Privacy policy

Registry and Privacy Policy 

This is the register and privacy policy of Vuohimäki Camping, in accordance with the Finnish Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR).

Prepared on August 5, 2023

Savon Camping Oy, Business ID: 3347916-9 Ajopolku 2b A, 00800 Helsinki

Pete Willman pete@vuohimakicamping.fi Phone: 044 025 0200

Vuohimäki Camping customer register

Legal Basis and Purpose of Processing Personal Data

The legal basis for processing personal data under the EU General Data Protection Regulation is:

• Maintenance of customer relationships between the customer and Vuohimäki Camping
• Contracts between the data controller and customers
• Law on Accommodation and Restaurant Services 308/2006 - Processing of customer-made accommodation reservations
• Sales and execution of services
• Processing of personal data related to payment, invoicing, monitoring of payments, and debt collection
• Development of the data controller's customer service and business

The purpose of processing personal data is to communicate with customers, maintain order and safety, prevent and investigate crimes, and compile statistics. Information may be disclosed to authorities based on their legal requests.

Content of the Register

The information stored in the register includes: the person's name, contact information (phone number, email address, address), date of birth, nationality, information about ordered services and changes to them, billing information, and other information related to the customer relationship and ordered services. Information provided during accommodation is stored for one year.

Regular Data Sources

The information to be stored in the register is obtained from the customer through, among other things, messages sent via online forms, email, phone calls, social media services, contracts, customer meetings, and other situations where the customer provides their information.

Regular Disclosures of Data and Transfers of Data Outside the EU or EEA

Data is not disclosed outside the EU or EEA.

Principles of Register Protection

Care is taken in the processing of the register, and information processed by data systems is appropriately protected. When register information is stored on Internet servers, the physical and digital security of the hardware is properly ensured. The data controller ensures that stored information and the access rights to servers and other information critical to the security of personal data are treated confidentially and only by those employees whose job description includes it.

Right of Inspection and Right to Request Correction of Data

Each person in the register has the right to check their information stored in the register and to request the correction of any incorrect information or the completion of any incomplete information. If a person wants to check the information stored about them or request corrections, the request must be sent in writing to the data controller. The data controller may, if necessary, ask the requester to prove their identity. The data controller will respond to the customer within the time frame specified in the EU General Data Protection Regulation (usually within one month).

Other Rights Related to the Processing of Personal Data

A person in the register has the right to request the deletion of their personal data from the register ("right to be forgotten"). Similarly, data subjects have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests should be sent to the data controller. The data controller may, if necessary, ask the requester to prove their identity. The data controller will respond to the customer within the time frame specified in the EU General Data Protection Regulation (usually within one month