Privacy Statements

In accordance with Section 3 of the Act on the Finnish Transport and Communications Agency (935/2018), the task of the National Cyber Security Centre Finland at the Finnish Transport and Communications Agency is to maintain the situational picture of national information security. Pursuant to section 304(1)(7) of the Act on Electronic Communications Services (917/2014), the Finnish Transport and Communications Agency's task is to collect information on data security breaches and threats to online services, communication services, value-added services and information systems, as well as failure and disruption situations of com-munication networks and communication services. For these purposes, the National Cyber Security Centre Finland's data breach notification form collects information about data secu-rity breaches described by the notifiers. In order to implement this collection, it is necessary to process the personal data described in this privacy statement.

According to section 3 of the Aviation Act, Traficom acts as Finland’s competent national aviation authority and is responsible for issuing permits and approvals for tasks that require compliance with the requirements related to background checks.

Personal data is processed in order to organise and manage radio amateur examinations. The Finnish Amateur Radio League (SRAL), which serves as the examiner and processor of personal data, is an approved external examiner.

Personal data is processed for the purpose of carrying out the Finnish Transport and Communications Agency’s administrative tasks as mandated by the Act on Electronic Communications Services (2014/917). This register is used for the following tasks: granting and maintenance of radio licences, maintenance of radio communication proficiency examination information and granting of proficiency certificates, granting and maintenance of telecommunications and programming licences, ensuring efficient and interference-free use of radio frequencies and invoicing administrative fees related to radio communications.

Traficom maintains a register of nominated surveyors, ship measurers and MARPOL surveyors in order to meet its statutory obligations regarding ship surveys, inspections and measurements and the storage of related documentation, as well as to meet the international obligations by which Finland is bound and to carry out other tasks falling within its competence.

Traficom maintains an up-to-date list of authorised road safety auditors, including data on the validity of the authorisations.

Traficom collects the data for the purposes of investigating disturbances (including those related to noise, land use, and possible damage), identifying instances of aviation activity requiring the competent authority to take action, and otherwise fulfilling its statutory duty to oversee aviation activity.

.fi is the country-code top-level domain for Finland and it is administered by Traficom National legislation regulates the registration and use of fi-domain names.

Personal data collected by Traficom in the Agreement data management register is used for communication with partners.

The Finnish Transport and Communications Agency (Traficom) processes personal data in connection with matters concerning passengers’ rights in the EU to comply with its legal obligations.

There are Dream Broker videos embeddings on traficom.fi

Traficom uses the personal data in the stakeholder register to carry out its tasks related to accessibility laid down in the Act on Electronic Communications Services (917/2014). The personal data is used for communication between Traficom and the stakeholders, sharing up-to-date information as well as sending the newsletter.

The 5G Momentum ecosystem is an open forum for information exchange, and personal data is processed in the context of the network for the purpose of sharing information about 5G and news about other new technologies related to it. Personal data is processed in connection with the sending of the 5G Momentum newsletter, invitations to group events, surveys on topical matters or information on topical matters related to 5G to members of the network. 

Traficom’s service area Digital Connections processes the personal data of representatives of stakeholders included in the stakeholder register insofar as these persons are members of one of Traficom’s stakeholders. The personal data is processed for the purpose of managing relations with stakeholder representatives and engaging in cooperation related to Traficom’s statutory duties.

Customers can contact the Agency's service provider via customer contact forms for matters concerning driving licences and road transport personal licences to enquire about driving examinations, driving licences, personal licences for road transport and professional qualifications.

Traficom’s National Coordination Centre processes the personal data of representatives of stakeholders included on the membership list insofar as these persons are members of one of Traficom’s stakeholders. The purpose of the processing of personal data is maintaining contact and engaging in cooperation with different stakeholder representatives.

Real-world representative information in accordance with the Commission Implementing Regulation (EU) 2021/392 is collected regarding passenger cars and light commercial vehicles in connection with their roadworthiness testing. The vehicle identification numbers and registration numbers are the personal data collected in this context.

