Privacy Policy


  1. Registrar
    Municipality of Isojoki
    Teollisuustie 1, 64900 Isojoki
  1. Contact person for data protection and information security matters
    You can find the contact person for individual registers in the respective register description.
  2. Register descriptions and data subjects
    Below, we will provide the data protection descriptions for the registers of isojoki municipality. Each description contains the following information:

Contact person to whom you can address matters related to the register in question
How do we use your personal data?
What personal data do we collect?
From which sources do we collect personal data?
On what basis do we process your data?

  1. Will your data be transferred or disclosed?
    Generally, your personal data is processed only by the personnel of our municipality in their work.

In some cases, your information may be confidentially disclosed to our trusted partners or subcontractors who process personal data under a written commission agreement. These may include data storage services such as data centers and cloud services, suppliers of our IT systems, accounting services, and other outsourced external services.

Our subcontractors and partners process personal data in accordance with our written instructions and only for agreed, lawful purposes.

  1. Will your data be transferred outside the EU or EEA?
    Generally, we do not transfer your personal data outside the EU or EEA.

The website analytics service we use (Google Analytics) may transfer analytics data outside the EU. However, Google is committed to the Privacy Shield framework, which ensures an adequate level of data security approved by the European Commission.

  1. How long will your personal data be retained?
    We only retain your personal data for as long as necessary. The retention period is determined by the retention periods of the documents. Other legislation related to the document also affects this.
  2. How is your information protected?
    We respect the confidentiality of your personal data.

Personal data is protected from external access by firewalls, antivirus programs, personal user IDs, and passwords. Access to personal data is limited to authorized personnel whose job duties require the processing of personal data. We only disclose personal data confidentially and on a limited basis to our contractual partners, such as subcontractors. Our contractual partners must commit to implementing sufficient data security and processing personal data in accordance with all applicable laws. Data processors are bound by confidentiality obligations.

Our website uses TLS-encrypted HTTPS connections, ensuring that all personal data in electronic form is secure. You can recognize this by the green lock icon on the left side of the address bar in your browser.

Manual materials are stored in locked cabinets and are accessible only to authorized personnel who need to handle them due to their positions. Access to data on network drives is granted based on the roles required for job tasks.

  1. How do we use cookies?
    Cookies are small text files that are automatically saved on your computer/device when you visit different websites. Our web service uses cookies to provide our service as user-friendly and high-quality as possible. If you do not want the web service to collect data through cookies, you can disable cookies (most web browsers allow disabling cookies).

We may use cookies to improve and analyze our services and website usage (Google Analytics), as well as for targeted marketing and optimization. Through traffic monitoring on the website, we improve our website to provide users with a better browsing experience. You can prevent Google Analytics from collecting information about you by learning more on Google’s website. However, please note that this may disrupt the functioning of the web service

  1. What rights do you have?

9.2 Right of access to information (right of inspection)

You have the right to know what information about you is stored in the personal data register. You can request access to your information from us in the manner described in this statement.

9.3 Right to request correction or deletion of information (right to be forgotten)

We will remove, correct, or supplement information that is erroneous, unnecessary, incomplete, or outdated for the purposes of processing, either on our own initiative or at the request of the data subject.

9.4 Right to restrict processing

The data subject has the right to request the active restriction of the processing of their personal data, for example, when disputing the accuracy of their personal data and requesting correction or deletion. In such cases, the respective personal data may only be stored and not otherwise processed. Restriction of processing is ensured through technical measures.

Before the restriction of processing is lifted, we will notify the data subject.

9.5 Right to object to the processing of personal data

You have the right to object to the processing of your personal data to the extent that there is no significant reason for the processing that overrides your rights or the processing is not necessary for the handling of a legal claim.

9.6 Right to data portability

To the extent that the data subject has provided data to the register themselves, which is processed based on the data subject’s consent or mandate, the data subject has the right to receive such data in a machine-readable format and the right to transfer this data to another data controller.

9.7 Right to withdraw consent

If personal data is processed based on the data subject’s consent, the data subject has the right to withdraw their consent by notifying us. You can withdraw your consent as described in the section ”Requests regarding rights” of this statement.

9.8 Right to lodge a complaint with a supervisory authority

The data subject has the right to lodge a complaint with the competent supervisory authority if the data controller has not complied with applicable data protection regulations.

  1. Requests regarding rights

Inquiries and requests related to the register can be submitted either in person by presenting identification or by sending an email to the contact person mentioned in the register description. We may contact you by phone if necessary to verify your identity.

You can pick up the requested information from the municipality’s office building. Please be prepared to present your identification at this stage as well.

We will respond to requests within one (1) month from the date of the request, unless there are specific reasons to extend the response time. We may also refuse to fulfill your request on the basis provided by applicable law.

The exercise of these rights is generally free of charge.

  1. Changes to the privacy policy
    We reserve the right to update or modify this privacy policy at any time to reflect changes in our practices or legal obligations. Any updates or modifications will be effective immediately upon posting the revised privacy policy on our website. We encourage you to review this policy periodically to stay informed about how we protect your personal data.