HSL's privacy policy
Updated on 21 February 2026
We collect our customers’ personal data to provide smooth and effective transport services. Our customers include children, for whom access to public transport is important. We encourage guardians to discuss the processing of personal data with their children, considering the child's age and developmental level. We are happy to provide additional information and answer any questions if anything about personal data remains unclear or causes concern.
We provide information about our collection and processing of personal data in our Customer Register Privacy Statement on this page. More detailed service-specific data protection documents are available via the links on the left of this page.
The privacy of our customers’ data is our highest priority. We process the data in a careful and secure manner, requiring the same from our subcontractors and partners in cooperation.
HSL's data protection officer: [email protected]
HSL Customer Register Privacy Statement
We have updated the information relating to the processing of personal data as follows:
HSL Customer Register Privacy Statement
- Section 3: We have combined the purposes for processing personal data and the related legal bases into a single section. In the process, we have clarified the purposes for processing personal data and, where necessary, updated the legal bases following a reassessment. We have also refined the description of practices related to electronic direct marketing.
- Sections 4 and 5: We have separated information on automatic decision-making from the description of customer profiling and personalization, which has been clarified, for example, by adding examples.
- Section 2: We have updated the contents of the data file, partly because the service-specific notices mentioned below have been removed.
- Additionally, we have updated Sections 8, 9 and 12 regarding regular disclosures, data transfers, and amendments to the privacy statement.
Service-specific notices
- We have removed the separate service-specific notices for HSL.fi, the HSL Ticket Store, and customer communications, as the information concerning the processing of personal data for these services is included in the revised Customer Register Privacy Statement.
- We have revised the service-specific notice for the HSL app to cover only the processing of travel data. All other processing of personal data related to the app is included in the revised Customer Register Privacy Statement. The name of this service-specific notice has been updated accordingly to Processing of travel data.
The controller of the data file is Helsinki Regional Transport Authority (hereinafter HSL).
Business ID: 22745863
Address: Opastinsilta 6 A, Helsinki, PO Box 100, 00077 HSL
Telephone: +358 9 4766 400 HSL Customer Service)
Contact details of HSL’s Data Protection Officer: [email protected]
This privacy statement applies to the processing of personal data contained in HSL’s Customer Register (“Customer Register”). The data subjects are individuals who use HSL's services (“Customers”). HSL’s services include, for example, public transport services and related services such as applications, websites and online services, customer service and customer feedback, social media channels, city bikes, the bike parking service, penalty fares and lost property services.
The Customer Register consists of several types of personal data. Below is a list of the types of customers’ personal data that HSL mainly collects and processes. More detailed information on the data processed in individual services is available in the service-specific privacy notices and in the services.
Personal data:
- Customer’s name
- Contact details, such as postal address, email address and phone number
- Date of birth or information on whether the customer is at least 15 years old
- Personal identity code
- Home municipality
- Potential non-disclosure order
- Language
- Identification information, such as standard data content obtained through strong electronic identification from the Digital and Population Data Services Agency or a username and password chosen by the customer. The data content stored when creating a corporate user account includes the user’s name and personal identity code.
- Entitlement to a companion
- Authorization information
- Student enrollment information and information on current student status
- Customer group and various account, transaction, subscription and service information
- Customer's unique technical identifiers
- HSL card identification data, such as the card number; when purchasing for another person, the HSL card numbers and names assigned to those cards
- Purchase history by service
- Payment data in different channels (such as the HSL app, HSL Ticket Store, contactless payment, retail outlets, ticket machines, and HSL service points)
- Information on content use and communications through various channels, such as the content, identification and technical data of phone calls, cookies and other communications channels, including the receipt and opening of emails and HSL app notifications and clicking on the links included in them, as well as social media channels, including Facebook, Instagram, LinkedIn and X.
- Route, stop, location and area selections saved by the customer
- Boarding data, i.e., information related to ticket validation or the process of boarding a vehicle
- Location and travel data (including terminal device location), collected only with the consent of the customer
- Customer segmentation and profiling data, as well as dynamic customer group and profile data
- Information related to penalty fares: details of the person charged with the penalty fare, and the date, time, and route on which the penalty fare was issued
- City bike usage data: information that the individual is currently using a bike (pickup time) and use history of the bike, including the station of origin and destination, time and date, distance traveled in kilometers.
- Bike Parking usage data: usage data from the bicycle garage reader device, including time, date, HSL card number, or a digital wallet identifier such as a Google Wallet identifier.
- Customer feedback information, such as texts, images and the contact details of the person providing feedback
- Customer community and survey data as well as demographic and background information needed for grouping, such as gender, driving license and car ownership.
- Permissions, prohibitions and similar data.
- School pass data, such as school information and the guardian’s email address
HSL arranges public transport in accordance with the Act on Cooperation Between Municipalities in the Helsinki Metropolitan Area in Waste Management and Public Transport (829/2009). The purpose of processing personal data is to carry out the tasks of the joint local authority and to provide transport services to customers.
The processing of personal data by HSL is always based on one of the following legal bases under Article 6 of the EU General Data Protection Regulation (GDPR, 2016/679).
Agreement: The processing of personal data is necessary for the execution of an agreement to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject (GDPR Art. 6(1)(b). The following are contractual:
– Provision and delivery of services to the customer, including
- Arranging public transport and the provision of transport services, as well as the sale, validation and inspection of tickets or travel entitlements
- Provision of applications and online services
- Maintenance of services, detecting, investigating, and resolving faults and disruptions
– Account management, including contract management, management of consents and opt-outs, as well as communications related to the agreement necessary for the delivery of the service (for example, notifications about major service disruptions, order confirmations, and communications concerning changes to the agreement and service terms or privacy statements).
– Customer service, such as handling contacts and complaints related to the contractual relationship, as well as processing refunds
Consent: The data subject has given their unambiguous consent to the processing of personal data (GDPR Article 6(1)(a)). The following are based on consent:
- Processing of location and travel data as described in the service-specific notice for the processing of travel data.
- Processing of special categories of personal data to verify eligibility for a discount (e.g., discount basis: mobility impaired). In addition, this processing is based on the data subject’s explicit consent (GDPR Article 9(2)(a)).
