Finnish Meteorological Institute's Weather application privacy notice

General Data Protection Regulation (EU) 2016/679

1. Data Controller Finnish Meteorological Institute PO Box 503, Erik Palménin aukio 1, FI-00101 Helsinki, Finland tel. +358 29 539 2141, kirjaamo(at) 2. Contact Person for the Register Teemu Sirviö tel. 029 539 6017 teemu.sirvio(at)

3. Data Protection Officer Jaana Palmunoksa tel. +358 29 539 2310 jaana.palmunoksa(at) 4. Name of the register Finnish Meteorological Institute’s Weather -application

5. Purpose of processing personal data The application uses location information to transmit weather data based on the user's location.

6. Legal basis for processing Statutory obligation. (Law about Finnish Meteorogical Institute 212/2018 2 §)

7. Contents of the Register IP address of the device fetching weather information, time and location data.

8. Regular Data Sources Application

9. Recipients or recipient groups of the personal data Finnish Meteorological Institute employees whose duties require them to examine the observations produced in the Weather application.employees whose job responsibilities require them to review the application's log data.

10. Transfer of Personal Data Outside the EU or EEA The app's data will not be transferred outside the EU or EEA.

11. Principles of Register Protection Only company personnel whose job duties require it have the right to process personal data. Not just anyone can access the data; it is protected behind usernames and passwords.

12. Retention Period of Personal Data or Criteria for Defining It Data is retained as long as it is needed for the purpose it was collected for, but no longer than two years.

13. The rights of a data subject Users have the right to know whether data concerning them may have been stored in the system and to request their erasure if necessary.Users have the right to restrict the processing of their personal data.

14. Right to Lodge a Complaint with a Supervisory Authority Users have the right to file a complaint with a supervisory authority if they believe the processing of their personal data violates applicable data protection regulations.