Privacy notice: Processing of personal data, personal data register for provision of after-school activities

Date of publication: 9.8.2024 (Updated on 25 May 2026)

Personal data is generally used in Espoo for the provision, planning and assessment of activities and services and for statistical purposes. In this service, after-school activities are provided by Espoo’s Finnish Basic Education Unit and Swedish Education and Cultural Services. The processing of personal data is necessary for the provision of the service. Activities are organised as the city’s own service, as an outsourced service or by providing grants to service providers. The city decides on the admission of pupils to after-school activities, charges a client fee for the activities and decides on the reduction of fees for after-school activities.

In this service, personal data is processed on the following legal grounds:

To comply with the data controller’s legal obligation. After-school activities are provided in accordance with chapter 8a of the Act on Primary and Lower Secondary Education (628/1998).

The processing of personal identity codes is based on section 29, subsections 1 and 2 of the Data Protection Act (1050/2018). The unique identification of the data subject and their personal data is important for the performance of a statutory duty.

Through the Primus school administration system, school staff see whether the school’s pupils attend after-school activities, their hours of attendance, and the service provider. Employees only process personal data based on their duties. Most applications for after-school activities are submitted online through Wilma, but a paper form is also available. When submitting an application, the guardian decides whether they wish to receive the decision electronically or by post.

Guardians provide the information when applying for after-school activities via Wilma or using the paper form. Guardians provide information on any changes in writing via Wilma or by email.

Information related to the non-collection or reduction of client fees is primarily obtained from the online application through the OmaEspoo service portal. The paper application is available on the Espoo.fi website or on request.

Basic information on pupils and their guardians and, if applicable, information on decisions concerning support for learning and school attendance (Act on Primary and Lower Secondary Education (628/1998), section 20f) is obtained from the pupil register in the Primus school administration system, when preparing decisions concerning applications from pupils in grades 3–9.

Guardians fill in the Tietoja lapsesta form and submit it directly to the provider of after-school activities. The service provider stores and archives the forms in accordance with the city’s instructions. If the service provider discontinues its operations, the forms will be transferred to the city’s archives.

In order to provide the service, it is necessary to process the following data, described in more detail below.

Information obtained from the application for after-school activities:

• Child’s information: name, personal identity code and address
• Guardian’s information: name, personal identity code, address, telephone number and email address
• School or service provider providing after-school activities
• Name of the school and grade
• Hours of attendance

The personal identity code is needed for invoicing.

 

Decision on admission to after-school activities:

• Admission to and place of after-school activities
• Hours of attendance (full-time/part-time)
• Client fee

Tietoja lapsesta (‘Information about the child’) form, available to service providers on the Espoo.fi website:

• Child’s name and address
• Guardians’ contact information
• Hours of attendance
• Information on the child’s transport arrangements
• Child’s allergies, special dietary needs, and medication during after-school activities
• Other matters to be considered during after-school activities
• Consent to sharing of information

You can find the Tietoja lapsesta form through the following link: Forms and instructions. The form for after-school activities provided by Swedish Education and Cultural Services is available from the service provider.

Non-collection or reduction of client fees:

The necessary income and family information is obtained from the application for the non-collection or reduction of client fees (Act on Primary and Lower Secondary Education (628/1998), section 48f, subsection 2). 

Applications for the non-collection or reduction of client fees are primarily submitted online through the City of Espoo’s OmaEspoo service portal. The paper application is available on the Espoo.fi website or on request.

When preparing a decision on the non-collection or reduction of client fees, information provided by clients concerning Kela benefits that affect the decision may be checked by the City of Espoo’s office-holders from Kela’s Kelmu system. The register also includes information on whether the client is entitled to exemption from fees on other grounds. If necessary, information is checked from the Digital and Population Data Services Agency or Trimble Locus Cloud. 

Content of the application form:

• Guardian’s personal data, employment and/or student status
• Personal data of the guardian’s child living in the same household: name, personal identity code, address, school and grade. In addition, applicants are asked to provide the desired start and end dates of the benefit and the number of other under 18-year-old children in the family.
• Personal data of the guardian’s partner living in the same household: name, address, email address, telephone number, and employment, entrepreneurship, unemployment or student status. In addition, the income information of the other guardian / partner must be provided for the purpose of assessing whether the non-collection or reduction of client fees can be granted.