Legal obligation: The processing of personal data is necessary for the controller to comply with a legal obligation (GDPR Article 6(1)(c)). The following are based on legal obligation:
- Planning of the transport system and public transport
- Planning and procurement of public transport services
- Public trasport pricing and setting of fares
- Processing appeals related to public transport penalty fares and processing refunds
- Processing personal data for accounting purposes
- Processing and fulfilling requests related to the rights of data‑subjects
- Statutory information security measures and compliance with notification obligations related to personal data breaches
- Disclosure of personal data to authorities based on a statutory obligation
Public interest or official authority:
Processing of personal data is necessary to perform tasks in the public interest or for the exercise of the official authority vested in the controller. (GDPR Art. 6(1)(e), and Section 4(1), subsections 2 and 3 of the Data Protection Act).
This concerns:
- Studies produced by HSL, customer satisfaction and feedback surveys
- Development, analysis, planning and reporting of HSL’s services and operations, including load studies, the analysis of total trips and trip chains, the development of the transport system, routes and route networks, digital service development
- Processing for statistical purposes in the public interest
- Customer service: handling contacts, claims and feedback not based on an agreement, and processing refunds
- Activation and provision of school passes
- Ensuring data security (where this is not a legal obligation) and detecting, preventing, and investigating misuse
- Marketing, planning and measuring the effectiveness of marketing activities
- Profiling and personalization, as well as targeted marketing and communications, as described in more detail in Section 4.
- The issuing, enforcement and collection of public transport penalty fares
- Drafting, filing and defending a legal claim; as well as
- Other duties related to the provision of public transport as outlined in HSL’s Charter that require processing of personal data, such as determining the municipal shares of ticket revenue and operating expenses, verification of tariff subsidy rights, and compiling statistics.
The status, duties and powers of HSL Helsinki Regional Transport Authority are laid down in:
- The Act on Cooperation Between Municipalities in the Helsinki Metropolitan Area in Waste Management and Public Transport (829/2009), Section 3
- Sections 181–182 of the Act on Transport Services (320/2017)
- In HSL’s Charter concluded under the Municipalities Act (410/2015
Electronic direct marketing
HSL may send electronic direct marketing messages (e.g., by email, push notifications to mobile devices or SMS) as follows:
- Electronic direct marketing based on a customer relationship: We send electronic direct marketing messages to our customers based on an existing customer relationship when the customer’s contact information (for example, an email address) has been obtained in connection with the sale of a service or product (for example, when creating an HSL account or when starting to use HSL’s services). The messages relate to HSL’s products and services that the customer has previously used or to similar products and services. Customers can opt out of marketing messages at any time, for example, through the unsubscribe links in email messages, in the settings of their HSL account, or by contacting HSL’s customer service.
- Electronic direct marketing based on consent: We may send electronic direct marketing messages that are not based on an existing customer relationship on the basis of the data subject’s consent. Consent may be given, for example, in digital services, in connection with campaigns, or through other channels. Consent can be withdrawn at any time using the same channels or by contacting HSL’s customer service.
Invitations to studies and surveys
HSL sends invitations to studies and surveys, for example, based on the customer’s use of HSL’s services. You can manage your receipt of survey invitations under the Notifications and privacy settings for your HSL account at hsl.fi and in the HSL app under Notifications and email, where you can also manage how invitations are shown in the app.
You can find the options under “Participation in the development of public transport: Invitations to surveys and questionnaires”. You can participate in studies and surveys by clicking on the invitation to participate. You will also receive more information about the study or survey in question. Participating in studies and surveys is completely voluntary.
Cookies
The use of cookies and other similar technologies is described in the cookie policies for HSL’s online services and the cookie policies for the HSL app.
HSL processes customer data to enhance its services, develop transport services in a customer-oriented way, and provide content, communications, recommendations and marketing that are as relevant and useful as possible. The aim of the processing is to make everyday travel easier, provide up-to-date information, and develop services that meet the needs of all customers.
As part of this processing, HSL analyses data on service use, purchase history and customer interactions, and may use automated analytics and modelling methods to group customer data, ensuring that customer segments are updated based on how the services are used. These customer groups are used to deepen customer insight, develop services, and plan and target content, communications and marketing.
Profiling refers to the automated processing of personal data, where the data is used to assess or predict the characteristics, preferences, or behavioral patterns of a natural person, such as personal preferences, interests, behavior, location, or movements. In this processing, HSL may use automated analytics and modelling methods to create and update dynamic customer segments.
Profiling helps HSL deepen customer insight, develop services, and support operational monitoring, reporting and decision-making. Additionally, HSL plans and personalizes service-related content and communications, and targets its marketing activities. This enables HSL to provide customers with more timely and useful information and services that better meet their needs, and to develop transport services based on the needs of different customer groups. Personalization is used in service development and in enhancing the customer experience.
HSL may, for example:
- Personalize content in its digital channels and show service and product recommendations and ads based on the customer’s previous use of HSL’s services and their customer group
- Analyze customer paths and service use, and use this information to target and schedule communications, marketing and service provision
- Use customer groups based on customers’ modes of travel and travel volume to develop services and communications targeted at those customer groups.
Profiling does not involve automated decision-making which produces legal effects or similarly significantly affects the data subject.
Customers have the right to receive information about profiling concerning them, as well as to object to profiling. Read more under “Rights of the data subject”.
HSL performs automated decision-making when verifying the discount entitlement for student-price mobile tickets. Information regarding student status is generated from data retrieved from the Finnish National Agency for Education information service based on automated reasoning using predefined algorithms. The outcome of this reasoning is stored in the HSL account as “student”, “not a student,” or “no permission granted to view this information”. Customers can manage their data transfer permissions through the service provided by the Finnish National Agency for Education.
Personal data is primarily collected directly from the customer in connection with the adoption and use of services referred to in section 2, as well as in connection with customer service and issuing a penalty fare.
For school passes, the municipality or school issuing the passes discloses the personal data to HSL.
Other regular sources of data for the HSL Customer Register include:
- Identification and authentication services provided by third parties, such as the Digital and Population Services Agency’s identification service via Suomi.fi, and the study and degree information disclosure service maintained by the Finnish National Agency for Education.
- Customer data updates from services that provide them: Personal data may also be collected, stored and updated from data controllers that offer address, update or other such services, and information on residential areas and accounts can be obtained from services that offer them.
- The services themselves that have collected information on actual use.
