Privacy notice Asiointi.fi Store

Processing of personal data, Asiointi.fi Store

Date of publication: 2 May 2024 

City of Espoo

Manager of the Building Control Department Jari Saajo, tel. 09 8162 5300, rava.kirjaamo@espoo.fi

Geographic Information Unit: Property engineer Anne Kiijärvi, anne.kiijarvi@espoo.fi

Information on soil and geotechnical investigations: Matti Kaurila, geo@espoo.fi

Street plans: Guillermina Sanchez-Yarza, suunnitelma.arkisto@espoo.fi

Construction drawings and extracts from the building and dwelling register (RHR): Jani Salminen 09 81625300, rava.kirjaamo@espoo.fi 

Maps: Ilari Issakainen, karttatilaus@espoo.fi

Geotechnical investigations and soil maps: Roosa Kortelainen, geo@espoo.fi

Street plans: Guillermina Sanchez-Yarza, suunnitelma.arkisto@espoo.fi

Tel. 09 816 21 (switchboard)

Data Protection Officer of the City of Espoo

Address: P.O. Box 12, 02070 City of Espoo 

Tel. 09 816 21 (switchboard)

Email address: tietosuoja@espoo.fi

The purpose of the register is to provide an online store. The store allows users to create their own accounts, through which they can manage their orders. Multi-factor authentication (MFA) is available to the users of the service. The service can also be used without a username. The use of the service is monitored, reported on and developed with the help of application and server logs.

Article 6(1)(a) of the General Data Protection Regulation of the European Union: the data subject has given consent to the processing of his or her personal data for one or more specific purposes.

The store can be used with or without a username. The register may include the following data provided by the data subject:

• Name (all users)
• Email address (all users)
• Password (users with a username)
• Telephone
• Street address
• Postal code
• City/town
• Orders made by the user

PUBLIC ACCESS TO AND CONFIDENTIALITY OF DATA:

As a rule, the data is not confidential.

GROUNDS FOR CONFIDENTIALITY:

Based on the Act on the Openness of Government Activities if data is confidential.

The regular source of data is the information provided by the users of the online service.

The service can be used without authentication. In other words, users do not have to provide their contact information.

Personal data may be disclosed to authorities and other parties defined by law to the extent permitted and required by law. Data may be disclosed to the controller’s service providers, with whom an agreement has been concluded on the implementation of services belonging to the controller. The publicity of information provided to the authorities is determined in accordance with the Act on the Openness of Government Activities or any special laws.

Data will not be transferred.

Data is stored until the matter in question has been processed and the data is no longer necessary for the controller or the user of the service.

If the username of a registered user is not used for two (2) years, it will be deleted. The data of an unregistered user is also erased after two (2) years.

The IT equipment is located in protected and supervised premises. The register is stored in a database, and the data can only be accessed by the main users of the system. Each person processing the data must accept the user agreement and non-disclosure agreement concerning the data and the information systems.

Further instructions on submitting information requests referred to in the General Data Protection Regulation: www.espoo.fi/en/city-espoo/data-protection#section-7317

You have the right to obtain from the data controller a copy of the personal data that is subject to processing. The data controller must provide the data without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests.

If the controller does not take action on the request of the data subject, the controller must inform the data subject without delay, and at the latest within one month of receipt of the request, of the reasons for not taking action and of the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.

Requests from the data subject and any resulting actions are free of charge. However, where requests from a data subject are manifestly unfounded or excessive, in particular because of their repetitive character, the data controller may either charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested, or refuse to act on the request. 

You have the right to have inaccurate, incomplete, outdated or unnecessary personal data that we store either rectified or completed by us.

You have the right to have the data controller erase your personal data without undue delay under certain conditions. The data subject does not have the right to erasure if the processing of data is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. In these cases, the data will only be erased after the statutory time limit.

If the data concerning you is inaccurate, you have the right to request that its processing be restricted until its accuracy has been verified.

You have the right to lodge a complaint with a supervisory authority if you feel that the processing of your personal data is in infringement of data protection legislation. You can lodge a complaint with the Office of the Data Protection Ombudsman: www.tietosuoja.fi(external link, opens in a new window)

The service uses cookies. A cookie is a small text file sent to and stored on a user’s computer. It allows the website administrator to identify frequent visitors to the website, makes logging in easier for visitors and enables collecting aggregate data on visitors. This information makes it possible to continuously improve the contents of the website. Cookies do not cause damage to the users’ devices or files. With the help of cookies, each user can be provided with information and services based on their individual needs.

If the user does not want the service to collect the above-mentioned information through cookies, most browsers allow users to disable cookies. However, it should be noted that cookies may be required for the proper functioning of certain maintained websites and services.