A company engaged in general telecommunications, pay-television service operations, broadcasting operations, on-demand programme service operations and the provision of a videosharing platform service must submit a notification to Traficom before starting operations. The obligation to notify is prescribed in Section 4 of the Act on Electronic Communications Services (917/2014). According to Section 5 of the Act, the Finnish Transport and Communications Agency maintains a public list of notifications referred to in Section 4. According to Section 4 of the Postal Act (415/2011), a company engaged in postal operations must notify Traficom before starting operations.

Personal data is used to manage the administrative tasks of the Finnish Transport and Communications Agency prescribed by the Act on Transport Services (320/2017) and the Finnish Transport and Communications Agency's regulation for Demand and supply data for passenger transport services and price data for taxi services.

The privacy statement will soon be published in English. 

The personal data are used for the performance of the Finnish Transport and Communications Agency’s official duties related to licence and supervision matters as laid down in the Act on Earth Stations and Certain Radars.

The aid granted by Traficom in accordance with the Act on Broadband Construction Aid (1262/2020) is a government grant financed by the EU Recovery and Resilience Facility (RRF). Traficom must report the information to the RRP system maintained by the State Treasury for centralized national monitoring and control of the implementation of the recovery and resilience plan.

Recording camera surveillance in theory test rooms is used to investigate and prevent cases of cheating. Recording camera surveillance is carried out to prevent, investigate and prove crimes, offences and other misconduct. Camera surveillance is also carried out to ensure the safety of employees and other persons and to prevent and investigate situations that endanger safety. The recordings may be used, if necessary, to assert, establish or defend legal claims or to ensure other legal protection.

The purpose of processing personal data is to carry out procurements for Traficom and organise competitive tendering for public procurements in accordance with procurement legislation.

Traficom acts as a national cybersecurity certification authority. As regards operators based in Finland, Traficom shall supervise compliance with obligations arising from the Cybersecurity Act (EU) 2019/881 and compliance with cybersecurity certification schemes drawn up in accordance with the Cybersecurity Act. In order to carry out its statutory duties, Traficom collects personal data and contact details that are necessary for its supervisory tasks.

Traficom acts as a national cybersecurity certification authority. The national cybersecurity certification authority’s contact form can be used to present questions, give feedback or ask for advice regarding EU cybersecurity certification schemes. The personal data on the form is used for processing the matter reported on the form and for informing the sender of the form about the progress of the matter. 

National Cyber Security Centre Finland’s extranet solution serves the needs of stakeholder communication. Extranets are used to support efficient and reliable exchange of information between internal users and stakeholders’ designated end users. Extranets are closed forums for exchanging information and the purpose of the possible processing of personal data is to ensure the sharing of information regarding current information security matters.

You can submit a complaint to The Finnish Transport and Communications Agency Traficom about a website or mobile application that does not comply with the web accessibility requirements of the Digital Services Act. The purpose of collecting personal data is to ensure the delivery of the necessary requests for supplementing information to secure the processing of complaints and requests for clarification. In addition, the purpose of collecting personal data is to ensure that the notification of not admitting the complaint for examination as referred to in section 53 b of the Administrative Procedure Act can be delivered to the person who submitted the complaint.

Feedback on the webaccessibility.fi website can be given using form. The purpose of collecting personal data is to ensure that Traficom will be able to send an electronic acknowledgement of receipt for accessibility feedback and respond to the feedback as required by the Digital Services Act.

Microsoft Teams on M365-palveluihin kuuluva reaaliaikainen yhteistyö-alusta, joka yhdistää chatin, videokokoukset, tiedostojen jakamisen ja sovellukset, tehostaen tiimityötä ja projektinhallintaa. Traficomissa on käytössä Teams-videokokoukset, kahdenkeskiset puhelut sekä chatit.

Finnish Transport and Communications Agency’s NIS 2 notification application is used to collect data on significant incident notifications (mandatory notification) and voluntary notifications made by entities. In order to implement this data collection, it is necessary to process the personal data described in this privacy statement.

In accordance with the requirements in the NIS 2 Directive, the Cybersecurity Act (124/2025) and the Information Management Act (906/2019), contact details of entities subject to the legislation will be collected in the list of NIS2 entities from the following sectors supervised by Finnish Transport and Communications Agency. In order to implement this data collection, it is necessary to process the personal data described in this privacy statement.

The privacy statements of Traficom's mobile applications have been compiled on their own page.

The privacy statements for Traficom's research and surveys have been compiled on their own page.