- Phone operators regarding tickets ordered with mobile devices, e.g., phones
- MaaS operators that provide mobility services in connection with ticket purchases and acting on behalf of other persons
The data collected in the data file will be stored for only as long as and to the extent necessary to fulfil the original purposes for which the personal data was collected, as described in Section 3. Personal data stored in the data file will be deleted when there are no longer legal grounds for their processing. Additionally, HSL will take all reasonable measures to ensure that any data that is inaccurate, incorrect, or outdated for the purposes of processing, are promptly deleted or corrected.
Customer data will be stored for the duration of the customer relationship. The customer relationship is considered to have ended if the customer has not used any services for three years. If the customer terminates the customer relationship, the data will be stored for one month, unless otherwise provided in this Section 8.
Order, delivery, purchase, and payment information will be stored for the period required by applicable legislation, i.e., as a rule, the storage period is in accordance with the Accounting Act (1336/1997). Customers’ receipts will be stored for 18 months from the purchase, after which they will be automatically deleted.
The HSL card number serves as the identifier for boarding data, which is stored for 60 days for ticket validation and other measures essential to the public transport system. During the storage period, individual HSL employees cannot view both the customer’s boarding data and customer data. After the storage period, the boarding data is pseudonymized by replacing the HSL card number with a random identifier and generalizing the data on age, customer group, and municipality of residence. Pseudonymized boarding data is needed for determining the municipal contributions for the joint local authority, as well as for transport planning and research.
The penalty fare data is stored in the data file for the period required by the Accounting Act (1336/1997) and the regulations and recommendations of the Association of Finnish Local and Regional Authorities, i.e., the current calendar year and the following six (6) calendar years. At the end of the storage period, the data is destroyed.
Requests relating to the exercise of the rights of data subjects will be kept for two years. If strong authentication is not completed or the request has not been completed, the pending request will be removed after 30 days.
Data on the recipients of school passes will be stored in the HSL Business Portal for a maximum of one (1) year.
More detailed information on the data processed in individual services and their storage periods is available in the service-specific privacy notices.
When required, personal data contained in the data file will be disclosed to external individuals or organizations as follows:
- To payment service partners to deliver the service
- For city bikes, to Metropolitan Area Transport and the cities of Espoo and Vantaa, which are joint controllers of the city bike register
- Personal data related to the Bike Parking service may be disclosed to the bicycle garage service provider to investigate any actions that violate the terms of use. This data may also be processed to revoke access rights at the request of the service provider.
- Information required for an authorization to act on another person’s behalf for the authorized party
- Feedback received by HSL will be forwarded to the parties responsible for making corrections related to the feedback. Depending on the feedback, such a party may be, for example, a contract operator, a service provider for city bikes, the service provider for the HSL app, some retail outlets, or a contract partner for lost property services.
- To authorities within the limits allowed and obligated by the current legislation
- For conducting surveys or studies on behalf of HSL
- To system suppliers and IT service providers used in the provision of services, who act on behalf of HSL
- To providers of technical services for communications and marketing services (such as email delivery services).
Personal data contained in the data file is not transferred to countries outside the European Union or the European Economic Area, except to a third country which the European Commission has deemed to provide an adequate level of data protection (so called adequacy decision) or, in the case of the United States, to a recipient certified under the EU–US Data Privacy Framework. HSL reserves the right to make other transfers in accordance with the requirements of the applicable data protection legislation, applying appropriate safeguards.
The information security of the HSL Customer Register and confidentiality of personal data will be ensured by appropriate technical and administrative measures in accordance with good data processing practice.
Databases and their backups are located on locked premises. The data in the register is protected against unauthorized viewing, modification and destruction. Security is based on physical access control, personal user IDs, and limiting access rights. The systems also collect log information about user actions.
HSL's system suppliers are required by contract to implement adequate safeguards to protect customers' personal data, as outlined in the information security and data protection requirements. HSL’s employees, contractors’ employees and system suppliers have undertaken to maintain complete professional secrecy and the confidentiality of the data they obtain in connection with the processing of personal data.
HSL regularly audits the functional capabilities of systems and performs data security risk assessments.
Data subjects have rights to their personal data, which are determined by the legal basis for processing the data. More information on data subjects’ rights and their implementation is available on our website.
The rights of the data subject are based on the EU General Data Protection Regulation (2016/679).
HSL may make amendments to this Privacy Statement by announcing the changes through application notifications, announcements published on websites, by e-mail or by notifications provided at service points or in connection with updates.
Service-specific privacy notices
Service-specific information supplementing the HSL Customer Register Privacy Statement.
Updated on 24 September 2025
Recording of customer calls
1 What data is processed and why?
The main purposes of the use of customers’ data are described in the HSL Customer Register Privacy Statement.
Your phone calls to our customer service will be automatically recorded. Your phone number is also automatically stored, unless it is ex-directory.
The recordings of customer calls are used for verifying service transactions, improving service quality, HSL’s internal training purposes, as well as for ensuring your and HSL’s legal protection.
To assess service quality, we send an SMS survey to some customers after their call. The phone number used for the survey is not stored or used for any other purpose.
Your data is processed on the basis of an agreement between you and HSL. Your use of HSL’s services constitutes your acceptance of this agreement.
Only designated individuals whose task is to maintain the system used to manage customer calls have access to the recordings of customer calls.
All your data is treated as confidential, and it is disclosed only to individuals who need it to perform their duties and who are bound by professional secrecy and confidentiality.
2. How long is my data stored?
The recordings are stored for six months, after which they are automatically destroyed.
Authentication
1. What data is processed in the service and why?
Our customer service may send the customer an SMS containing a link through which the customer’s strong authentication data (name and personal identity code) are transferred for use by customer service. Strong authentication is used in telephone service situations where verification of the customer’s identity is required.
When a customer acts on behalf of a dependent, the custodial relationship between the strongly authenticated customer and the dependent is verified. Similarly, when a customer acts on behalf of a person under guardianship, the guardianship relationship between the strongly authenticated customer and their ward is verified. The information is verified electronically from the Population Information System. The information can be viewed by the customer service advisor only for the duration of the service interaction. The verification enables service situations that require acting on behalf of another person.
2. How long is my data stored?
Data obtained through strong authentication is not stored. The data is destroyed automatically and can be viewed by the customer service advisor only temporarily and only during the relevant customer service situation.
Updated 8 December 2025
1 What data is processed in the service and why?
The purposes of the use of customer data are described in general in the HSL Customer Register Privacy Statement.
