Register and Privacy Policy
This is the Privacy Policy of Vuolenkosken Lossiranta Oy, which has been prepared in accordance with the Personal Data Act (10§ and 24§) and the EU General Data Protection Regulation (GDPR). Prepared on 30.8.2022.
1. Keeper of the register
Vuolenkosken Lossiranta Oy, Y-3308169-5
Vuolenkoskentie 1501 A, 19160 Huutotöyry
+358 44 7126557
2. Contact
Mirka Lehtinen
mirka@lossirannankartano.fi
3. Name of the register
Vuolenkosken Lossiranta's customer register.
4. Purpose of processing personal data
The legal basis for processing personal data under the EU General Data Protection Regulation is the customer relationship. Vuolenkosken Lossiranta Oy collects data in the register that is necessary to manage and maintain the customer relationship. This includes, for example, contacting the customer, invoicing and marketing.
5. Data content of the register
The data to be recorded in the register are:
Information about private customers and potential customers, for example: name, phone number, postal address, email address.
Information about business customers and partners, for example: company name, business ID, delivery address, billing address, payment term, contact person, phone number, email
Information on services ordered and changes to them
Billing information
Other information relating to the customer relationship and the services ordered, discounts, deliveries, invoicing, complaints, other commercial information and other information essential to the customer relationship and to guaranteeing the service.
Vuolenkosken Lossiranta Oy only processes data that the customer has provided or for which the customer has given consent.
6. Regular sources of information
The information stored in the register is obtained from the customer through, for example, messages sent via the website form, email, telephone, social media services, contracts, customer meetings and other situations where the customer discloses their information.
7. Use of cookies
We may collect behavioural information on lossirannankartano.fi website using cookies and other similar technologies. A cookie is a small file that is stored on your terminal device and contains an anonymous, numeric identifier that allows us to identify and count the number of different browsers visiting our site. Cookies and similar technologies do not harm your terminal or your files. They cannot be used to spread viruses, nor do they allow us to examine the data on your hard drive.
Our website uses cookies to function and to analyse visitor traffic. You can allow or deny the use of cookies when you visit the site.
8. Regular disclosures and transfers of data outside the EU or EEA
Data is regularly transferred outside the EU or the European Economic Area. When data is transferred outside the EU and EEA, we ensure an adequate level of protection of personal data by agreeing on confidentiality and processing issues as required by law. We have also ensured this for our partners.
9. Principles of register protection
The register is processed with due care and the data processed by the information systems are adequately protected. Where the data are stored on Internet servers, the physical and digital security of the hardware is adequately ensured. The controller shall ensure that stored data, as well as access rights to servers and other information critical to the security of personal data, are treated confidentially and only by employees whose job description includes this.
10. Right of inspection
Every person in the register has the right to check the information stored in the register and to request that any inaccurate or incomplete information be corrected or completed. If a person wishes to check or request a correction of the data stored about him or her, the request must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity. Requests should be addressed to the contact person indicated in section 2.
11. Other rights relating to the processing of personal data
A person in the register has the right to request the erasure of personal data concerning him or her from the register ("right to be forgotten"). The data subject also has other rights under the EU General Data Protection Regulation, such as the restriction of the processing of personal data in certain circumstances. Requests should be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity.
The personal data recorded in the register are regularly reviewed and deleted when there is no legal basis for their retention. Data subjects have the right to object to the use of their data for direct marketing purposes even afterwards, even if they have previously given their consent.