Finland

Summary

Law: The Data Protection Act (1050/2018) (the Data Protection Act) and the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR)

Regulator: Office of the Data Protection Ombudsman (the Ombudsman)

Summary: Finland implemented the GDPR in 2019 through the Data Protection Act (the Act) which entered into force on January 1, 2019, and repealed the old Personal Data Act (523/1999).

In addition, the GDPR has led to amendments to other legislation regarding the processing of personal data such as the Act on the Protection of Privacy in Working Life (759/2004) as amended in 2019, the Criminal Code (39/1889) (the Criminal Code), the Act on Enforcement of Fines (672/2002) (only available in Finnish here), and the Act on Grey Economy Information Unit (1207/2010) (only available in Finnish here).

The Office of the Data Protection Ombudsman (the Ombudsman) acts as the Finnish supervisory authority about the GDPR and its supplementing legislation. The Ombudsman has published guidance as it relates to data breach notification obligations and has been active in imposing fines and corrective actions for GDPR violations.

Browse more content in Finland

All Guidance Notes

All News

All Insights

News

20 November 2024

Finland: Ministry of Transport and Communications publishes press release on national implementation of Cyber Resilience Act

18 November 2024

Finland: Ombudsman fines Posti €2.4 million due to unlawful processing of personal data

13 November 2024

Finland: Ombudsman adds frequently asked questions about healthcare data

02 October 2024

Finland: Ombudsman orders mobile phone operator to provide mobile phone subscription data

01 October 2024

Finland: Ombudsman requires Tax Administration to update access request practices

14 August 2024

Finland: Ombudsman publishes 2023 activity report

19 June 2024

Finland: Ombudsman publishes DPO guidance

02 April 2024

Finland: Ombudsman publishes its inspection plan for 2024

21 March 2024

Finland: Supreme Administrative Court orders Google to remove search results

18 March 2024

Finland: Ombudsman fines Verkkokauppa.com €856,000 for GDPR violations

29 January 2024

Finland: Administrative Court upholds decision of Ombudsman for processing of health data

28 December 2023

Finland: Ombudsman announces updates to data privacy legislation

Insights

June 2023

Finland: Cybersecurity

September 2021

Finland: Key takeaways from the TRAFICOM revised guidelines on cookies and similar tracking technologies

The Finnish Transport and Communications Agency ('TRAFICOM') announced, on 13 September 2021, that it had published, after a period of public consultation, its finalised guidelines on cookies and other similar tracking technologies¹ ('the Guidelines') for service providers. In particular, TRAFICOM noted that the purpose of the instructions given in the Guidelines is to promote the implementation of confidentiality and good practices in the storage and use of cookies and other similar tracking technologies. However, TRAFICOM stated that the purpose of the Guidelines is not to oblige service providers to use certain technologies, but to instruct them to act as required by law with respect to the storage and use of cookies and other data concerning the use of the service, consent to cookies, and information about cookies. In this insight, OneTrust DataGuidance outlines the key information provided in the Guidelines.

Finland

Summary

Browse more content in Finland

News

Insights

Get the Latest News

Thanks for signing up!

Company

Our Policies

Your Rights

Follow us