Processing of personal data in the Tax Administration’s certificate service

The Tax Administration 
P.O. Box 325, FI-00052 VERO 
Telephone +358 29 512 000 (switchboard)

Street address: 
Registry  
Vääksyntie 4, Helsinki 

Noora Kontro

Taito von Konow

P.O. Box 325, FI-00052 VERO 
Telephone +358 29 512 000 (switchboard)

Personal data is processed in order to identify an individual data subject for giving them an authorisation for using the certificate service relating to the Tax Administration’s, the Incomes Register’s or the Positive credit register’s APIs. Personal data may also be processed for purposes of monitoring, when the Controller needs to examine the integrity of submitted data or when the Controller needs to prevent, examine or stop any abuse connected to data reporting.

The Tax Administration also uses personal data for identifying contact persons in companies that use certificates.

Data on the contact persons/authorised persons of companies and organisations that submit applications for a certificate

• Name 
• Email address
• Telephone number
• Personal identity code
• Personal data received via eIDAS authentication

Personal data is forwarded and disclosed to parties that use it for other purposes only in circumstances laid down in law. Under provisions of law, personal data can be forwarded and disclosed to public authorities and to other parties who are legally entitled to it.

Data will not be disclosed to third countries.

Personal data saved in the certificate service is stored for varying periods depending on when the certificate expires and on the needs for storing event log information.  

A certificate is valid for two years at a time. After expiration of a certificate, the associated personal data is deleted when five (5) years have elapsed from the start of the calendar year that followed the year when the certificate expired. Information is stored after expiration in order to facilitate investigation of any crimes that may be committed with certificates.