Privacy Statement, Datahub Oy
(General Data Protection Regulation (EU) 2016/679, Articles 12–14)
This Privacy Statement sets out how Fingrid Datahub Oy processes personal data in different systems and the rights of data subjects in relation to that processing. This Privacy Statement explains what personal data we process, the reasons for processing the data, and the period for which the data is retained.
Fingrid Datahub Oy provides services related to information exchange in the electricity retail market. Fingrid Datahub Oy is a wholly owned subsidiary of Fingrid Oyj. By law, Fingrid Oyj is responsible for the tasks set out in the public service obligation, such as organising the exchange and management of information required by electricity market processes. Fingrid Oyj is responsible for the centralised management of personal data matters within the Group and for ensuring the rights of data subjects as set out below.
Fingrid Datahub Oy is responsible, in accordance with applicable legislation, for the centralised organisation of information exchange and data management for electricity market processes related to electricity trade and imbalance settlement within distribution networks (centralised information exchange services for electricity trade). This means that Fingrid Datahub Oy maintains systems through which electricity retail market parties exchange information about electricity market processes, while the customer (electricity user) manages its electricity market information. Fingrid Datahub Oy maintains and develops its relevant systems and interfaces with the systems of other electricity market companies, ensuring that services and systems operate efficiently and are user-friendly, maintaining an appropriate level of information security, and securing the conditions necessary for an efficient electricity retail market. In addition to those parties legally obliged to use the Datahub services for data exchange, Fingrid Datahub Oy also provides services to other electricity market parties. These parties include service providers, whose access to the data in the Datahub is based on an explicit authorisation by electricity users.
The services for centralised information exchange are carried out in the Datahub System. The Electricity Market Act defines the centralised information exchange services for electricity trade to be carried out in the Datahub and the related tasks which may involve the processing of personal data. The personal data processed in the Datahub is derived from agreements for electricity sale and network services. Information is stored in the Datahub about the parties to electricity agreements, the electricity accounting points related to those agreements, and the relevant contact persons.
The market processes are designed so that only the information necessary for each process is stored in the Datahub, and parties can only access or receive information from the Datahub in accordance with their predefined rights. These rights depend on the role of the party, the agreement situation and existing authorisations.
Electricity market parties sometimes need support in maintaining the data submitted to the Datahub. To meet this support need, the Datahub includes a dedicated support service system in which the data of each support case is registered. As a rule, the data contains personal data.
A dedicated service has been created to support market parties’ system testing, allowing them to verify the functionality of their own systems. This service has its own system for storing data about the market parties’ contact persons, such as email addresses.
Electricity users can check their own data on the Datahub end-customer portal for electricity. Users log in to the end-customer portal using strong authentication methods. It enables individual electricity users to monitor their electricity consumption per accounting point, for example.
Personal data collected from the data subject:
Data subject’s authorisation for an electricity market party to retrieve their data.
Removal of a non-disclosure order from the Datahub System.
Information required to identify the customer, such as the customer’s accounting point ID and phone number.
Personal data obtained from other sources:
Customer data, e.g. name and address of the customer
Accounting point data, e.g. address and ID of the accounting point
Agreement data, e.g. agreement duration
Metering data, e.g. hourly metering value
Product data, e.g. distribution system operator’s transmission product and its price
Invoice row data, e.g. amount and price of billed energy
The information is listed in further detail in the data table below.
