Data permission
A data permission is the Incomes Register Unit’s decision on what data can be transmitted and disclosed from the Incomes Register to each data user. Only an organisation or public authority that has the right to receive data from the Incomes Register under the Incomes Register Act may receive data permission.
A separate data permission decision is made for each organisation entitled to data permission. It defines what information the representatives of the organisation may retrieve and view, and to what extent.
The data permission must be changed if the Incomes Register’s data content is changed so as to affect data permissions, such as new income types are added. Usually, data content changes are made once a year, and often because the legislation that regulates the use of the Incomes Register’s data is amended.
Data users always need data permission for the use of the Incomes Register
The use of the Incomes Register’s data is subject to a valid data permission. The granting of data permission is always preceded by a dialogue between the Incomes Register Unit and the organisation applying for the permit.
The data permission consists of an administrative decision and attachments to the decision, defining the organisation’s data access profiles, data user roles and services. The data access profile is an accurate description of what individual data can be disclosed to a data user and for what purposes.
Data users can retrieve data through the interface or the e-service. Most data users use the Incomes Register interfaces.
You can use the interface to retrieve data from the Incomes Register to your software. Your organisation will be identified by a certificate installed in the software.
Read more about interfaces on the website of the software developers
The implementation of the data permission triggers a certificate subscription for the data user
- Consult the supplier of your customer payment or other software on how to implement the interface and how to apply for a certificate for the system. Agree upon tasks and procedures with your software supplier.
- Agree on data permission with the Incomes Register Unit. Submit a report concerning the use of the technical interface using the user organisation's form 'Report by the Incomes Register data user for data permission purposes', and accept the certificate's terms and conditions of use. The implementation of the data permission triggers a certificate subscription.
- Retrieve the certificate yourself or in co-operation with your system supplier. Retrieving certificates requires technical skills. You can then start using the Incomes Register's technical interface.
For instructions on retrieving a certificate, see the Tax Administration’s website
Certificates are issued in accordance with the purpose of use
Data user's certificate is issued to an organisation that has the right to receive data from the Incomes Register. The Tax Administration’s certificate service issues the certificate.
If your organisation also reports data to the Incomes Register, it needs a specific data provider certificate for reporting the data. Request a data reporting interface and certificate from the Tax Administration’s certificate service.
As data users need data permission in addition to the interface, you cannot submit an application for the data user’s interface in the certificate service. When your organisation has a valid data permission and an interface for using the data, you can use the service to order additional certificates for that interface.
The use of the e-service is agreed upon when applying for data permission. We recommend that data users primarily retrieve and view the data using the interface.
Representatives of a data user identify themselves in the Incomes Register’s e-service with personal online banking codes, a mobile certificate or a certificate card.
You can only use the service on behalf of a data user if you have been authorised by your organisation’s master user to act as a data user.
Data users do not use the Suomi.fi authorisation. Instead, the main user of each organisation grants the authorisations in the Incomes Register’s e-service. The main user is also responsible for the maintenance of the granted authorisations.
No production data permission is required to test the Incomes Register.
Data is only disclosed on the basis of valid data access rights based on law and only to parties defined in the act on the incomes information system (laki tulotietojärjestelmästä 53/2018).
Data access profiles define the data disclosed to organisations by group in accordance with different purposes and situations of use. Only data that is necessary by law in the case at hand or the task being carried out can be disclosed at each time.
The access rights of organisations’ employees are limited in the Incomes Register’s e-service by means of data user roles.
One or more data access profiles of the organisation have been attached to each role. The roles are intended for different work-related tasks, and they can be used to view different data and make searches using different search terms. A single person may have several different roles.
The data access profile and the user’s role together define what data is shown to the person and what search terms can be used to search for data. Log data is generated on users’ activities in the e-service, using which organisations can monitor the use of the Incomes Register’s e-service in their organisation. Log events are generated, for example, when a user logs in to the Incomes Register or attempts to log in, and when they search for or view data.
To get online banking codes you must sign an agreement with your bank. Note that only personal online banking codes enable you to log in to our e-services.
You can identify for the e-service with the online banking codes of the following banks:
- Osuuspankki
- Nordea
- Danske Bank
- Handelsbanken
- Ålandsbanken
- S-Pankki
- Aktia
- POP Pankki
- Säästöpankki
- Oma Säästöpankki
A mobile certificate is an identifier in your mobile phone’s SIM card.
More information on the website mobiilivarmenne.fi
A certificate card is an ID card containing a citizen certificate or an organisation card containing an organisation certificate. ID cards are issued by the police, whereas organisation cards are issued by the Digital and Population Data Services Agency.
In order to identify with a certificate card, you need a card reader and card reader software.
Page last updated 10/24/2024