Decision on the non-collection or reduction of client fees:

• Child’s name, address, location of after-school activities
• Client fee

In the electronic application process, decisions are available in the OmaEspoo service portal. In addition to the electronic decision document, clients can request that the decision document be sent by post.

We obtain identification data, names and personal identity codes through the Suomi.fi service managed by the Digital and Population Data Services Agency.

Personal data is stored for as long as it is necessary for the provision of the service or required by legislation.

Data is stored and destroyed in line with the City of Espoo’s records management plan and the applicable provisions and regulations issued by the National Archives of Finland. 

In terms of this service, data is deleted as follows:

Applications, decisions, attendance lists, client fee reduction applications and decisions are stored for ten years. Service providers store the Tietoja lapsesta form for the period of validity and for two years thereafter. If the service provider discontinues its operations, they are obliged to deliver the forms to the city for archiving purposes.

Personal data is processed by the City of Espoo’s office-holders and employees as well as external operators from whom the City of Espoo purchases services or with whom the City of Espoo carries out cooperation projects. We only select contracting partners who comply with good personal data processing practices and meet the requirements of the General Data Protection Regulation. Compliance with data protection requirements is ensured through written agreements.

We use the following external operators in connection with this service:

Service providers that offer after-school activities as an outsourced service.

Microsoft is the service provider of the Office product family.

Invoicing information is transferred through the Digia interface to the City of Espoo’s JoTo management and financial management information system.

The school administration system Primus-Wilma is provided by Visma. The Trimble Locus Cloud geographic and population information system is provided by Trimble. 

The provider of the Hertta system in the City of Espoo’s OmaEspoo service portal is Sofigate.

Data and documents are disclosed to the person requesting them in accordance with the Act on the Openness of Government Activities. Information and documents are public unless specifically defined as confidential under law.

The disclosure of public information from a personal data register controlled by an authority is based on section 16, subsection 3 of the Act on the Openness of Government Activities. According to this provision, the party requesting access must have the right to record and use such data. Personal data can only be disclosed following a detailed request for data (Act on the Openness of Government Activities, section 13, subsection 2).

The City of Espoo aims to ensure, by default, that your personal data is processed within the EU/EEA. However, some services and functions may involve the use of service providers, services, or servers located outside this area. As part of the provision of this service, data is transferred to the United States.

Espoo is committed to complying with the criteria set by the General Data Protection Regulation (GDPR) for the transfer of personal data and has in this service ensured an adequate level of protection for your personal data in accordance with data protection legislation.

Microsoft workspaces are stored within the EU. Microsoft operates and develops Office 365 services from locations outside Europe, and data is considered to be transferred outside the EU if, for example, an administrator establishes a remote connection from the United States to a data centre in Europe, for example to solve a technical problem. In these circumstances, a European Commission-approved basis for transfer applies. The basis for the transfer is the European Commission’s adequacy decision on US data protection. The recipient of personal data is committed to the EU-US Data Privacy Framework.

The General Data Protection Regulation of the European Union guarantees you various rights in terms of the processing of your personal data. You can read more about your rights and how to exercise them on the City of Espoo website: Data protection | City of Espoo

City of Espoo

If you have questions or need more detailed information on the processing of personal data, you can contact the contact person of the register:

Miia Loisa-Turunen, Education Support Manager

Ida Stolt-Haglund, Development Manager

Email: firstname.lastname@espoo.fi

Tel. +358 9 81621 (switchboard)

Data Protection Officer of the City of Espoo

Address: P.O. Box 12, 02070 City of Espoo

Tel. +358 9 81621 (switchboard)

Email: tietosuoja@espoo.fi

Change history

2 June 2025: The text under ‘Non-collection or reduction of client fees’ was updated.

15 August 2025: The reform of support for learning, which entered into force on 1 August 2025, was taken into account.

25 May 2026: The privacy notice was transferred to the city’s new template and updated and clarified, mainly