Privacy Policy
This privacy policy provides information solely about the Suomen Latu Kiilopää (Suomen Latu ry) website and the NetReservations hotel booking system. We may occasionally modify our privacy practices and this privacy policy. We therefore recommend that you review our privacy practices regularly.
- Data Controller
- Suomen Latu Kiilopää / Suomen Latu ry
- Kiilopääntie 620, 99830 Saariselkä
- kiilopaa@suomenlatu.fi
- +358 16 6700 700
- Business ID: 0202192-1
- Data Protection Officer and/or Contact Person
- Tiia Mustonen
- Suomen Latu Kiilopää / Suomen Latu ry
- Kiilopääntie 620, 99830 Saariselkä
- kiilopaa@suomenlatu.fi
- +358 16 6700 700
- Name of the Register
Customer register of Suomen Latu Kiilopää (Suomen Latu ry) website, online hotel booking store Hotellinx and CRM/newsletter system CRM-service.
- Legal Basis and Purpose of Personal Data Processing / Purpose of the Register
The legal basis for processing personal data in accordance with the EU General Data Protection Regulation is the agreement created when a customer orders products and/or services from the Suomen Latu Kiilopää online store. The purpose of the register is to enable online transactions through the Suomen Latu Kiilopää online store, such as the transmission of order information, billing information, payment confirmation information, or processing information between 1 Suomen Latu Kiilopää and the customer. In addition, the register is collected to enable customer service contacts, maintain customer relationships, and 2 for electronic marketing communications when the customer has given their consent. Suomen Latu Kiilopää does not store orders or related information for products from other merchants in its customer register in any way. Data is not used for automated decision-making. Data can be used for profiling.
5. Contents of the Register
- First name and last name
- Address
- Postal code
- Country
- Phone number
- Email address
- Birthday or Personal identity number (for private billing customers)
- Accommodation details; date(s), accommodation type(s), number of occupants, total price of stay
- Order source page Data collected by Google Analytics
For companies, the following is additionally registered:
- Company name
- Business ID
- E-invoice address
- Intermediary ID
- Reference Mark
In addition, the customer has the opportunity to provide other relevant information in the process additional information field.
Data Retention Period
Data is stored as long as there is a valid agreement and/or consent between the user and Suomen Latu Kiilopää. Data may be stored for a longer period to the extent necessary to fulfill the obligations imposed by applicable legislation, such as accounting and consumer protection liabilities, and to demonstrate their proper fulfillment.
6. Regular Sources of Data
Data is collected through electronic forms on the Hotellinx NetReservations service and on the website maintained by Digitoimisto Dude Oy including newsletter order form provided by CRM-service oy. Customers enter the information personally when ordering from the Suomen Latu Kiilopää Hotellinx NetReservations online store.
7. Regular Disclosure of Data and Transfer of Data Outside the EU or the European Economic Area
Data is not disclosed separately and remains solely with the data controller. Data may be technically processed outside the EU or the European Economic Area.
8. Principles of Register Protection
Due care is exercised in the processing of the register, and data processed using information systems is protected appropriately. When register data is stored on Internet servers, the physical and digital security of the equipment is ensured appropriately. The data controller ensures that stored data, as well as server access rights and other information critical to the security of personal data, are treated confidentially and only by those employees whose job duties include it.
Electronically Stored Data
Parts of the register are located on the Hotellinx NetReservations service and on our website. The data processors are Vitec Hotellinx Oy, CRM-service oy, and Digitoimisto Dude oy. Only the data controller and the technical maintenance personnel of the processors have access to complete register data.
Manual Data
As a general rule, we avoid printing data from the register as manual material. If, in some situations, manual material is printed from the register, the material is stored in a locked location and only the data controller has access to the material.
9. Right of Inspection and Implementation of the Right of Inspection
Every person in the register has the right to inspect the data stored in the register, and to correct any incorrect or incomplete data.
10. Other Rights Related to the Processing of Personal Data
A person in the register has the right to request that personal data concerning them be erased from the register (“right to be forgotten”). Data subjects also have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. It should be noted, however, that the data stored in Suomen Latu Kiilopää’s customer register is always generated when the customer purchases products and/or services. In such cases, Suomen Latu ry is also bound by the obligations imposed by accounting and tax legislation regarding the retention of data. Requests must be sent in writing to the data controller. The data controller may, if necessary, ask the person requesting to prove their identity. The data controller shall respond to the customer within the time specified in the EU Data Protection Regulation (usually within one month).
11. Cookies
This site uses cookies. The site sends a small file to the browser, which is stored on the computer’s hard drive. Both (temporary) session cookies, which close when you close your web browser, and persistent cookies, which are stored on your computer’s hard drive, are used. The purpose of the cookie is to improve the user experience on the site. If you are a registered user, the cookie also manages login and access to pages that are intended only for registered users. Cookies can be used to track and analyze user interests and thus affect the usability of the service. Internet browsers generally accept cookies automatically. If necessary, the use of cookies can be disabled in the browser settings, in which case some of the functionality will be lost. Advertising cookies can be used to help optimize the advertising experience for the service user. Some third-party vendors, including Google, may also use cookies or web beacons (1-pixel image file) to improve the advertising experience. The data collected through cookies and web beacons does not contain the user’s personal data. Online activities cannot be linked to a specific person using it.
Created: 3.12.2024