If you would like a response to your feedback, or if you are logged in with your HSL account when submitting feedback, we will process your name and contact details. If you are logged in when submitting your feedback, we will process: your name, email, phone number and HSL account. If you are not logged in and would like a response to your feedback, we will process: your name, email address and phone number, if provided. You can provide additional information in the free text field.
For corporate customers, we collect the following information: representative's details, company’s business ID, company name, bank account number, HSL card numbers, and customer number.
AI may be used to assist in analyzing the content and emotional tone of customers’ messages.
We use the text provided by customers in the open message field to generate AI‑assisted responses and to develop our AI. Other information included in customer feedback is not used for these purposes. In certain restricted feedback topics, AI generates responses independently. In other cases, the response is reviewed and sent by our customer service team.
For refund requests, you are also asked to provide, for example, your HSL card number, mobile ticket phone number, street address or PO Box, postcode, personal identity code, and bank account number.
Refund request forms can be submitted at service points, via HSL’s telephone customer service, or at hsl.fi.
When a refund is requested on behalf of another person using the "Unused value" refund request form, we ask for the date of birth of the person for whom the refund is being requested. The date of birth is used to ensure that the information matches the date of birth stored on the personal HSL card.
In case of a strike, a printable refund request form will be available online at hsl.fi. An HSL account verified through the suomi.fi service is required for refund requests submitted on HSL’s website.
In the event of a strike, refunds are granted for regular public transport journeys, such as those between home and work.
Your data is processed on the basis of an agreement between you and HSL. Your use of HSL’s services constitutes your acceptance of this agreement.
What data is stored:
• first name, last name, email address
• user ID
• address and home municipality
• HSL number or phone number
• zones and validity period of a season ticket
• home address and address of workplace or study place (strikes)
• bank account number (refunds paid to the bank account)
2 How long is my data stored?
Data included in feedback will be stored for three years. Personal data related to refunds will be stored for the current calendar year and the following six (6) calendar years.
Message details will be stored for 90 days for AI training purposes.
Authorizations and attachments will be retained for three months after the processing is completed.
3 Who processes the data?
The data is processed by individuals who have access to the data to perform their work tasks. HSL uses contract partners for data-processing tasks and may disclose personal data to these partners when necessary to perform the tasks. All individuals involved in processing personal data are bound by confidentiality and professional secrecy. Feedback is passed on as necessary; for instance, feedback regarding driver performance is forwarded to the bus operator.
4 How can I access my data?
For more information about the exercise of the rights of data subjects, see Privacy>Rights of data subjects.
Updated on 3 July 2024
1. What data is processed in the service and why?
In the Lost Property Service, your personal data is processed for the purpose of locating lost property and notifying you if the item is found. When using the Lost Property Service, you provide your name and contact details (first name, last name, address, postal code, city, phone number, and email address) so that the service can search for the lost item and inform you if it is found. The data is processed on the basis of an agreement between you and the service provider. The agreement is formed when you use the Lost Property Service.
2. How long is my data stored?
The data is stored until the lost item has been collected. If the lost item is not found, the data is stored for a maximum of one month from the date of the report.
3. Who processes my data?
The data is processed by individuals who require access to it in order to perform their work duties. HSL uses contractual partners to process the data, and only the data necessary for carrying out the relevant tasks is transferred to them.
Processors of personal data are bound by professional secrecy and confidentiality.
4. How can I access my data?
You can access the data stored in the service by logging in to the Lost Property Service.
Updated 22 January 2025
1 What data is processed in the service and why?
The purpose of processing personal data is to manage penalty fare notices, collect payments, and develop the controller’s operations.
Details regarding the ticket presented to a ticket inspector are used for the management of penalty fare appeals or potential annulments of penalty fares.
Under Section 8 of the Act on Penalty Fares in Public Transport (469/1979), a passenger who fails to produce an appropriate ticket must, at an inspector’s request, provide the following personal details to the inspector: their name, personal identity code, and address.
The data file contains the following personal data of the data subjects:
Customers who have been issued a penalty fare (excluding customers who pay by cash upon ticket inspection)
- The name, personal identity code and address of the person issued with the penalty fare
- Phone number or Travel Card number
- Date, time and route on which the penalty fare was issued
- Reason for the penalty fare
- Method of verifying the personal data (driver’s license, passport, etc.)
- First and last name and the number of the inspection pass of the ticket inspector who issued the penalty fare.
- Incident report (made in exceptional situations)
- Information about penalty fare payment (original date, cancelled/paid/unpaid)
- Description of the ticket inspection situation (e.g. what happened)
- Number of unpaid penalty fares
- Information about penalty fare enforcement (where necessary)
- Settlements received from enforcement (monetary payment/inability to collect payment), transfer notifications, and notifications of initiation (where necessary)
- Date of the District Court decision on the commencement of debt settlement (where necessary)
- Information about a criminal complaint (where necessary)
Customers who have submitted an appeal
- Information about a penalty fare appeal submitted and information about the decision concerning the appeal
- Power of attorney (where necessary)
- Appendices provided by the customer (where necessary)
- Bank account number (in case the appeal is approved and the payment is refunded)
- Information about a complaint lodged in the Administrative Court of Helsinki: (date of the request for information by the Administrative Court and date of the court ruling, repeal of the penalty fare/leaving it in force) (where necessary)
According to the HSL Public Transport Conditions of Carriage and Ticket Terms and Conditions, a holder of a personal season ticket must, at a ticket inspector’s request, show reliable proof of their identity. If the passenger does not have an identity document during a ticket inspection, they will be asked to enter their personal identity code, name and address on a personal data form to avoid ambiguity and protect the customer’s privacy. The ticket inspector will then check the personal data in the Population Information System.
The personal data forms are intended for HSL’s internal use and are not, in principle, given to passengers. If a penalty fare is issued, the data will be registered in the penalty fare system, and a photo of the form will be taken and stored digitally until the penalty fare process is completed. Upon arrival at HSL's premises, the ticket inspector will securely destroy the form. If a penalty fare is not issued, the data will not be registered anywhere; the ticket inspector will securely destroy the personal data form immediately upon arrival at HSL’s premises.
2 How long is my data stored?
The data shall be stored for the current calendar year and the following six (6) calendar years. The retention period is based on Chapter 2, Section 10(2) of the Accounting Act (1336/1997), as the data in question is included in the sub-ledger subject to the said Act and the storage period provided for therein. Therefore, the data may not be removed from the register before the expiry of the retention period.