2.1 Data table on the data processed
|
Personal data |
|
|
Customer data |
The person’s identification and contact information
|
|
Accounting point data |
Information maintained on accounting points, including:
|
|
Agreement data |
Information on the agreement
Invoicing information
|
|
Metering data |
Metering time series
Metering data
Accounting point type
Metering time series type
|
|
Invoice row data
|
Invoice row data includes, for example:
|
|
Product data |
Product data includes, for example:
|
2.2 Data processed in the Datahub system
|
Maintenance of customer and accounting point data |
|
|
Purpose |
Maintenance of customer and accounting point data |
|
Description |
Customer data is required for exchanging information in the retail electricity market about an electricity user who is party to an electricity agreement. Electricity retailers maintain customer data in accordance with the electricity market processes. The data is updated when the data subject notifies the electricity market party, either when concluding a new agreement or as a separate update. The Datahub will transfer the updated information to all parties entitled to receive it, either by agreement or by authorisation. Accounting point data identifies the accounting point for the purposes of information exchange in the electricity retail market. The distribution system operator maintains the accounting point data of its own distribution network in accordance with the electricity market processes. |
|
Personal data |
Data maintained on customers, such as name and customer ID (personal identity code/business ID). Data maintained on accounting points, such as data identifying the accounting point (e.g. accounting point ID and meter ID). For more details, see the data table in Chapter 2.1. |
|
Legal basis |
Compliance with legal obligations. |
|
Retention of data |
Customer data will be deleted from the Datahub 6 years after the end of the customer’s agreement. Deactivated accounting points are automatically removed from the accounting point data if they are not included in a valid electricity agreement. |
|
Organising the information exchange required by the customer agreement process for the sale and distribution of electricity |
|
|
Purpose |
The centralised organisation of information exchange and data management for electricity market processes related to electricity trade and imbalance settlement within distribution networks in accordance with the Electricity Market Act. |
|
Description |
Electricity retailers and distribution system operators maintain data subjects’ agreement data in accordance with the market processes. This includes notifications of new agreements, agreement updates, cancellations and terminations. Information entered into the agreements is transferred to other parties entitled to the information through the Datahub. |
|
Personal data |
The person’s identification and contact information, such as personal identity code or date of birth and the person’s name Information about the agreement, such as accounting point ID and address. Billing information, such as billing method and address. For more details, see the data table in Chapter 2.1. |
|
Legal basis |
Compliance with legal obligations. |
|
Retention of data |
Agreement data is retained in the Datahub for 6 years after the end of the agreement. The data will be automatically deleted after six years. |
|
Organising the information exchange for metering data |
|
|
Purpose |
Organising the information exchange for metering data |
|
Description |
The distribution system operator provides accounting point metering data to the Datahub in accordance with the market processes. Datahub immediately transfers the provided data to other market parties entitled to the data either under a valid electricity agreement or an authorisation. The data is also accessible to the data subject on the Datahub customer portal. |
|
Personal data |
Metering information such as metering time series and metering data. For more details, see the data table in Chapter 2.1. |
|
Legal basis |
Compliance with legal obligations. |
|
Retention of data |
Metering data is automatically deleted after six years of submission. |
|
Maintaining product and invoice row data |
|
|
Purpose |
Distribution system operators must indicate in their grid agreements the customer’s transmission product for the possible needs of the electricity retailer. The Datahub also enables reporting invoice row data for possible pass-thru billing. |
|
Description |
Distribution network operators always indicate the product identifier in their grid agreements. Product details are reported in the Datahub, where retailers can retrieve them, if required. Invoice row data is transmitted between the parties if one party bills the electricity user on behalf of the other party. This is typically required is when the retailer’s invoice also covers electricity transmission. In that case, the party reports the billing needs for a given period on an invoice row basis in the Datahub. |
|
Personal data |
Product information is not personal data. Invoice row data includes, for example, the customer’s accounting point ID and agreement ID. For more details, see the data table in Chapter 2.1. |
|
Legal basis |
Compliance with legal obligations. |
|
Retention of data |
Invoice row data will be deleted from the Datahub 6 years after the end of the agreement. |
|
Data on electricity market parties |
|
|
Purpose |
Maintaining the data on parties operating on the Datahub for the information exchange needs of customers and other market parties. |
|
Description |
Data on the market parties that operate on the Datahub is maintained in the Datahub. The data on the parties is maintained by the Datahub operator and the parties themselves. |
|
Personal data |
Name and contact information of the party’s contact person |
|
Legal basis |
Compliance with legal obligations. |
|
Retention of data |
If the contact person is changed, the old contact information will be deleted. |
2.3 Data processed by Datahub customer service
|
Data processed by Datahub customer service |
|
|
Purpose |
Information required to identify the support needs of electricity market parties |
|
Description |
Fingrid Datahub Oy provides support to parties associated with the Datahub through a support service system. Individual support requests containing data required to identify the current support needs are recorded in the support service system. A support request may also contain personal data. This personal data is the same data that is stored in the Datahub system. |
|
Personal data |
Customer data, such as the customer’s name, personal identity code or business ID, and contact details. Accounting point data, such as accounting point address and ID. Other personal data processed, such as any customer authorisations and consumption data. For more details, see the data table in Chapter 2.1. |
|
Legal basis |
Compliance with legal obligations. |
|
Retention of data |
The data is deleted six years after the date of recording. |
2.4 Data processed in the Datahub customer portal
|
Data processed in the Datahub customer portal |
|
|
Purpose |
Presentation of customer and accounting point data to the end customer and removal of non-disclosure orders |
|
Description |
Datahub provides customers with an interface, the so-called customer portal, where electricity users can view data recorded about them in the Datahub. In the customer portal, electricity users can view the metering data, agreement data and other data of their accounting points. |
|
Personal data |
Accessible customer data:
Accounting point data:
Other data on the accounting point:
|
|
Legal basis |
Compliance with legal obligations. |
|
Retention of data |
Customer data will be deleted from the Datahub 6 years after the end of the customer’s agreement. Deactivated accounting points are automatically removed from the accounting point data if they are not included in a valid electricity agreement. |
Personal data is obtained from the data subject, electricity retailers and network operators with which the person has a agreement relationship.
