-
Essential:
Essential cookies are essential for you to browse the website and use its features. Cookies that allow web shops to hold your items in your cart while you are shopping online and navigating the website are an example of strictly necessary cookies. Our website does not work without these cookies, so they are stored without your express consent.
-
Preferences cookies:
Preferences cookies can be used to change the user experience of our website. Preferences cookies allow a website to remember choices you have made in the past.
-
Statistics cookies:
Statistics cookies are used to collect information about how you use our website. None of this information can be used to identify you.
-
Marketing cookies:
Marketing cookies track your online activity. The purpose of marketing cookies is to help advertisers deliver more relevant advertising or to limit how many times you see an ad.
Privacy Policy
Hotel Restaurant Wirsuvaara Privacy Policy
Updated 9.10.2023
1. Data Controller
Wise Choice Oy/Hotel Restaurant Wirsuvaara
Rekijoentie 8, 82730 Tuupovaara
Business ID: 3337735-7
Tel: 040 1317 047
info.wirsuvaara@gmail.com
2. Person responsible for registration matters
Name: Tiina Savinainen, entrepreneur
Postal address: Rekijoentie 8, 82730 Tuupovaara
Email: info.wirsuvaara@gmail.com
3. Name of the register
Hotel Restaurant Wirsuvaara customer register
4. Purpose of processing personal data
We process our customers' personal data to manage customer relationships and reservations. To implement payments for room reservations, payment monitoring and collection.
The legal basis for processing personal data according to the EU General Data Protection Regulation is the person's consent. In order to make a reservation, the customer must provide the controller with at least one valid contact information (email address, telephone number).
The purpose of processing personal data is to manage the customer relationship, implement the rights and obligations of the customer and the controller, and process personal data for purposes related to online services in accordance with the Personal Data Act. We process personal data when processing room reservations based on an agreement.
5. Data content of the register
The following information is collected and stored about customers:
Customer information: the person's name, contact information (e.g. telephone number, email address, address), other possible information that is essential for the customer relationship.
Customer feedback information: customer satisfaction information, comments on the controller's services and other information received with the customer's consent (anonymously).
Booking information: the customer's previous and future reservations, the number of adults and children who have stayed with the customer, information on ordered services and their changes, other information related to the customer relationship and ordered services.
Payment information: the customer's payment method and payment behavior information (including payment delay information) and
Customer information is stored for at least one year as required by law, after which paper passenger declarations are destroyed as data protection waste. The customer has the option to prohibit the storage of their data in the customer register after the accommodation service has been provided.
Personal data is stored for at least the duration of the customer relationship, and any longer storage is subject to statutory obligations. The controller is obliged to store accounting data for the period specified in the Accounting Act (Chapter 2, Section 10) (10 years).
6. Rights of the data subject
The data subject has the following rights, requests for which must be made in writing to the contact details provided in the privacy policy.
Ravintola Wirsuvaara's customer register:
Tiina Savinainen
info.wirsuvaara@gmail.com
6.1 Right of inspection
The data subject can check the personal data we have stored
6.2 Right to rectification
The data subject can request that incorrect or incomplete information about him/her be corrected.
6.3 Right to object
The data subject may object to the processing of personal data if they feel that their personal data has been processed unlawfully.
6.4 Right to erasure
The data subject has the right to request that the data be erased if the processing of the data is not necessary. We will process the erasure request, after which we will either erase the data or provide a justified reason why the data cannot be erased.
It should be noted that the controller may have a statutory or other right not to erase the requested information. The controller is obliged to retain accounting records for the period specified in the Accounting Act (Chapter 2, Section 10) (10 years). Therefore, accounting-related material cannot be deleted before the deadline has expired.
6.5 Withdrawal of consent
If the processing of personal data concerning the data subject is based solely on consent, and not, for example, on customer status or membership, the data subject may withdraw consent.
6.6 Restriction of processing
The data subject has the right to demand that we restrict the processing of disputed data until the matter is resolved.
6.7 Right to appeal
The data subject has the right to file a complaint with the Data Protection Ombudsman if he or she feels that we are violating the applicable data protection legislation when processing personal data. Contact information for the Data Protection Ombudsman: www.tietosuoja.fi/fi/index/yhteystiedot.html
7. Regular sources of information
Customer information is obtained regularly:
From the user himself/herself via form data in the online service, by telephone or email. The website contains cookies from third parties (partnerships) that are on the website for measurement and tracking services. Third parties may set cookies on your terminal device when you visit the website. Cookies mainly collect technical, marketing and analytical information. There is a separate statement on the use of cookies on the website, which the user can accept.
8. Regular data transfers
As a rule, your Personal Data is processed by our company's personnel in their work. The data is not used for marketing purposes without the customer's separate consent. The data is transferred to the authorities if required by law and regulations, and we inform the customer of this if this is permitted by law.
9. Transfer of data outside the EU or the European Economic Area
The data is not regularly transferred to other parties, except for the statutory transfer of accommodation cards to the authorities. The data may be published to the extent agreed with the customer. Personal data is not regularly transferred outside the EU or the European Economic Area.
10. Storage of personal data
Personal data is stored only in the online store system and accommodation cards are stored in a locked cabinet.
11. Duration of processing
Personal data is stored only for the time necessary for its intended use, or as required by contract or law (the controller is obliged to store accounting materials for the period specified in Chapter 2, Section 10 of the Accounting Act, 10 years). Unnecessary information is deleted from the registers.
12. Register protection
Personal data is kept confidential. The information network and equipment of the controller and its potential IT partners on which the register is located are protected by a firewall, personal user names and passwords, and generally accepted technical means. Only those whose work requires access to the data in the register have access to the data in the register. No physical copies are made of the register. The controller immediately informs all parties concerned and the data protection authority of any potential data breach in accordance with the General Data Protection Regulation. We may also partially outsource the processing of personal data to a third party, in which case we guarantee through contractual arrangements that the personal data will be processed in accordance with the applicable data protection legislation and otherwise appropriately.
13. Changes to the Data Protection Statement
The date of the last change to the Data Protection Statement is always stated. We reserve the right to make changes to this Data Protection Statement, including changes due to changes in legislation, at any time without prior notice. The data subject is responsible for ensuring that he or she is familiar with the Data Protection Statement that is currently in force.
14. Automated decision-making
The data will not be used for automated decision-making or profiling.