Data protection and handling of personal data | About Kela | KelaSkip to content

Data protection and handling of personal data at Kela

Kela exercises due care in all its operations and ensures a high level of data protection and data security. The handling of personal data is based on the fulfilment of Kela’s statutory responsibilities.

At Kela, personal data are used when implementing statutory social insurance in customer service and the processing of claims for benefit. The data related to benefit processing constitute a benefit register. Kela also has other personal data registers.

For each personal data register at Kela there is a privacy policy statement with further information on the handling of personal data. The statement relates for instance the purpose of the handling of data, the data sources and how data in the register in question can be provided to other parties.

Kela is obliged to store your personal data. Kela has defined the retention period for personal data on the basis of the legislation related to different benefits and the Accounting Act. The privacy policy statements contain further information on the data retention periods.

Kela receives data from the customers themselves (e.g. data related to claims for benefit and job applications). Based on law, Kela also receives data from different public authorities.

The privacy policy statements contain further information on where Kela can receive data and what type of data Kela has.

Kela uses the personal data when carrying out its statutory responsibilities.

  • Kela uses personal data in a variety of contexts related to the granting and disbursement of benefits and to the delivery of customer service.
  • Kela can also use data provided by a customer for the determination of another benefit if this is possible under law.
  • The data can be used to monitor and prevent benefit fraud, in which case the data can also be combined and processed automatically, including with the help of data analytics.
  • The data can also be used when planning Kela’s operations and for the purposes of research and statistics.
  • In addition, Kela also processes personal data in its other operations, such as recruitment, procurement, administrative matters and subscriptions to newsletters.
  • Kela also handles personal data in connection with other operations, such as recruitment, procurement, administrative matters and newsletter subscriptions.

The privacy policy statements contain further information on the purposes for which Kela uses the data.

In certain cases laid down by law, Kela provides information to for instance the Finnish Tax Administration, authorised pension providers and other insurance providers, social and healthcare authorities, the police and the debt enforcement authorities.

Data from Kela can be released in accordance with the Act on the Secondary Use of Health and Social Data (552/2019) as well as on the basis of rights of access grounded in separate Acts of Parliament. The data are processed in anonymised and pseudonymised form.

Kela uses online direction services to calculate the distances of the trips on which the benefits are based.

In certain cases, Kela can also provide information to other parties with the customer’s consent. The privacy policy statements contain further information on the parties to whom personal data can be provided.

At Kela, personal data are only handled by personnel with authorisation to handle such data on the basis of their job duties and with authorisation to process the case in question. Kela supervises the handling of personal data.

Those who handle personal data sign a confidentiality agreement and commit to non-disclosure as regards confidential information. Such information includes all personal data.

The confidentiality obligation remains in force also in off-duty hours and after resignation from Kela service.

You have the right to check what information about you has been stored in Kela's registers. When needed, you can receive an extract of your personal data. The request to check personal data and the reply are usually free of charge.

You will receive the information you need within one month. If the information cannot be sent to you within the time limit specified and there is a valid reason for this, Kela can extend the time limit by a maximum of two months.

If you think that your personal data have been handled inappropriately at Kela, you can request that the matter be investigated.

You can also request a rectification of your personal data or deletion of incorrect data. Kela fulfils your request if there is a valid reason for the request. Kela will inform you if it is not possible under law to fulfil the request. If you are not satisfied with the decision, you can lodge a complaint with the Data Protection Ombudsman.

Please note that the right to request a rectification of data is not the same as a review of a benefit decision issued by Kela.

Read the privacy policy statements related to benefit processing (in Finnish) and Kela’s other privacy policy statements (in Finnish). The Kanta services have their own privacy policy statements.

You can file the request using the following form, or the request can be formulated freely.

The form is also available from Kela’s customer service points.

State the following in any freely formulated request:

  • your name and contact details
  • information on the data you wish to have and for which period

You can send a request concerning your personal data to Kela’s Registry

  • by mail to Kela, Kirjaamo, PL 450, 00056 Kela
  • by e-mail kirjaamo@kela.fi

You can also make the request by phone or by visiting one of Kela’s customer service locations in person. Be prepared to prove your identity.

If you send the request by e-mail, we recommend that you use encrypted e-mail (pdf).

If needed, you can use a representative.

Kela's appointed privacy officer

Kela's appointed privacy officer

Contact us
tietosuoja(a)kela.fi

Last modified 10/4/2024