Controller
Kela (Kansaneläkelaitos) - Social Insurance Institution of Finland
Nordenskiöldinkatu 12, FI-00250 Helsinki
P.O. Box 450, FI-00056 Kela
Tel. 020 634 11
Controller's contact person
Customer enquiries about the MyKanta application’s data file(s) can be directed to Kanta Services customer support at asiakaspalvelu@kanta.fi.
In matters concerning the rights of data subjects, please email your enquiries to the Kanta Services’ Data Protection Officer at tietosuoja@kanta.fi.
Name of data file
Data files for the MyKanta application
The purpose of and basis for the processing of personal data
Kela processes personal data in accordance with the EU General Data Protection Regulation and other laws regulating the processing of personal data.
Under section 65 of the Act on the Electronic Processing of Client Data in Healthcare and Social Welfare (703/2023), Kela is responsible for the technical provision and maintenance of the citizen's user interface (hereinafter referred to as MyKanta). Kela is the controller of the log data, the user and device register and the related log register of the MyKanta application (hereinafter “application”).
The user and device register and log data start to accumulate when a user deploys the MyKanta application. The first time you access the application and then every year, you will need to use strong authentication using the Suomi.fi identification service with your online banking codes, a certificate card or a mobile certificate. The Digital and Population Data Services Agency is responsible for the joint Suomi.fi identification service for public administration e-services. Data on Suomi.fi login and use of the application is recorded for the following reasons:
- Information about the user and their device is automatically added to the user and device register when a person uses the application. The data is used to identify the user of the application and to identify and manage the mobile devices used by the person on which the application has been enabled. The user can delete device information in the register themselves through the device manager in the MyKanta application. If the device manager is not available, in urgent situations the user can request the deletion of data by calling Kela’s technical support (for example, if the device has been stolen). If the user deletes the last device from the register, the user data will be automatically deleted. Unless the user deletes the data themselves, it will be retained for up to four years from the last time the application is used.
- User and device register log data are used to verify who has added, deleted or modified information in the user and device register. The retention period for log data is 12 years from the date of their creation.
- Every time a user authenticates and logs in to the application, information is stored in the data file for log data. The data makes it possible to, upon request, ascertain who has logged in to MyKanta, when, and from which IP address. In accordance with the Client Data Act appendix on the retention period for log data, the retention period is 12 years from the creation of the data. The data retrieved from the Population Information System contained in the log data are stored for five years, after which the data are destroyed (section 20 of the Act on the Population Information System and the Certificate Services of the Digital and Population Data Services Agency 661/2009).
The data on the data files described above are also used to compile user statistics and to resolve problem situations (such as security-related issues, in which case Kela must verify the user data for the service). This data is processed only to the extent required by the statutory tasks of the controller and administrator.
Content of the data file
The user and device register of the MyKanta application contains the following information about the user and the user’s device:
- Information about the user
- user’s first and last name
- user’s personal identity code
- creation time of user registration
- Information about the device
- unique device identifier
- device user identifier
- name of the device
- alarms allowed / prohibited
- language of the triggers
- last time the application was used on the device
- date when the application was installed on the device.
The user and device register log data contain the following information
- Type of change to the user and device register (such as deletion of a device)
- Device identifier affected by the change
- Personal identification code or identifier of the person making the change
- Information on whether the change has been made by the user in the MyKanta application
- Date of the change.
The data file for log data contains the following information
- The logged in user’s personal identity code
- Time of login
- IP address
- Timestamp
- Authentication method
- Data on whether the login has taken place in the MyKanta application
- Data retrieved from the Population Information System (retained for 5 years)
- domicile (permanent place of residence)
- name.
