For the protection of the privacy and legal protection of the users of the services, it is important that the municipality processes personal data properly and in the manner required by law. From 25 May 2018, the legislation governing the processing of personal data will be based on the General Data Protection Regulation of the European Union (2016/679), which applies to the processing of personal data required for the city’s service production. The aim of the new legislation is to improve customers’ rights and the protection of personal data.
With the general data protection regulation of the European Union, many data protection principles remain unchanged, but the data protection regulation also introduces new obligations regarding data protection and the processing of personal data, which the controller (municipality) must be prepared for. The registrar must e.g. ensure that the data protection principles set out in the Data Protection Regulation are complied with at all stages of the processing of personal data.
Compliance with data protection principles:
According to the data protection principles, there is personal data
- processed lawfully, appropriately and transparently for the data subject
treated confidentially and securely
- collected and processed for a specific, explicit and legitimate purpose
- collect only the amount necessary for the purpose for which the personal data are processed
- update whenever necessary – inaccurate and incorrect personal data must be deleted or corrected without delay
- shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes of the processing.
Data subjects (customers) are guided by the municipal data protection officer in matters related to the processing of personal data.
Contact details of the Data Protection Officer:
|Anja Nuppumäki||Data Protection Officer||044 7426 email@example.com|