3 Who processes the data?
The data is processed by persons who have access to the data to perform their work tasks. Processors of personal data are bound by professional secrecy and confidentiality.
4 How can I access my data?
For more information about the exercise of the rights of data subjects, see Privacy > Rights of data subjects.
Updated 21 February 2026
1. Collection of travel data in the HSL app
We collect travel data via the HSL app to develop public transport and the transport system comprising all modes of transport, as well as the related services within the 15 Helsinki region municipalities (Helsinki, Espoo, Vantaa, Kauniainen, Kirkkonummi, Siuntio, Vihti, Nurmijärvi, Kerava, Tuusula, Järvenpää, Hyvinkää, Mäntsälä, Sipoo and Pornainen). The purposes for processing travel data are described in more detail below in section 4 (“What are the purposes of processing travel data?”).
The collection and processing of travel data is based on your consent, which you can give and withdraw at any time in the HSL app settings under Travel data. When you give your consent to the collection of your travel data in the HSL app, the app will begin to track your activity and save data on your travel chains in the HSL data warehouse. We only save and use travel data for journeys made within the 15 municipalities in the Helsinki region listed above. Once you have enabled the collection of your travel data in the HSL app, we will collect your travel data regardless of whether you use public transport for your journey or not.
If you withdraw your consent to the collection of travel data, the collection will be terminated, and any data on your phone that has not yet been sent to HSL’s data warehouse will be deleted. Travel data stored in the HSL data warehouse will be stored until the end of the specified storage period (see section 5, “How long is my data stored?”, below).
Collection of travel data is completely voluntary. We will not ask for or attempt to identify you when collecting travel data; however, your travel data will be linked to your HSL account if you give separate consent for this (see section 3, “Linking travel data to your HSL account”, below).
2. What travel data do we collect and how?
We detect and save the following travel data:
- travel routes
- times of the different stages of your journey
- stops where you board or alight a public transport vehicle
- modes of transport used at different points of the journey, and
- any HSL Bluetooth beacons detected.
We interpret the data using location data from your smartphone or other smart device and data collected by motion sensors. In addition, we use data from Bluetooth beacons located on public transport vehicles and at stations and stops, as well as data on the locations of HSL’s public transport vehicles along their routes.
We store travel data as follows:
- We use random identifiers generated by smartphones or other devices and by the back-end systems as identifiers. We link data obtained from the same HSL app using these identifiers.
- When you travel on public transport vehicles or in their immediate vicinity, we save your route in detail. Otherwise, your data is recorded only at area level. The start and end times of a journey are rounded to the nearest 15 minutes, but the times of any detected changes in mode of transport during the journey are not rounded.
- We use the 250-meter grid of the Urban Structure Monitoring System (YKR grid) as the spatial division. If a journey starts or ends in a grid cell with only a small number of residents, the first or last cell of the travel chain is not saved, to ensure that journeys made by individuals living in individual grid cells do not stand out among other journeys.
- After the storage period referred to in section 5 below, we will merge the travel data into larger sets, for example, by deleting random identifiers, combining journey observations in the data set and averaging them, and using larger grid cells in sparsely populated areas. After the merging of data, we will delete the individual-level data for the month in question and store the merged data in the HSL data warehouse for long-term analysis.
- We do not intend to collect travel data of children under 15 years of age. Children under 15 are excluded from data collection based on the age provided by customers in the HSL app.
3. Linking travel data to your HSL account
Linking travel data to your HSL account requires your explicit consent, in addition to consent to the collection of travel data. You can give and withdraw your consent at any time by changing the settings in the HSL app under Travel data. We will not link travel data and data collected in surveys and questionnaires to your customer profile unless you have given your consent to link your travel data to your HSL account in the HSL app.
From the moment your travel data is linked to your HSL account, the travel data collected by the HSL app constitutes your personal travel data. This allows you to request access to your travel data and to have your data deleted from HSL’s data warehouse, which would otherwise not be possible.
When your travel data has been linked to your HSL account in the HSL app, you can use in-app services based on your travel data (such as route suggestions, service and stop recommendations and suggested connections). If you withdraw your consent to link your travel data to your HSL account, the link will be removed for all devices on which you are logged in to the same HSL account. If you give new consent, the linking of data will apply only to data collected after the consent has been given.
4. What are the purposes of processing travel data?
We use travel data, as well as data collected in connection with related surveys and studies, for the following purposes:
– Developing public transport and the transport system comprising all modes of travel, as well as related services
– Targeting invitations to surveys and studies and planning and anticipating the sending of invitations
- If both the app notification setting “Participation in the development of public transport: invitations to surveys and questionnaires” and consent to the collection of travel data are enabled in the HSL app, you may receive invitations to surveys and studies via app notifications or by email when you travel in locations that are relevant to a particular survey or study.
If you have given consent to link your travel data to your HSL account, we also use your travel data and other data relating to you (such as the results of surveys and studies, as well as customer data, including transaction, subscription and service data) for the following purposes:
- Developing, providing and delivering services based on the travel data you have enabled, such as offering a more personalized Journey Planner (e.g., route suggestions, service and stop recommendations and suggested connections)
- More targeted research and development of the transport systems and its services
5. How long is my data stored?
Travel data is stored in the HSL data warehouse for 28 calendar months. If you have given your explicit consent to link your travel data to your HSL account, you can withdraw your consent at any time, after which your travel and survey data can no longer be linked back to you. At the end of this period, the data for the earliest month stored in the data warehouse will be merged into a larger dataset.
Removing the app from your device will not remove the data stored in HSL’s background systems.
6. Who processes the data?
The data is processed by individuals who, due to their work tasks, require access to the data. HSL uses contractual partners for data-processing tasks, to whom data necessary for the performance of their tasks is disclosed. Processors of personal data are bound by professional secrecy and confidentiality.
Travel data collected via the app may, where necessary, be disclosed to service providers acting on behalf of HSL, such as IT companies involved in data processing. In individual cases, we may disclose data to municipalities in the Helsinki region and HSL area, national transport authorities, research institutes and universities, as well as to operators in the transport sector for the purposes of statistical, scientific or historic studies relating to traffic and residents’ travel habits in the Helsinki region, as well as for planning and studies carried out by authorities. In such cases, HSL enters into appropriate agreements with the recipient of the data to ensure compliance with data protection requirements and the appropriate processing of the data.
