Name of file or set of processing activities
Ministry of the Interior
PO Box 26, FI-00023 Government, Finland
tel. +358 295 480 171
Contact person in matters concerning the file
Name: Maintenance of the Internal Security Portal / Sari Samula, Coordinator, tuovi.sm(at)govsec.fi
tel. +358 29 5488 371
Data protection officer of the controller
tel. +358 29 5488 351
Name of the file
User register of the Internal Security Portal
Purpose of processing of personal data
The registration details of the Internal Security Portal users are needed for managing the portal's client relationships. The user creates a user ID to log into the online service or signs in with an existing social media ID. A registered user may add, for example, an event, project or workspace in the service. The user may also edit the events, projects and workspaces that he or she has added or which he or she has the right to maintain. In addition, the user can comment on content found in the online service.
The Internal Security Portal can use the email addresses of users registered in the service for providing information about matters related to the Portal and for client surveys. The email addresses of those who have subscribed to the Internal Security Portal newsletter are used for sending the newsletter.
If you need more information about the processing of your personal data at the Ministry, please contact the Ministry's Data Protection Officer.
The information sources of the Internal Security Portal are based on information added by the users themselves and on their actions on the Portal.
Content of the file
The data stored in the Internal Security Portal includes:
• User’s first name and last name
• User's email
• User’s education and skills, and organisation
• Projects and events created by the user
• Practices that the user develops
• Workspaces that the user has joined
• Comments added by the user
• User’s picture
• User’s occupation
The data stored on subscribers to the newsletter includes:
• First name
• Last name
• Street address
• Postal code
• Email address
Transfer of data outside the EU or the EEA
Data is not disclosed or transferred outside the EU or the EEA.
Data subjects’ right of access and right to correct inaccurate data
Data subjects have the right to check the data concerning them and to request that the data be corrected. Requests to access the data are made by email to the contact person of the register at [email protected].
The right to correct or supplement data
If you notice omissions or errors in your data, you can ask that they be corrected. In such cases, we will ask you to tell us what information is incorrect and how and why it should be changed, or tell us what information should be supplemented and in what way.
Right to restriction of processing
If you have indicated that your data is incorrect, you have the right to request that its processing is restricted until the accuracy of the data is verified.
Notification concerning the processing of personal data and the right to lodge a complaint with the supervisory authority
If you wish to make a notification concerning a problem relating to the processing of your personal data, you should first contact the representative of the controller (see the contact details above). You also have the right to lodge a complaint about the processing of your personal data with the supervisory authority. In Finland, the supervisory authority is the Data Protection Ombudsman. You can contact the Ombudsman via the website of the Office of the Data Protection Ombudsman at www.tietosuoja.fi.
Erasure of data
At the data subject’s request, the user data may be erased if he or she has not used the service during the last three (3) months. In addition, it may be necessary to erase the data as a result of supervision if the client misuses the service or engages in criminal activity with the help of the service.
Principles of data file protection
The register is not stored as a paper printout.
The user data of the Internal Security Portal is stored in electronic format on the server of the Ministry of the Interior, which is the service provider. The data can only be accessed from the server in question by the technical staff of the technical provider of the service. User passwords are stored in encrypted form so that technical staff or anyone else cannot see them.