsoft develops Office 365 services from outside Europe and data are considered to be transferred outside the EEA if, for example, an administrator remotely contacts a European server room from the United States to resolve an error. When the person preparing the City of Vantaa’s summer job voucher informs a young person about the granting of the summer job voucher, using a Microsoft email service (Outlook), the data included in the message may be transferred outside the EU or EEA territory. The transfer is based on the 10 July 2023 decision of the European Commission on the adequacy of data protection level in the United States. The US companies to which data are transferred are certified companies committed to the safeguards agreed between the EU and the US. Microsoft is such a certified company.

Despite the protection measures, it is possible in exceptional cases that your personal data may be subject to a security breach or end up in the hands of a third party. In these cases, we will take immediate measures to rectify the situation. If the breach causes a risk to you, we will notify the Data Protection Ombudsman. The notification shall be made no later than 72 hours after discovering the breach. If the security breach poses a high risk, we will also notify you of the security breach.

The data are kept and destroyed in accordance with the City of Vantaa’s information management plan. The storing times of documents defined in the data management plan are based on legislation, the National Archives of Finland’s provisions concerning permanently stored documents and the Association of Finnish Municipalities’ recommendations concerning documents stored for a definite period of time. At the end of the period, the data will be destroyed.

In the subsidy application system, the data are stored for 5 years from the year of issue of the summer job voucher.

The accounting records of summer job vouchers are stored for 10 years for the purpose of ascertaining payment transactions (Chapter 2, Section 10 of the Accounting Act).

The City of Vantaa’s case management system stores the official decisions related to summer job vouchers for 10 years.

Your data will not be used for profiling or automatic decision-making.

“Data subject” means the person whose personal data are being processed. If we process your personal data, you have the right to:

• check what data of yours are being processed
• demand the correction of incorrect or inaccurate data
• demand the erasure of your data
• demand the restriction of the processing of your data
• object to the processing of your data
• the right to receive your data and transfer it to another controller

You can submit an access request in person at Vantaa Info. Access request forms are available at Vantaa Info and on the vantaa.fi website. Bring along a passport, driving licence or ID card with a photo to prove your identity. The form can also be delivered by post to the address Kirjaamo, PL 1100, 01030 Vantaan kaupunki. In this case, we will check your identity in some other reliable way.

If you wish to enforce other rights to which you are entitled as a data subject or request additional information on the processing of personal data, please contact the person specified under section 14 below. The legal basis for the enforcement of your rights is verified on a case-by-case basis. In order to enforce your rights, you may have to prove your identity.

We will fulfil the requests without undue delay, but no later than within one month of receiving each request. If necessary, the deadline may be postponed by a maximum of two months based on the complexity of the request and the quantity of the information. If the deadline is postponed, you will be notified.

As a general rule, exercising one’s rights is free of charge. However, we may collect a reasonable fee corresponding to the administrative costs or refuse a request if the request in question is clearly unfounded, unreasonable or recurrent. We will contact you if we intend to collect a fee for completing your request. If we refuse to complete your requested measure, you will be informed in writing of the grounds for the refusal and your right to refer the matter to the Data Protection Ombudsman or resort to other legal remedies.

If you suspect that your personal data are being processed unlawfully, you can submit an appeal to the Data Protection Ombudsman. More information and instructions on submitting an appeal are available from the contact person specified in section 14, the city’s data protection officer and on the website of the Office of the Data Protection Ombudsman and the office’s telephone guidance service:

Office of the Data Protection Ombudsman/www.tietosuoja.fi

Visiting address: Lintulahdenkuja 4, FI-00530 Helsinki

Postal address: PL 800, 00531 Helsinki

Email: tietosuoja(at)om.fi

Tel. (exchange): +358 29 566 6700

Tel. (helpline for private individuals): +358 29 566 6777

More information on the processing of personal data is available from the contact person specified below. Please note that email is not a safe medium for processing personal data. As such, please do not send sensitive information, such as your personal identity code, via email.

Contact person

Kari Ahlström, Service Supervisor, Employment and Integration Service Area, Employment Services, firstname.lastname(at)vantaa.fi, tel.: +358 50 312 4520

Saara Nykänen, Coordinator/Data Protection Contact Person, Employment and Integration Service Area, Employment Services, firstname.lastname(at)vantaa.fi, tel.: +358 40 650 3095

Janne Riipinen, Lawyer, Employment and Integration Service Area, firstname.lastname(at)vantaa.fi, tel.: +358 40 500 2745

The controller is the City of Vantaa’s City Board. Contact details of the controller and the City of Vantaa data protection officer can be found below:

Controller                                                                          

City of Vantaa                                                                                       

City Board                                                        

Business ID 0124610-9

tel.: 09 839 11

Asematie 7, 01300 Vantaa                                                  

Data protection officer

tietosuojavastaava@vantaa.fi

Registry Office           

Postal address: PL 1100, 01030 Vantaan kaupunki

Visiting address: Vantaa Info Centre Tikkurila, Dixi, Ratatie 11, 2nd floor, 01300 Vantaa.

Tel. (exchange): 09 839 11

Fax +358 9 8392 4163, email: kirjaamo(at)vantaa.fi