Skip Navigation LinksEducation Statistics Finland > Data protection

Data protection

On this privacy page, you can find information about the privacy statement, cookie settings, and the processing of personal data in the reports of the Vipunen service.

The Vipunen service complies with data protection legislation and processes personal data in accordance with good data management and data processing practices.

Privacy statement for the feedback provider, contact person and newsletter subscriber register of the Vipunen service

1. Data controller              

Ministry of Education and Culture
Registry visiting address: Ritarikatu 2 b, Helsinki
Postal address: P.O. Box 29 FIN-00023 GOVERNMENT
Email address:
Tel. 0295 16001 (switchboard)

2. Contact person for register-related matters

The Data Protection Officer of the Ministry of Education and Culture
Email address:
Postal address: Ministry of Education and Culture, P.O. Box 29 FIN-00023 GOVERNMENT

3. Name of register

Feedback provider, contact person and newsletter subscriber register of the Vipunen service

4. What data do we collect and from which sources?

The processing of personal data is based on a person subscribing to the Vipunen newsletter, contacting the service through the Vipusen palaute email list, or otherwise being involved in the steering and development of the service.

Personal data is collected from the user when they order the Vipunen newsletter, send feedback to the Vipusen palaute email list or register as a contact person in matters related to the service.

The user data we collect consists of:

  • Contact information such as name and email address.
  • Information related to the user's organization, position or title.

5. What purpose is the data collected for?

Personal data is processed for the following purposes:

  • To produce and develop the service and to provide user support.
  • To manage customer relationships and conduct opinion and market surveys.
  • To communicate about Vipunen services, events and current content.
  • To manage user data and login and access log data, to create user statistics, and to manage cookies required by the service.
  • For statistics, analytics and management related to the use and development of the service.

6. Will we disclose your personal data?

The user's data will not be transferred outside the EU unless the user personally approves the transfer of data to a service provider, namely the data selected while using a service.

We ensure that our partners are committed to complying with data protection legislation.

7. Processors of personal data

CSC – IT Center for Science Ltd and its subcontractors (contractually: service development, maintenance and storage)

8. What measures do we take to protect your personal data?    

The only persons authorised to use the systems containing personal data are those employees of our company who have the right to process personal data on the basis of the work they carry out. Each user has their own user ID and password for the systems. The data is collected into databases that are protected by firewalls, passwords and other technical measures. The databases and backups of these databases are located in locked facilities and only previously selected individuals have access to this data

9. How long do we retain your data?

We regularly assess the need for data retention, taking into account applicable legislation. We ensure that personal data is not incompatible, out of date or incorrect with regard to the purposes of processing. Where such data is identified, it is corrected and destroyed without delay.

10. What are your rights as a data subject?

Under legislation, you have the right to be informed about what data we have collected about you. You also have the right to demand that incorrect, incomplete, unnecessary or obsolete personal data be rectified or deleted.

11. Who can I contact?

The controller is the Ministry of Education and Culture. All enquiries and requests regarding this privacy policy should be made to the contact person specified in section (2).

12. Changes to the privacy policy

Any changes to this privacy policy are dated. We will inform you of significant changes by email or with a notification in the Vipunen service.

Privacy statement published/updated 14 January 2021.

Cookie settings

When you visit our website, information about your visit is stored in cookies. A cookie is a small text file that the browser stores on the visitor's device. There are two main types of cookies, session cookies and persistent cookies. Session cookies are removed from your device as soon as you close your browser. Persistent cookies remain stored until they are deleted separately or expire.

Cookies are used to collect metrics and for research purposes in order to study the type and volume of use. This helps us improve the availability of our site and identify the areas of our site users find most interesting. We use Google Analytics to track our website traffic. Cookie data from Google Analytics is stored for 38 months.

We use cookies to:
  • gather information about a visitor by using Google Analytics

The information that Google Analytics cookies store about each visitor include:

  • IP address
  • which site you visit
  • how long you stay on our site; noting the start and end of a visit
  • how you landed on our site
  • which links you click

Under the Information Society Code (917/2014), cookies are used on this website without violating the service user's protection of privacy. Cookies are not used to link website visitors to personal data or contact details. Cookies are not used to examine or copy the visitor's terminal device data. The information collected by cookies is sent back to us without any personal data so that we can track our site usage trends. Users can optionally block cookies in their browser settings. For more detailed instructions on deleting cookies, see your browser's help section.

Optionally, you can block the use of cookies that are not vital for providing the service. You can also block cookies from your browser. For more detailed instructions on deleting cookies, see your browser's help section.

Processing of personal data in Vipunen service reports

The production of the Vipunen service follows the principles and requirements of personal data protection.

Personal data is processed in Vipunen and the statistics compiled on the basis of this data are implemented in such a way that no one's privacy is compromised. Data on persons (statistical units) is not published in an identifiable format.

Charted data regarding persons or households is only disclosed from Vipunen in an anonymised format, even if the data is available in an identifiable format in other sources.

Main methods of data protection

The main methods of data protection in the service include observing threshold values (primarily 5 statistical units) and limiting the number of variables. Some reports are subject to data protection measures. In secure reports, the numbers 1 to 4 concerning persons are displayed as '1–4' and numbers over 4 are rounded to the nearest number divisible by three. Percentages are also calculated with protected numbers. The description of each report indicates whether the report is secured with data protection.

For more information on data protection, see the Statistics Finland website.