Privacy Statement / Online Service

The Controller

Municipal Government, the Municipality of Sipoo
Lukkarinmäentie 2, PO Box 7, 04131 Sipoo
Switchboard +358 9 23531

Person in Charge of the Register

Administrative Manager

Contact Person for the Register

Information Officer

What Kind of Data Concerning You is Processed, and On What Grounds?

Cookies are small data files that your browser places on your computer when you visit a website. Cookies do not harm the computer or the files on its hard drive. The primary purpose for the use of cookies is to improve and personalize a visitor’s user experience on our website as well as to analyze and improve the functionality and content of our site.

Cookies are collected to follow up with and calculate website visits and other traffic. For example, the following information can be collected with the help of cookies: from which site you came to this address, which www sites on the online service you visit and when, what kind of browser you use, the resolution of your screen and your operating system, and the IP address to your computer, that is, which Internet address the information you send originate from and where they are received.

The user is given a possibility to prevent that their user information is transferred to the service by approving the use of necessary cookies only. By disabling the cookies, the user simultaneously approves that some parts of the online service may not function properly.

The municipality of Sipoo website uses two analytics tools provided by an outside service provider; Siteimprove Analytics and React & Share.

The municipality uses the information provided by the service providers to collect and compile statistics for example on overall website visits, average time spent on the website, and the most popular subpages, and to collect anonymous client feedback. This information is used to develop the website and municipal functions and services.

Information collected with cookies is transferred to an outside service provider whenever the client uses the website services. The outside service provider will then provide the municipality with user information. The municipality is not able to identify separate visitors on the basis of the information above. User data or statistics are not used for direct marketing or transferred otherwise to third parties.

Outside service providers may transfer data to third parties whenever they are obliged to do so according to the law, or in cases where the third party processes the information on the behalf of an outside service provider.

The client cannot erase user data that has already been transferred to an outside service provider. However, the client can prevent the transfer of their user data by approving only necessary cookies.

The website uses forms to collect personal data about the clients. This data is stored in a client register. The information is processed in order to meet the requests made by the person (client) filling in the form, to answer messages left using the service contact forms, and to contact persons who have submitted these messages. Data is stored with the user’s consent.

The online service includes content produced by outside service providers. These include embedded contents (maps, videos, content on social media channels). Privacy protection on these channels and in these services is on the responsibility of their producers and owners.

The users can copy a link address to any separate web page on the site and share in on social medial channels (for example Facebook, Twitter, Instagram, WhatsApp) by using the push buttons on the site. Personal information is not included to these addresses, nor transferred to social networking services.

The online service may include web feeds and links that belong to third parties and lead to their sites. By clicking these links leading to sites operated by any of these third parties, you will leave the services provided by the municipality of Sipoo. The municipality of Sipoo is not responsible for the function or contents of such websites, nor for the processing of personal information collected by these sites or any damages caused by the use of these sites. We recommend that you read the user terms and conditions for these sites carefully.

What Kind of Personal Data Do We Process?


  • Data Collected on Website Use and Browser Activity
  • The website from which the user transferred to our site; model of the device; individual device and/or cookie identification; data collecting channel (Internet browser, mobile browser, application); browser version; IP address; Internet service provider; session identification; session time and duration; screen precision, and the operating system.
  • Observed users are most often identified with cookies or some other similar means of identification.
  • Location data, such as coordinates calculated on the basis of GPS or WLAN contact points or mobile network base stations, whenever the user has specifically agreed on use of this data.

Personal information requested in the forms (name, email address, telephone number, other free-form information)

Who Has the Right to Process Your Data?

Your data is processed only by persons who on the grounds of their job prescription are entitled to do so. All digital data is stored in systems protected with appropriate security mechanisms. Only persons authorized by the data controller have access to the data. The register does not include manual data.

Which Sources Do We Use to Obtain Personal Data?

Personal information is obtained from the persons themselves. Personal information collected via forms is submitted by the persons themselves.

Does the Municipality Transfer the Data to Third Parties?

We will disclose personal data only to the extent that third parties need access to the personal data we are processing in order to provide services to the municipality of Sipoo for the purposes defined by this privacy statement.

Is Your Data Transferred Outside the EU or the EEA?

The municipality of Sipoo aims to implement services and process personal data utilizing operators and services within the EU and EEA. However, the municipal services may in some cases be implemented by utilizing operators, services and servers located elsewhere, and in those cases, your personal data may be transferred between countries. Such transfers may include disclosures of personal data outside the EU and EEA to countries where personal data processing legislation differs from the requirements of Finnish legislation, such as the US.

Does the Processing Include Automated Decision-Making or Profiling?

The processing does not include automated decision-making or profiling.

For How Long Is Your Data Stored?

The online service uses both temporary and permanent cookies. Temporary cookies are stored in your device during your browsing session only. They disappear when you shut down your browser. We also use permanent cookies. They are stored for a longer, predetermined time.

Data collected and stored in the personal information database is stored only for as long as it can be deemed necessary considering the predefined basis for the personal data processing in question.

How Do We Protect Your Personal Data?

Your personal information may be used only for the purpose for which it was collected. The contents of the register are protected from unauthorized actors in a variety of ways. The protection includes:

  • Safe and secure locations and data systems
  • Processing of all personal data is planned beforehand
  • We make sure that all personnel who process the data has the necessary skills, and all contractual means are discussed with persons processing the data
  • Your data is always processed in a secure environment
  • All devices and software used by the municipality of Sipoo are protected according to data security requirements defined by the municipality of Sipoo and our service providers
  • The employees’ access rights to the data are limited to the extent required by their job prescription, and they use personal user names and passwords to log in to each system
  • The municipality of Sipoo supervises the access rights, and all passwords are changed regularly
  • A person’s access rights are erased at the end of their employment relationship
  • All paper documents are stored in locked and secured premises, and archived according to the Finnish Archives Act and Archives Decree in folders especially reserved for this purpose
  • Data is stored only for as long as specified in the law, and erased when it is no longer necessary