;

MAASTOTIEDONKERUU – PRIVACY STATEMENT

 MAASTOTIEDONKERUU - PRIVACY STATEMENT 

(General Data Protection Regulation (EU) 2016/679, articles 12-14) 

This privacy statement explains how Fingrid Oyj processes personal data concerning the management of customer relationships within the Maastotiedonkeruu application that is part of Fingrid’s Verkkokartta web map platform 

1. Contact information for the Registrar 

Fingrid Oyj, Data Protection Officer 

Läkkisepäntie 21 

00620 Helsinki 

PO Box 530, 00101 Helsinki 

Fingrid Oyj - telephone switchboard +358 (0)30 395 5000 

2. Person in charge of register matters

Data Protection Officer Niko Tuononen

E-mail: DPO@fingrid.fi   

3. The purpose of and grounds for personal data processing  

The processing of personal data and data from users' devices is based on the legitimate interest of Fingrid or a third party. Personal data is used to collect observations and notifications regarding the transmission grid as well as to process those observations. In addition, personal data is processed to ensure the operation, development and security of systems. 

4. Personal data to be processed 

Personal data processed is: 

- User’s name 

- User Id 

- Company 

- Email 

- User Group 

- Log in times  

- Observation’s maker 

- Timestamps for observations 

- Location of observation 

In addition, unique identifiers and location information shared by the user with the Maastotiedonkeruu are collected from users' devices. The application presents data stored in Fingrid's spatial information system and asset management system. 

5. Regular data sources  

 Personal data is obtained from Fingrid's internal user management system, from the partners who use the application and from the registered self.  

6. Regular assignments of data  

The information collected by the app is handled by the Fingrid’s partners providing app development and maintenance. 

7. The transfer of data outside the EU or EEA 

Data in a register may be transferred outside the area of member states of the European Union or the European Economic Area, if this is necessary in terms of the purposes of processing the above-mentioned personal data or of the technical execution of the data processing. In that case, the transfer of the data complies with the requirements stipulated in the EU Data Protection Regulation. 

8. Data protection 

Data is protected by appropriate technical and organizational measures. The paper material is stored in a locked state. Electronic material is protected by technical measures and access to the systems is granted only to those persons for whom it is necessary for their work or function. Fingrid's personnel are bound by professional secrecy. Staff are trained and instructed in the lawful processing of personal data. 

External data processors are also required to have adequate technical and organizational protection measures as well as a commitment to confidentiality. 

 9. Time for storing data 

Data is processed and stored for the period of time necessary for accomplishing the original purpose or legal obligations.  

 10. Rights of the data subject 

The data subject has the right to request access from the Registrar to personal data concerning him/herself, the right to request correction of his/her personal data, a limitation on processing and, in certain situations, also to receive the data he/she has given in machine-readable form. 

The data subject has the right to have his/her data removed, insofar as the processing of the data is based on the consent of the data subject, or if the personal data is not required for the purposes described in Section 3. There is no right to the removal of data if Fingrid has a statutory obligation to keep the data, or if Fingrid needs the data to prepare, present or defend a legal claim.  

A data subject may use his/her rights by contacting: 

Fingrid Oyj / Niko Tuononen

PO Box 530, 00101 Helsinki 

 

E-mail: dpo@fingrid.fi 

11. Automatic decision-making and profiling 

The Registrar does not make decisions based on automatic processing. 

 12Making a complaint to the supervisory data protection authority 

If a data subject considers that the processing of his/her personal data breaches applicable legislation, or his/her statutory rights have been infringed, he/she may make a complaint about the matter to the Data Protection Ombudsman whose contact information can be found at the following address: http://www.tietosuoja.fi/en/