Privacy Statement - 112 Suomi -application
28.8.2025
1. Name of data file
112 Suomi mobile application
2. Controller
Hätäkeskuslaitos
Satakunnankatu 3-5
PL 112
28131 Pori
E-mail: [email protected], phone 0295 480 112 (switchboard)
3. Contact person for enquiries concerning the data file
Senior Software Engineer Sami Suomalainen
PL 112
28131 Pori
E-mail: [email protected], phone 0295 480 112 (switchboard)
4. Data Protection Officer
Data Protection Officer
PL 112
28131 Pori
E-mail: [email protected], phone 0295 480 112 (switchboard)
5. Purpose and legal basis of personal data processing
The 112 Suomi application processes telephone numbers and location data as personal data. The Emergency Response Centre Agency processes data subjects’ personal data on the basis of their consent pursuant to Article 6.1 of the EU General Data Protection Regulation.
When a call is made to the emergency number (112) via the 112 Suomi application, the caller’s telephone number and exact location are automatically communicated to the emergency response centre, which speeds up call handling. The telephone number and location data are also transmitted abroad in countries that are part of PEMEA when calling the emergency number 112 via the app. Learn more about PEMEA and countries that have joined it.
Regional emergency warnings and emergency announcements can be sent to the app based on the location data of the telephone. In addition to emergency warnings and emergency announcements, Fintraffic’s regional road traffic disruption bulletins are published in the application based on the location data of the telephone.
When a user shares an announcement from the app, the recipient receives a link to a website maintained by the Emergency Response Centre Agency. When the user opens the announcement on the website, no data on the user is shared with the Emergency Response Centre Agency. The website does not collect any data on visitors or the people opening announcements.
It is possible to use the links in the application’s menu to go to websites managed by third parties. The data protection requirements are always the responsibility of the operator of these websites. The application will not disclose information to third parties.
The Omaolo.fi online service is administered by SoteDigi Oy. When transferring to fill in the symptom assessment via the application, no user information is passed on to SoteDigi Oy.
The list of the nearest defibrillators is retrieved from the defi.fi register maintained by the Sydänliitto heart federation. The nearest defibrillators are displayed to the user based on their location data. Use of the service does not result in any information about the user being transmitted to third parties.
The Matkustusilmoitus.fi online service for travel notifications is maintained by the Ministry for Foreign Affairs. When transferring to fill in a travel notification via the application, no user information is passed on to the Ministry for Foreign Affairs.
The service menu also includes a link to a guide on how to prepare for incidents and crises maintained by the Ministry of the Interior in the suomi.fi online service. The application does not transfer user data to the Ministry of the Interior.
The service menu also includes instructions on identifying disturbances of the cerebral circulation. The instructions include a link to the website of the Finnish Brain Association, which the user can access to find further information on disturbances of the cerebral circulation. When transferring from the application to the website, no user data is passed on to the Brain Association.
6. Retention of personal data in the data file
The data are kept for a period of 24 hours, after which they are automatically erased.
7. Content of the data file
The application collects the following personal data from users in the application:
- telephone number
- location data.
8. Regular sources of data
After downloading the application on their phone, the user enters their mobile telephone number in the application. The other data are collected automatically via the application. The caller’s location is stored on the service provider’s cloud-based server for a period of one hour after they press the ‘Call 112’ button. The data can only be accessed by the Emergency Response Centre Agency, and the ERC information system only tracks the caller’s location for the duration of the call.
When calling the Maritime Search and Rescue emergency number via the application, the location data is stored on the service provider’s cloud-based server for a period of one hour. These data are only available to the maritime search and rescue command centres maintained by the Finnish Border Guard. Pursuant to section 3 of the Maritime Search and Rescue Act (1145/2001), the Border Guard is the maritime search and rescue authority in charge, directing and conducting, for example, maritime search and rescue operations.
The location of smartphones that are used to call the national Road User’s Hotline via the application is also stored on the service provider’s cloud-based server for a period of one hour. Only the Road User’s Hotline operator can access the data. Calls to the national Road User’s Hotline are forwarded to the Road Traffic Centre. The Road Traffic Centres are operated by Fintraffic Tie Oy, which is in charge of managing road traffic on Finnish roads. Fintraffic Tie Oy is part of Fintraffic, which is a state-owned enterprise with a special mandate from the Finnish Ministry of Transport and Communications.
Emergency warnings and other emergency announcements are sent to all phones on which the application has been installed and that have the continuous use of location data enabled. In this way, the phone will check in the background if there are emergency warnings and emergency announcements issued in the area of the phone and send a notification to the phone if there is a valid announcement in the area.
Anonymised statistics will be collected on the coverage of the emergency warnings and emergency announcements. The EU General Data Protection Regulation does not apply to the processing of anonymous data to be used for statistical purposes. For data collection, each installation creates a unique GUID for the application. The GUID uses device data but does not store it anywhere.
To preserve anonymity, the identifying information used for sending statistical data is not used in the app for anything other than for sending statistical data. As a result, no data that could enable the linking of an identifier with a specific user will ever end up in the cloud service.
In relation to the announcements, the following information is collected for statistical purposes in an anonymised manner:
- Type of the event to be included in the statistics. For example, ‘alert-activated’ means that the announcement has been displayed to the user.
- Details of the event by type.
- Unique identifier of the application installation. A random unique identifier created during the installation of the application for linking together the statistical data obtained from the relevant device.