Regular sources of data
Data for the user and device register and the data file for log data is obtained from the Suomi.fi identification service and from the user’s device when the user activates the application and authenticates themselves in the application. When authenticating, the citizen chooses the authentication method/certificate and agrees to transmit their personal identity code, first name, surname and municipality of residence to the application in the Suomi.fi identification service. The name and municipality of residence are data transmitted by the Population Information System of the Finnish Digital and Population Data Services Agency. The data from the Suomi.fi identification service are updated in the register with each strong authentication that the user makes in the application after the application is activated.
The information on the authorisation of triggers and their language is updated in the register according to the choices made by the user in the application.
The last time the application was used is automatically updated in the register when the user uses the application.
Regular disclosure and transfer of data outside the EU or the European Economic Area
No regular disclosure. No data will be transferred outside the EU or the European Economic Area.
Principles of data file security
Organisational principles of protection
Kela shall have a data security plan in place to ensure data protection and data security. Kela shall have a named data protection officer.
Kela shall provide written instructions on the processing of data file data and the procedures to be followed, and ensure that personnel have sufficient expertise and capabilities to process client data as part of their operations.
Kela must take the necessary measures on its own initiative if someone has unlawfully viewed, used or disclosed data in the MyKanta application.
Principles of technical protection
Viewing, processing or otherwise managing data in the MyKanta application requires strong authentication of each individual processor as well as access rights management associated with the system. The Digital and Population Data Services Agency is responsible for identification and certificate services.
Log data on the processing of data is stored in the user and device register’s log.
Kela has statutory and necessary maintenance tasks, and in order to implement these, Kela’s technical administrator has access – restricted by user rights – to the MyKanta application’s data file. Kela is responsible for managing access rights to the MyKanta application.
Principles of physical protection
Data stored in the MyKanta application’s data file is safeguarded by technical means against modification and deletion. Kela’s data centres and the physical locations where data are held are in Finland. Access to the data centres is restricted to Kela’s technical maintenance personnel as required by their duties.
Right to lodge a complaint with a supervisory authority
If a client finds that their personal data have been processed in breach of the applicable data protection regulations, the client is entitled under Article 77 of the EU’s General Data Protection Regulation and Section 21 of the Data Protection Act to lodge a complaint with the competent supervisory authority. In Finland, the supervisory authority is the Data Protection Ombudsman.
Right of access to your data and other rights related to the processing of personal data
In accordance with Article 15 of the EU's General Data Protection Regulation (2016/679), the data subject has the right to access the data stored in the user and device register. The client can also request the log data of the user and device register and the data file for log data from Kela.
A person can act on behalf of an adult by proxy or as a legal representative and request access to the data stored in the user and device register or request log data by submitting a request to Kela. A request for information made by a representative requires that the representative has the right to represent their client in the case in question. Kela will verify the person’s right to receive the data. The disclosure of data may be refused on legal grounds.
A guardian can request access to the data stored in the user and device register of a minor or request log data by submitting a request for data to Kela. Kela will verify the validity of the custody upon a guardian’s request to access a minor's data. The disclosure of data may be refused on legal grounds.
Requests for data on the data file for log data, data stored in the user and device register or log data in the register can be made using the form available at Kela’s customer service points and at www.kanta.fi. It is also possible to submit a request for data by phone or email. Please direct requests to Kela Registry (kirjaamo@kela.fi) or Kela Registry, P.O. Box 450, FI-00056 Kela.
Access to log data dating further back than two years will not be granted without a special reason. The client may not use or disclose the log data received for any other purpose.
The reply to the request will arrive within one month of the request’s receipt for processing at Kela. If, for justified reasons, it is not possible to provide information within this period, the processing of the request may be extended for a maximum period of two months.
The client has the right to receive the same data again if there is a legitimate reason to do so in order to safeguard the client’s interests and rights. Kela has the right to charge a fee to cover the costs of providing data that have already been provided.
Kela’s operations and maintenance of the Kanta Services are based on national legislation. For these reasons, under Article 20 of the EU General Data Protection Regulation, the data subject’s right to data portability does not apply to data stored in the user and device register.