Privacy policy for the MyKanta application

This is the valid Privacy Policy for the MyKanta application, updated on 19.8.2025. The application can be downloaded on your phone or tablet from the Google Play or App Store app stores.

Right of access to your data and other rights related to the processing of personal data

In accordance with Article 15 of the EU's General Data Protection Regulation (2016/679), the data subject has the right to access the data stored in the user and device register. The client can also request the log data of the user and device register and the data file for log data from Kela.  

A person can act on behalf of an adult by proxy or as a legal representative and request access to the data stored in the user and device register or request log data by submitting a request to Kela. A request for information made by a representative requires that the representative has the right to represent their client in the case in question. Kela will verify the person’s right to receive the data. The disclosure of data may be refused on legal grounds.

A guardian can request access to the data stored in the user and device register of a minor or request log data by submitting a request for data to Kela. Kela will verify the validity of the custody upon a guardian’s request to access a minor's data. The disclosure of data may be refused on legal grounds.

Requests for data on the data file for log data, data stored in the user and device register or log data in the register can be made using the form available at Kela’s customer service points and at www.kanta.fi. It is also possible to submit a request for data by phone or email. Please direct requests to Kela Registry (kirjaamo@kela.fi) or Kela Registry, P.O. Box 450, FI-00056 Kela.

Access to log data dating further back than two years will not be granted without a special reason. The client may not use or disclose the log data received for any other purpose.

The reply to the request will arrive within one month of the request’s receipt for processing at Kela. If, for justified reasons, it is not possible to provide information within this period, the processing of the request may be extended for a maximum period of two months.  

The client has the right to receive the same data again if there is a legitimate reason to do so in order to safeguard the client’s interests and rights. Kela has the right to charge a fee to cover the costs of providing data that have already been provided. 

Kela’s operations and maintenance of the Kanta Services are based on national legislation. For these reasons, under Article 20 of the EU General Data Protection Regulation, the data subject’s right to data portability does not apply to data stored in the user and device register.

Last updated 20.8.2025