- Timestamp for the time when the statistics were generated on the device
- Device distance from the announcement area at the time of occurrence (zero if within the area)
- Device operating system (for example, Android or iOS) and version
- Device manufacturer and model
- Application identifier, always the same for the time being (112 Suomi)
- Application version
The app asks for permission to access the user’s location and the user’s fitness and exercise data. This permission is used to reduce battery consumption. If the user does not grant permission, this may result in higher battery consumption on the phone. A library included in the app detects when the user is stationary or moving and updates the phone location data accordingly. If this permission is not granted, the location data will be updated even when the user does not move. However, the app works as normal even without this permission.
9. Transmission, disclosure and recipients of data
The personal data collected via the application in connection with emergency calls are shared with emergency response centres. The ERCs get access to the callers’ exact location and telephone number. The operation of ERCs is governed by the Finnish Act on Emergency Response Centre Operations (692/2010). The details of emergencies reported to ERCs are entered into the ERC information system pursuant to the provisions of the Act.
When calling from the application to the Maritime Search and Rescue emergency number, the location information is provided to the Border Guard, which will link the information to the maritime search and rescue database for rescue incidents. The disclosure of location information to the Finnish Border Guard in relation to maritime search and rescue is communicated on the application screen in connection with the phone number in question.
Personal data collected via the application in connection with calls to the national Road User’s Hotline are shared with the Road Traffic Centre. The application notifies callers of the disclosure of their data to the operator of the Road User’s Hotline before they dial the number.
The controller has authorised Digia Finland Ltd to process subscribers’ personal data on its behalf. The 112 Suomi application is a co-creation of the Emergency Response Centre Agency and Digia. Digia Finland Oy is a Finnish information technology company that supplies information systems to a number of security authorities. The personal data of the users of the application may also be disclosed on a case-by-case basis to any public authority that makes a request to that effect by virtue of its statutory right to access such data.
The 112 Suomi application only uses the location data of the user’s phone, the telephone number entered into the app and the anonymised statistical data concerning announcements. Despite this, the phone’s operating system may store information on the use of the app and/or the data it generates in accordance with the operating system’s own use cases, terms and conditions. The Emergency Response Centre Agency has no control over this type of data storage and/or usage.
When transferring from the application to a third-party website, the application does not pass on user data to them. The data protection requirements of the website are always the responsibility of the website operator.
10. Transmission of data tocountries outside of the EU or the EEA
Personal data are never transmitted to countries outside of the EU or the EEA.
11. Technical and organisational protection measures
Data collected about subscribers are stored in a system that the processor has protected by means of information security software and features of the operating system. Access to the system requires a personal password. The processor has also set up a firewall and taken other technical measures to protect the system. The data held in the system can only be accessed and processed by specific employees of the controller and the processor who have been properly trained and instructed on secure data processing practices. The data are held on the processor’s premises, which are kept locked and equipped with a security system.
Personal data collected via the application are stored on Digia Finland Oy’s cloud-based 112 server for a period of 24 hours, after which the information will be automatically destroyed The server is located in Finland.
12. Possibility of automated decision-making
The Emergency Response Centre Agency never makes decisions based solely on automated processing. The Emergency Response Centre Agency also does not use the personal data it processes to profile subscribers.
13. Access to personal data
Data subjects have the right to access any personal data concerning them that are held in the data file. Requests to this effect must be made in writing and e-mailed to [email protected] or sent by post to the Emergency Response Centre Agency at PO Box 112, FI-28131 PORI, Finland, with enough personal information to enable the controller to identify the data subject. When requesting information, please note that the location data provided by the app and the user’s phone number are retained in the cloud service only for 24 hours after the Call button is used, after which the information will be automatically destroyed.
14. Data subjects’ rights
Data subjects have the right to receive information on the processing of their personal data, the right to access their data, the right to rectify data, the right to erase data (the right to be forgotten), and the right to restrict data processing.
The controller must notify every recipient to whom the personal data has been disclosed in the event of the rectification, erasure or restriction of processing of the data unless this proves impossible or requires unreasonable effort. The controller must notify a data subject of these recipients if the data subject so requests.
The procedure for requesting access to personal data is described above in section 13.
15. Withdrawal of consent
Data subjects can withdraw their consent by uninstalling the 112 Suomi application or by disabling location services on their smartphone.
16. Other rights of data subjects in the context of personal data processing
-
17. Right to lodge a complaint with a supervisory authority
Any grievances concerning the processing of personal data should primary be addressed to the controller or the Data Protection Officer. However, data subjects also have the right to complain about the controller’s decisions to a national supervisory authority, which in Finland is the Data Protection Ombudsman. Furthermore, anyone can alert the Data Protection Ombudsman to any potentially unlawful processing of personal data.
Website of the Data Protection Ombudsman: Home | Data Protection Ombudsman’s Office (tietosuoja.fi)
Visiting address: Ratapihantie 9, 6th floor, FI-00520 Helsinki
Mailing address: PO Box 800, FI-00521 HELSINKI, Finland.
The Data Protection Ombudsman’s e-mail address is [email protected] and the telephone number for general enquiries is 0295 666 700.
18. Further information
An electronic version of the privacy policy is available on the Emergency Response Centre Agency’s website at www.112.fi.
Emergency Response Centre Agency
Satakunnankatu 3–5, PO Box 112, 28131 Pori, FINLAND
[email protected]
+358 (0)29 548 0112 (general enquiries).
Privacy Statements
Information of webbsite - Cookies
Make a request for information
You can submit a request for information or access to records:
- about an emergency call that was not forwarded to the police, emergency medical services, rescue services or social services
- about fire and alarm systems
- about your personal data in accordance with the General Data Protection Regulation
Change the language of the form from the flag in the upper right corner.
Request information relating to a specific emergency call
Request to inspect personal data