Electricity retailers maintain data on the customer and the customer’s electricity agreements in the Datahub System. Network operators maintain data on electricity accounting points and metering in the Datahub System. Network operators maintain their grid agreement data and product data in the Datahub System.
The Datahub customer service provides support to electricity market parties as required. The electricity market parties report their support needs in a separate support service system, which is also used, where necessary, to report individual accounting point or customer data depending on the specific support need. The types of data are listed in the personal data table above.
Data is disclosed to electricity market operators or authorities as required by law.
Datahub submits data to Statistics Finland on a monthly basis in accordance with the Statistics Act. In addition, Datahub provides aggregated statistical data to the Energy Authority. Upon request, Datahub will provide information on individual accounting points to other authorities under the Act on Information Management in Public Administration.
The data processed at Datahub customer service is handled by the customer service personnel and by the system provider who maintains the support system. Personal data received by Datahub customer service may be transferred to the system provider to facilitate problem resolution.
Through the Datahub customer portal, the customer can view the data which they are entitled to access under their agreement. The data is not disclosed to any party from the customer portal.
4.1 Data recipients based on Datahub processes
The Datahub System employs specified data exchange processes for maintaining customer data and electricity accounting point data; for customer agreement processes of electricity sales and distribution; for metering data; and for maintaining product data, invoice row data and party data. The data content transmitted to the Datahub and from the Datahub to other parties has been precisely specified for each process. In addition, precise deadlines have been set for carrying out the processes. The general principle for data transfer in accordance with the processes is that whenever an update occurs, the data submitted to the Datahub is transferred to the party entitled to receive the changed data, either under the customer’s agreement or the customer’s explicit authorisation.
|
Maintenance of customer and accounting point data |
|
|
Personal data |
Data maintained on the customer, such as name and customer ID (personal identity code/business ID), is transmitted to the distribution system operator or a party authorised by the customer. Data maintained on accounting points, such as data identifying the accounting point (e.g. accounting point ID and meter ID) is transferred to the retailer associated with the accounting point or a party authorised by the customer. For more details, see the data table in Chapter 2.1. |
|
Organising the information exchange required by the customer agreement process for the sale and distribution of electricity |
|
|
Personal data |
The person’s identification and contact information, for example: personal identity code or date of birth and name of the person The necessary information about the agreement is transferred to the other contracting party associated with the accounting point. Any product information stated in the sales agreement or information on the duration of the agreement is not disclosed to the distribution system operator associated with the accounting point. Billing information, such as billing method/address, is transferred to the other contracting party associated with the accounting point. For more details, see the data table in Chapter 2.1. |
|
Organising the information exchange for metering data |
|
|
Personal data |
Metering information provided by the distribution system operator, such as metering time series and metering data, is transferred to the electricity retailer associated with the accounting point or to a party authorised by the customer. For more details, see the data table in Chapter 2.1. |
|
Maintaining product and invoice row data |
|
|
Personal data |
Product information is not personal data. Invoice row data includes, for example, the customer’s accounting point ID and agreement ID. The invoice row data is transferred, with the party’s authorisation, to the operator carrying out the electricity user’s consolidated invoicing. Information on consolidated invoicing is provided in customer agreements. For more details, see the data table in Chapter 2.1. |
|
Data on electricity market parties |
|
|
Personal data |
Name and contact information of the party’s contact person |
Personal data is stored within the European Union and it is not transferred outside the European Union or the European Economic Area.
The data is protected by appropriate technical and organisational measures. Material is protected by technical measures and access to the systems is granted only to those persons for whom it is necessary for their work or function. Fingrid’s and Fingrid Datahub’s personnel are bound by professional secrecy. The personnel are trained and instructed in the lawful processing of personal data.
External data processors are required to have adequate technical and organisational protection measures in place and commit to lawful processing of personal data and confidentiality.
The data subject has the right to request access from the Controller to personal data concerning themselves, the right to request correction of their personal data and a limitation on processing.
The data subject has the right to have their data removed, if the personal data is not required for the purposes described in Section 2. There is no right to the removal of data if Fingrid has a statutory obligation to keep the data, or if Fingrid needs the data to prepare, present or defend a legal claim.
Data stored in the Datahub can be checked by logging in to the Datahub customer portal using strong authentication. Address to the customer portal:
https://www.fingrid.fi/en/electricity-market/datahub/sign-in-to-datahub-customer-portal/
Alternatively, data subjects can exercise their rights by filling in the contact form (yhteydenottolomake) at
The Controller does not make decisions based on automated processing.
If a data subject considers that the processing of their personal data breaches applicable legislation, or their statutory rights have been infringed, they may file a complaint about the matter with the Data Protection Ombudsman whose contact information can be found at http://www.tietosuoja.fi/en/.
Updated 16.12.2025