Updated 3 July 2024
1 What data is processed in the service and why?
The purposes of the use of customer data are described in general in the HSL Customer Register Privacy Statement.
The data is used to improve HSL’s services and to provide better customer service, for example, by guiding customers to the right product. Bots may be used to gauge awareness of a product or service in order to better design marketing. In addition, personal data is collected for the purposes of prize draws, prize delivery and targeted marketing.
If you provide your contact details to participate in a prize draw or competition, or if you indicate on the form that you wish to be contacted, your responses can be linked to you. Your personal data is processed based on your consent. If you give your consent to direct marketing via a bot, we may target advertising to you.
The data stored includes data collected via the bot such as
• First name, last name, email address, phone number
• Address
• Date of birth or age category (e.g. 31–40 years)
• Profile (e.g. how you perceive yourself as a public transport user)
• Opinions and data related to user experiences (e.g. experiences of using the website; on what topics would you have liked to have more information; or, e.g. “In my opinion, route number 500 would have been better for the light rail line”)
• Quiz answers (e.g. How many metro stations are there along the light rail line)
• Other open-ended responses and feedback
2 How long is my data stored?
All data collected via a bot will be stored for 13 months.
3 Who processes the data?
The data is processed by persons who have access to the data to perform their work tasks. HSL uses contract partners for data processing tasks, and can disclose personal data to them where necessary to perform the tasks. Processors of personal data are bound by professional secrecy and confidentiality.
General analyses of the responses may be made to create proposals of measures to improve services.
4 Rights of the data subject
Withdrawal of consent
You can withdraw any consent to receive marketing communications you have given when taking a quiz or in other similar situations directly on each marketing platform, for example, by blocking advertisements in Meta (Facebook, Instagram), or via the link at the bottom of the marketing email.
For more information about the exercise of the rights of data subjects, see Privacy>Rights of data subjects.
HSL card and HSL card service
Updated 3 July 2024
1 What data is processed in the services and why?
The purposes of the use of customer data are described in general in the HSL Customer Register Privacy Statement.
Customer data is collected on individual customers and corporate customers to manage customer relations and to perform the service.
The data includes:
- first name, last name and address (street address, postcode, town/city, home municipality) obtained from the population information system,
- customer’s other address information (street address, postcode, city/town, country),
- invoicing address (street address, postcode, city/town, country),
- phone number,
- email address,
- personal identity code,
- potential non-disclosure order, and
- customer group,
- language,
- consent to direct marketing,
- authorization information,
- “Entitled to a companion” data item,
- refund information, and
- date of death.
The name and address information is automatically updated with information obtained from the population information system of the Digital and Population Data Services Agency.
Personal identity code is used to verify the right to buy a personal HSL card, to store personal data on a multi-user HSL card, as well as to verify the customer’s identity.
In the case of corporate customers, the business ID serves as identifying information.
Basic HSL card data includes:
- HSL card number,
- card type (personal or multi-user),
- issue time of the card,
- HSL card pricing factors (customer group and home municipality),
- language,
- HSL card status information, e.g. card cancellation information or information about a lost and found card; and
- value and season ticket information.
HSL card transaction data includes:
- value and season ticket purchases,
- loading transactions, and
- value transactions.
HSL card activity data includes:
- validation data from onboard card readers (boarding data).
HSL card history data is collected in the backend system to safeguard your rights as well as for the purposes of reconciliation and reporting of sales data and for verifying the accuracy and integrity of transactions on the system level as well as for each individual HSL card. In addition, the data is needed to determine the municipal contributions of HSL’s member municipalities and for public transport planning.
The following data is processed in the HSL card service:
- Your HSL account which you use to log in to the service
- Your email address for the purposes of sending email reminders and receipts
- The card numbers of HSL cards that you have added in the service as well as their names
- In connection with strong authentication (optional), identifier retrieved from HSL’s ticketing and information system as well as the card numbers of personal HSL cards and their names
- Notification settings you have added in the services (season ticket and value reminder on / off)
- Value and season ticket purchases made via the service
- Information about email reminders that the service has sent you
The data is processed on the basis of an agreement between the customer and HSL. Your use of HSL’s services constitutes your acceptance of this agreement. HSL also processes the data to perform its basic tasks. Direct marketing is based on your consent.
2 How long is my data stored?
Customer data will be stored for the duration of the customer relationship and thereafter for as long as is necessary to fulfill the rights and obligations of the parties.
Service-specific data about your HSL card will be deleted when the HSL card service in its current form has terminated. HSL will notify customers of the change, of switching to an account-based ticketing system and of the deletion of the data in good time before the changes take effect.
The HSL card number will be stored in the boarding data for the time required to validate tickets and perform other functions essential to the public transport system. Boarding data will be stored in pseudonymized form without the card number for as long as is necessary for the purposes of public transport cost allocation between municipalities, transport planning and research.
Purchase, sales, order, invoicing and payment data necessary for the purposes of accounting will be stored for at most 10 years.
3 Who processes the data?
The data is processed by persons who have access to the data to perform their work tasks. HSL uses contract partners for data-processing tasks, and can disclose personal data to them where necessary to perform the tasks. The persons processing the data are bound by professional secrecy and confidentiality.
HSL can disclose customer data to authorities as permitted and required by legislation.
4 How can I access my data?
You can review your HSL card information by logging in to the HSL card service.
You can also use the My Travel Card app available for Android and Windows phones.
You can check the information of tickets on your HSL card as well as your value balance on a card reader, at a ticket machine or at HSL card sales and service points.
HSL card customer information and card information related to purchase and sales transactions are available as printouts from HSL service points. Please bring with you a valid ID document. You do not need to have your HSL card with you.
For more information about the exercise of the rights of data subjects, see Privacy>Rights of data subjects.
Corporate Customer Register Privacy Statement
Cookies
We use cookies and similar technologies in our services to ensure the proper functioning of the service and to improve the user experience. For example, cookies are used to maintain login information and language settings in our online services. Cookies do not harm your device and cannot spread viruses or malware.
You can manage your consent preferences using the button below.
Rights of the data subject
Updated 3 July 2024
The HSL Customer Register Privacy Statement and service-specific privacy notices describe what data is processed in different services and for what purposes as well as outline the data storage principles.
