Sanoma Media Finland Oy – Dismissed (Finland, 2021)

Dismissed
DPA Tietosuojavaltuutetu27 October 2021Finland
final
Dismissed

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Sanoma Media Finland Oy was not required to erase personal tax information from its public tax portals. The Finnish Data Protection Authority found that the company was allowed to keep the information because it was used for journalistic purposes. This decision highlights the balance between privacy rights and the public's right to information.

What happened

An individual asked Sanoma Media Finland Oy to stop processing their personal tax information, but the company refused.

Who was affected

The individual whose personal tax information was published on Sanoma's media outlets.

What the authority found

The Finnish DPA ruled that Sanoma could continue processing the tax information for journalistic purposes, which is exempt from certain GDPR rules.

Why this matters

This case shows that companies can process personal data for journalism without violating privacy laws. Small businesses should understand the exemptions that exist for journalistic activities.

GDPR Articles Cited

AI-verified

Art. 32(GDPR)
Art. 5(1)(a) GDPR
View original scraped data
Art. 5(1)(a) GDPR
Art. 32(GDPR)

Original data from scraper before AI verification against source document.

National Law Articles

AI-identified

§ 27(1) Data Protection Act
Source verified 23 March 2026
articles corrected
national law identified
Finland enforcementDPA Tietosuojavaltuutetu actionsAll Sanoma Media Finland Oy actions
Full Legal Summary
Detailed

By law, the Finnish Tax Administration (Verohallinto) is obliged to release every taxpayer's personal tax records to the public, to a limited extent. An individual requested two media outlets owned by Sanoma Media Finland Oy (the Company) to stop processing and to erase their personal tax information from the media outlets' tax information portals which were public to all readers. The Company refused to follow the request, and therefore the individual filed a complaint with the Finnish DPA (Tietosuojavaltuutetun toimisto). The Finnish DPA found that the Company was not obliged to comply with the request because the information was processed solely for journalistic purposes, a type of processing which is exempted from certain provisions of the GDPR under § 27(1) of the Finnish Data Protection Act (Tietosuojalaki). The Finnish DPA therefore concluded that the processing of the personal data was neither in breach of Article 5(1)(a) GDPR, nor of Article 32 GDPR.

Outcome

Dismissed

The complaint or investigation was dismissed.

Related Enforcement Actions (1)

Other enforcement actions involving Sanoma Media Finland Oy in FI

Current
Oct 2021

Dismissed

Court Ruling
Dec 2023· DPA Tietosuojavaltuutetu

The data subject had asked the Administrative Court of Hämeenlinna (the Court) to overturn [https://gdprhub.eu/index.php?title=Tietosuojavaltuutetun_t...

Details

Decision Date

27 October 2021

Authority

DPA Tietosuojavaltuutetu

Sources

About this data

Data: GDPRhub (noyb.eu)
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Sanoma Media Finland Oy - Finland (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: