Privacy policy

EU General Data Protection Regulation

The EU General Data Protection Regulation (GDPR) entered into force on 25 May 2018.

The Municipality of Hartola website is secure and safe to use. We will not ask for our visitors’ bank details or collect personal data for commercial purposes.

To safeguard the legal protection and privacy of customers of our municipal services, all personal data will be processed in accordance with data protection legislation. In providing services, the Municipality of Hartola processes the personal data of customers only in the extent required for the service in question. In Hartola municipal services, the personal data of customers are processed appropriately and in accordance with specific legislation governing each service. In certain exceptional cases, the Municipality of Hartola may also process personal data upon the customer’s express consent.

Data protection officer

In accordance with current legislation, the Municipality of Hartola has been appointed a data protection officer to support customers and staff in data protection matters. The data protection officer for the Municipality of Hartola is Kati Pietinen. Questions on data protection matters may be sent by email to

Please note that your initial email should not include sensitive personal information, such as your personal identity code or date of birth. Instead, provide a short description of your question and your contact details. Our data protection officer will contact you to request any further information needed to handle the matter.

Privacy statements

Privacy statements describe the ways in which we process personal data for each purpose. Privacy statements provide information on the personal data to be processed, the purpose of processing, authorised disclosures of data, security principles of the filing system, and the rights of data subjects. Customers whose personal data is stored by the controller have the right to access their data. Customers also have the right to request a rectification of any inaccuracies in the data. Customers have the right to withdraw consent to the processing of their personal data, provided that the grounds for processing are based on said consent.