HSL’s customers have the right to know what personal data about them is collected.
You can view and update your service-specific data in the following HSL’s mobile and online services:
- HSL app (settings)
- fi (HSL account) (My information)
- City bike service (front page, HSL account users)
- HSL card service (HSL card information, hsl.fi/kortti) and My Travel Card app for Android and Windows devices
HSL card customer information and card information related to purchase and sales transactions are available as printouts from HSL service points by presenting a valid identification document. You do not need to have your HSL card with you.
You can read more about the data provided on request below in “Submitting a request to exercise data subject rights to us”.
You can submit a request for erasure of data at our service point. You need to present an identification document. The contact details of our customer service points are available on our website.
You can make a request to delete your personal data to us also by filling out and sending an electronic form.
If you do not have the opportunity to make a strong electronic authentication, you can direct the request to the address [email protected]
Please note that as long as you use our services, we cannot remove your data from our travel-related system. Our system obtains up-to-date home municipality and address information from the Digital and Population Data Services Agency. Address information is checked when a ticket is loaded so that we can sell you or a MaaS operator a discount-rate ticket, as residents of HSL member municipalities get tickets at a different price than non-residents. Residency is verified on the basis of home municipality and address information. However, if you are no longer using our services, we will remove your data as per your request.
We cannot remove your data from our Penalty Fare Register because the register is part of our accounting.
We will inform the recipients to whom personal data has been disclosed about any rectification, erasure or restriction of the processing of personal data, unless this proves to be impossible or involves a disproportionate effort.
You can edit your HSL account personal data by logging in to the service. In addition, you have the right to demand HSL to correct inaccurate and incorrect personal data about you without undue delay. You have the right to have incomplete personal data completed by providing a supplementary statement to HSL.
You have the right to restrict the processing of your personal data if you contest the accuracy of your personal data. In such cases, the processing shall be restricted for a period enabling us to verify the accuracy of the personal data. The restriction of the processing of personal data means, for example, restricting the personnel’s right to process your personal data. HSL has the right to store the data whose processing has been restricted by the customer.
You have the right to object to the processing of your personal data for direct marketing and related profiling.
In addition, you have the right, on grounds relating to your particular situation, to object to the processing of your personal data where the processing is based on the performance of a task carried out in the public interest or the exercise of official authority, as described in section 3 of this privacy statement. In such cases, we will comply with your objection unless we have compelling and legitimate grounds for the processing that override your interests, rights and freedoms, or unless the processing is necessary for the establishment, exercise or defense of legal claims.
Please contact our customer service if you wish to object to the processing of your personal data. Specify the subject of your request (i.e., which data processing you wish to object to) and, where the objection does not concern direct marketing, also state the grounds for your request.
To the extent that we process your personal data for automated decision-making in accordance with section 5 of this privacy statement, you have the right to request that your data be processed by a natural person acting on our behalf (one of our employees), as well as the right to express your point of view and to contest the decision.
Please contact our customer service to exercise this right.
You have the right to receive the personal data about you, which you have provided to us in a structured, commonly used and machine-readable format and to transmit this data to another data controller, where the processing is based on consent or an agreement and the data is stored electronically.
Where a personal data breach is likely to result in a high risk to the rights and freedoms of customers, we must notify customers of the data breach without undue delay.
The notification shall contain:
- A description of the data breach
- The name and contact details of HSL’s Data Protection Officer from whom more information can be obtained
- A description of the likely consequences to the customer
- A description of the measures we propose to take or have already taken to mitigate the possible adverse effects.
You have the right to file a complaint with a supervisory authority if you consider there has been a breach in the processing of your personal data.
Supervisory authority: Office of the Data Protection Ombudsman, switchboard: +358 29 566 6700, email: [email protected]
You can submit a request to review you data using this form or at our service point. If you use the online form, you must authenticate strongly. The person who authenticates must be the same person whose data you request to be reviewed. If you submit the request to review your data at our service point, you need to present an official identification document. The contact details of service points are available on our website at https://www.hsl.fi/en/customer-service.
If you do not have the opportunity to make a strong electronic authentication, you can direct the request to the address [email protected]
We will process your request as soon as possible and respond within 30 days of receiving the request. The time may be extended by a maximum of two months where necessary, taking into account the complexity and number of the requests. We will inform you of any delay in the delivery of the data and the reasons for it within one month of receiving the request.
The implementation of the access/erasure request must not have a detrimental effect on the rights and freedoms of other customers or data subjects. Consequently, we cannot, on a customer’s or data subject’s request, provide or erase data where we cannot fully ensure that the person who has provided the data and the person making the request are the same.
You have the right to obtain a copy of the personal data being processed free of charge. If you request more than one copy, we will charge a reasonable fee corresponding to the administrative costs of fulfilling the request. We can provide data from the following services:
- HSL card (personal travel cards)
- HSL app (buyers of mobile season tickets, purchases made through strong authentication)
- fi (HSL account) (strongly authenticated)
In addition, we can provide data subjects with data from the penalty fare register.
Requests relating to the exercise of the rights of data subjects shall be kept for two years. If strong authentication is not completed or the request has not been completed, the pending request will be removed after 30 days.
Questions and answers
Updated on 23 February 2026
We collect basic information about our customers including, for example, name and address, as well as information needed to provide and develop services.
The HSL Customer Register Privacy Statement and service-specific privacy notices describe what data is processed in different services.
We primarily collect information directly from customers when they register for or use a service. We also collet information from other sources such as the population information system of the Digital and Population Data Services Agency.
We collect personal data about our customers to provide our customers with transport services.
The storage period depends on the service used, and it is always based on the legal basis for processing.
Your personal data is processed by HSL’ employees whose duties involve processing of such data, as well as by service providers who provide services for HSL.
We will only disclose personal data to third parties when obliged by law or if explicit consent has been given to do so.
Personal data is protected by technical (e.g. storage in locked premises, use of firewalls) and organizational (e.g. restricted access and non-disclosure agreements) measures.
We will ensure that any data that is subject to a non-disclosure order obtained from the population information system is not disclosed or made available to any third party unless otherwise provided by law. The data may only be processed by designated persons whose duties directly involve processing of such data.
Our websites use cookies. Cookies are small text files, which are stored on a user’s computer. They enable the user to save their service login information, for example. The cookies enhance the user experience and help us to improve our services. You can change your browser settings to enable or disable cookies or block them altogether. However, disabling cookies may affect your ability to access and use certain features of the services.
