Processing of personal data in Youth Council elections and Youth Council activities

The City of Vantaa processes the personal data of Youth Council candidates, candidates’ guardians, elected members and those eligible to vote for the following purposes: implementation of Youth Council elections, forming the Youth Council, organization of the Youth Council's activities. The personal data of those eligible to vote is processed only to verify the right to vote and carry out the election. The personal data of youth councilors necessary for the organization of the Youth Council’s activities is processed during their term of office.

We will never use the data for other purposes such as direct marketing or commercial purposes.

The processing of personal data necessary for arranging Youth Council elections and Youth Council activities is based on fulfilling a statutory obligation and public interest.

Statutory task; GDPR Article 6(1)(c). Section 26 of the Local Government Act sets out the obligation of the city executive board to form a Youth Council and ensure the appropriate operating conditions. In addition, Section 24 of the Youth Act stipulates the right of young people to participate, influence and be heard, and Section 8 sets out the municipality’s responsibility for youth policy and the civic activity of young people.

Consent; GDPR Article 6 (1)(a). Participation in the Youth Council’s activities and running for office are voluntary. Candidates shall be asked for their consent, which can also be revoked.

In addition, processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; GDPR Article 6(1)(e).

The City of Vantaa collects the following information:
•    Youth Council candidates and members: first and last name, age, identity number, address, postcode, phone number, email address, area of residence in Vantaa and a photo.
•    Candidates’ guardians: first and last name, phone number and email address.
•    Those eligible to vote: first and last name, address, postcode and post office, date of birth (necessary for sending a letter and verifying right to vote), school or educational institution information (necessary for drawing up voting lists for schools and educational institutions). School and educational institution information is only collected for those who attend a school or educational institution in Vantaa.

The data of Youth Council candidates and members is obtained from the persons themselves. If necessary, the candidates’ data may be checked from the population information system maintained by the Digital and Population Data Services Agency. The data of those eligible to vote is obtained from the population information system and their school information from the City of Vantaa’s basic education student register, Vantaa Vocational College Varia’s student register and Mercuria Business College's student register.

Yes. Obtaining and processing the requested personal data is a prerequisite for running for office, being elected and, for voters, voting.

Personal data may only be disclosed with the consent of the person whose personal data is in question, or if the law requires the disclosure of the data. The data will not be disclosed to outside parties for other purposes such as direct marketing or commercial purposes.

Candidates’ first name, last name and email address will be disclosed to the supplier of the candidate matcher and the supplier of the electronic voting system. The address information of those eligible to vote will be disclosed to the mailing service provider for the purpose of sending the election letter.

To ensure your privacy, we have protected your personal data with the help of various technological and organizational measures. For example, only the employees that need the data to perform their work are allowed to handle the data and only to the extent required by any individual task. In the customer-information system, this is monitored with the help of logfiles, among other things. Paper documents are stored in the city’s various archives, on safe premises that are inaccessible to outside parties.

The employees are bound by confidentiality and professional secrecy, which continues also after termination of employment. 

In cases where a party processes personal data on behalf of the City of Vantaa, the level of appropriate information security and data protection has been agreed on in the contract made with the processor. The processor of personal data refers to a party that processes personal data on behalf of the City of Vantaa, for example, a service provider.

As a general rule, data is processed only within the EU or EEA, but the processor may also transfer data outside the EU or EEA countries. Nevertheless, the transfer is only allowed when it meets the demands of the data protection legislation and contract that ensure a sufficient level of protection of personal data.

Data will not be processed outside the EU or the EEA.

It is possible that, regardless of protection, your personal data may exceptionally end up as a target of a breach of data as well as in the possession of an outside party. In these cases, we will take immediate measures to rectify the situation, and we will inform the data protection ombudsman if the breach of data security causes any risk to you. The notification will be made, at the latest, within 72 hours of noticing the breach of data security. If the breach of data security presents a high risk, we will also inform you about it. 

Data will be stored and deleted in accordance with the City of Vantaa’s information management plan. The duration of storing documents specified in the information management plan is based on legislation, the National Archives of Finland's regulations for permanently stored documents, as well as the Association of Finnish Local and Regional Authorities’ recommendations for temporarily stored documents. After the end of the data storage period, the data will be deleted.

As a general rule, the data will be stored for the duration of the Youth Council’s term, that is, about 2 years.

Your data will not be used for profiling or automatic decision-making. 

The data subject refers to the person whose personal data is being processed. If we process your personal data, you have the right to 
-    check how your data is processed
-    demand that inaccurate or faulty data be corrected
-    demand that your data be removed
-    request that handling of your data be restricted
-    object to the handling of your data

The verification request shall be submitted on a separate form, available online at: vantaa.fi and at Vantaa Infos. If you want more information about processing your personal data or about your rights, please contact the contact person mentioned in section 15 below. We will case-specifically verify exercising the legislative rights, as soon as your identity has been authenticated.

We will execute information requests without undue delay, but, at the latest, within a month of receiving the request. The deadline can be extended by at most two months, when required, by accounting for the complexity and amount of data of the request. If the deadline is extended, we will inform you about it.

As a general rule, exercising your rights is free of charge. We may, however, charge a reasonable fee, corresponding with the administrative costs, for implementing the request, or decline to perform the measure, if the request is obviously ungrounded, unreasonable, or recurrent. If there is a charge for executing your request, we will contact you. If we decline to perform the measure, we will inform you in writing about the grounds for the refusal as well as about the option to submit the matter to be handled by the data protection ombudsman or to exercise other legal remedies. 

If you suspect that your personal data is illegally processed, you can submit an appeal to the data protection ombudsman. Further information on and instructions for submitting an appeal is provided by the contact person mentioned in section 15, the city's data protection officer, the data protection ombudsman's office website, and phone consultation:

Data protection ombudsman's office / www.tietosuoja.fi
Street address: Lintulahdenkuja 4, 00530 Helsinki
Mailing address: P.O. Box 800, 00531 Helsinki
Switchboard: 029 566 6700
Registry: 029 566 6768

Additional information on processing personal data is provided by the contact person below. Please note that email is not a safe medium for processing personal data. Be sure not to send, for example, your identity number or any sensitive information by email.

Contact person
Data protection contact information, Urban Culture and Wellbeing Department

tietosuoja.kaku(at)vantaa.fi

The data controller is the City of Vantaa’s Urban Culture and Wellbeing Committee. You will find the contact information of the data controller and the City of Vantaa's data protection officer below:

Controller                    
The City of Vantaa                     
Urban Culture and Wellbeing Committee                
Business ID: 0124610-9             
Asematie 7, 01300 Vantaa            

Data protection officer
tietosuojavastaava@vantaa.fi

Registry    
Mailing address: P.O. Box 1100, 01030 Vantaan kaupunki
Street address: Tikkurila Vantaa-info, Dixi, Ratatie 11, 2nd floor, 01300 Vantaa.
Phone (switchboard): 09 839 11
Fax: 09 8392 4163, email: kirjaamo(at)vantaa.fi