Isikuandmete kaitse

Privacy Policy of Finantsinspektsioon

  1. Personal data

    1. ‘Personal data’ means any information about an identified or identifiable natural person. Above all, an identifiable natural person is one who can be identified by reference to an identifier (such as name, personal identification code, place of residence, location, email, phone number or online identifier) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

    2. Special categories of personal data are personal data revealing a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

  2. Cases of personal data processing

    • Finantsinspektsioon processes personal data in the following cases:

      • in order to comply with laws and regulations;
      • when you visit the website of Finantsinspektsioon;
      • when you contact Finantsinspektsioon by letter or other means of communication containing personal data and the contact is registered;
      • when you visit Finantsinspektsioon;
      • when you apply for a job or internship at Finantsinspektsioon.
  3. Principles of personal data processing

    1. Finantsinspektsioon processes personal data, including special categories of personal data, only on the basis of the law in the volume and to the extent necessary for the performance of its tasks.

    2. Finantsinspektsioon collects and processes personal data in a manner that ensures an appropriate level of security of personal data, including protection against unauthorised or unlawful processing and accidental loss, destruction or damage.

    3. The processing of personal data, including special categories of personal data collected by Finantsinspektsioon in the course of fulfilling its statutory tasks, is governed in particular by applicable European Union law, as well as by the Financial Supervision Authority Act and the laws and regulations referred to therein or enacted pursuant thereto, the Personal Data Protection Act and Regulation (EU) 2016/679 of the European Parliament and of the Council.

    4. The supervisory procedure carried out by Finantsinspektsioon is generally not public, and personal data collected in the course thereof are disclosed in very limited cases and to a very limited number of persons, i.e. where the applicable law allows it. The processing of personal data of persons reporting violations of law is regulated by the Financial Supervision Authority Act.

    5. Personal data processed by Finantsinspektsioon are stored for the period stipulated by law or laws and regulations issued on the basis of the law, or for as long as it is necessary for the fulfilment of supervisory purposes.

    6. Finantsinspektsioon may publish alerts on its website and via other channels ( in the event of non-compliance or suspected non-compliance. Alerts include, among other things, Finantsinspektsioon’s assessment of the person's activities and may include personal data of the natural persons connected with the activities referred to. Alerts are publicly available for at least five years.

    7. The personal data of an applicant for a job or internship with Finantsinspektsioon are processed by Finantsinspektsioon on the basis of the law to the extent that the applicant has disclosed about themselves in the recruitment process and Finantsinspektsioon has collected them, for the purpose of assessing their suitability for the relevant job or internship. The relevant data are accessed by those involved in the recruitment and selection process. Finantsinspektsioon retains the data of unsuccessful candidates for up to one year from the end of the competition. If a candidate is interested in future employment opportunities at Finantsinspektsioon, their data will be stored for up to three years, subject to the candidate's written consent.

    8. The personal data of visitors to Finantsinspektsioon is only processed for security reasons in connection with their stay at the organisation.

    9. When you visit the website, Finantsinspektsioon collects non-personal statistical information about your visit, which is used to analyse the use of the website and to provide visitors with the best user experience.

    10. In the case of subscribers to notifications from the Finantsinspektsioon website (, the email address of the subscribers is only processed in order to send the information they subscribed to. Finantsinspektsioon stores and processes the data provided by subscribers until they express their wish to cancel the subscription.

    11. Finantsinspektsioon ensures the protection of personal data and, in the event of a breach, immediately takes all appropriate measures to remedy it.

    12. Finantsinspektsioon stores and in certain cases discloses data on people who its staff and members of its management board meet in order to ensure the highest possible degree of transparency for Finantsinspektsioon.

  4. Contact details and filing of complaints

    1. In order to contact Finantsinspektsioon’s data protection officer or in the event of a complaint regarding the processing of personal data, please write to the following e-mail address: [email protected].

    2. A person also has the right to file a complaint with the Data Protection Inspectorate if the rights of the data subject have been violated during the processing of personal data.