We use the common target groups provided by advertisement media (such as news sites, social media and Google services) to target ads. The target groups are based on information provided by the users or on classifications made based on browser use. The information used include, for example, age, gender, areas of interest and location. In addition, we use cookies to target ads to web browsers used to visit our services.
On Meta's, TikTok's, Google's, Alma Media's and Sanoma’s ad networks, we use customized target groups created by identifying those customers who also use Meta's services or have a TikTok, Google, Alma or Sanoma Account. We do not receive any information on what identifiers are included in the final target group, and Meta, TikTok, Google, Alma Media and Sanoma, on the other hand, are not aware of the identity behind the identifier or why HSL wants to target advertising to them. Meta, TikTok, Google, Alma Media and Sanoma are committed to using the target group only for HSL’s marketing.
As to fan and community pages on Facebook and Instagram, Meta Platforms Ireland Limited and HSL are join controllers, where applicable.
HSL’s mobile services, such as the HSL app, are covered by HSL’s Customer Register Privacy Statement. In addition, a service-specific privacy notice applies to the processing of travel data. You can find both above.
HSL may send electronic direct marketing messages (e.g., by email, push notifications to mobile devices or SMS) in accordance with section 3 of the privacy statement.
You can opt out of electronic direct marketing at any time using the following channels:
- In the HSL app under “Communication settings: Notifications and email”: make sure that the following are disabled:
- Communication: Newsletter and Personal communications
- Benefits and offers: Notifications to mobile phone and Email
- In the HSL account settings at HSL.fi, under “Notifications and privacy”: make sure that the following are disabled:
- Notifications: Personal communications, Notifications to email
- Marketing and communications: Newsletter, Newsletter by email and Benefits and offers, Notifications to email
- By contacting our customer service
In addition, all email messages contain a link which you can use to opt out of similar electronic direct marketing messages in the future.
Despite your opt-out, you may still receive customer communications from us, such as communications related to the agreement that are necessary for the delivery of the service (for example, notifications about major service disruptions, order confirmations, and communications concerning changes to the terms of the agreement, terms of service and privacy statements).
Representatives of corporate and organizational customers may opt out of electronic direct marketing by using the link included in each email message or by contacting our corporate customer service.
We use your device location information if you are using HSL’s mobile services, have agreed to the use of location information and if you have enabled location services in your device settings.
Before the first ticket purchase, you log in using your strongly authenticated HSL account and give your authorization. If you do not have a strongly authenticated HSL account, you can create an account and/or perform strong authentication of your HSL account and then give your authorization. Your authorization allows the MaaS operator to buy personal HSL mobile tickets on your behalf.
The authorization is valid for 12 months from the latest ticket purchase requiring the operator to act on your behalf, unless you withdraw it. HSL will forward your authorization and the data required for purchasing tickets, in encrypted form, to the Maas operator authorized to act on your behalf. In addition to your authorization, your home municipality will be stored in HSL’s customer register for the purposes of public transport cost allocation between municipalities.
In order to authorize a MaaS operator to buy personal tickets on your behalf, you need to have a strongly authenticated HSL account. You can also set up the account when making the authorization. Ending the use of the MaaS service will not terminate your customer relationship with HSL. You can read more about the HSL account and terminating your account under the service-specific privacy notices (HSL account) at hsl.fi/privacy.
We use your phone number for the purposes of processing your order, delivering your ticket, checking the validity of your ticket and for solving any problems you may experience.
We collect and save
- travel routes,
- times of the different parts of your journey,
- modes of transport used on different parts of the journey, and
- any HSL Bluetooth beacons detected.
We interpret the information using the location data of your smartphone or smart device and the data collected by motion detectors. In addition, we use data from Bluetooth beacons located in public transport vehicles and at stations and stops, as well as information about the location of HSL’s public transport vehicles along their routes.
We store the travel data and data from surveys and questionnaires in the following way:
- For the time being, we only save and use travel data for journeys made within the 15 municipalities* of the Helsinki region.
- Once you have enabled the collection of your travel and location data on the HSL app, we will collect your travel data regardless of whether you use public transport for your journey or not.
- We use random identifiers generated by smartphones or devices and the back-end system as identifiers. We will link data obtained from the same HSL app using these identifiers.
- When you travel by public transport services or in their immediate vicinity, we save your route in detail. For the other parts of the journey, only information about the areas where you travel is saved. The start and end times of the journey are rounded to the nearest 15 minutes, but the times of any changes in the mode of transport observed during the journey are not rounded.
- We use the 250-meter YKR grid** to indicate the locations. If the journey starts or ends in a grid cell with only a small number of residents, the first or last cells of the travel chain are not saved to ensure that the journeys of individuals residing in the areas covered by individual cells would not stand out among other journeys.
- After the storage period, we will merge the travel data into larger sets, for example, by deleting the random identifiers, combining the journey observations in the data set and by averaging them, and by using larger grid cells in sparsely populated areas. After the merging of data, we will destroy the individual-level data for the month in question and store the merged data in the HSL data warehouse for long-term reviews and studies.
- We do not intend to collect travel data of children aged under 15. Children aged under 15 are excluded from the data collection based on the age customers have provided on the HSL app.
*Helsinki, Espoo, Vantaa, Kauniainen, Kirkkonummi, Siuntio, Vihti, Nurmijärvi, Kerava, Tuusula, Järvenpää, Hyvinkää, Mäntsälä, Sipoo and Pornainen.
**YKR = Yhdyskuntarakenteen seurantajärjestelmä (Monitoring System of Spatial Structure and Urban Form; the website is in Finnish)
We may change our privacy policy information if need be. We will inform our customers of any changes on our website.
We process personal data in compliance with the EU's General Data Protection Regulation (2016/679), national legislation on personal data protection and other applicable special provisions and applicable general legislation such as the Local Government Act, Administrative Procedure Act and Act on the Openness of Government Activities.
You can contact HSL customer service on +358 9 4766 4000 (Mon-Fri 8.30am-6pm, Sat 9.30am-5pm, Sun closed).
In addition, HSL has a Data Protection Officer whom you can contact at [email protected].
Need more information?
You can contact HSL customer service.
In addition, HSL has a Data Protection Officer whom you can contact at [email protected].