Business Identity Code: 1040890-7
Unfortunately our accommodation and tours are not suitable for persons with disabilities!
New Package Travel Act!
We advice you to book the tours via travel agencies. Ask for the recommended travel agency. If you want to book your tour directly from us, please send your information by email. You’ll get the invoice after your tour. We do not require any prepayments. In transaction with travel agencys we can send the invoice 21 days before the tour.
|1. Collector||Äksyt Ämmät Ltd. – Activity Adventures in Finland
Viemenentie 38, 75500 Nurmes
Business ID: FI10408907
|2. Contact person||Ms. Minna Murtonen
Mobile +358 400 877 085
|3. Data Protection Officer (DPO)||_|
|4. Data content of register||The reason for collecting personal information is to determine and allocate the quantity and quality of meals, rooms, staff, transfers, equipment etc. so that we can provide you with the quality performance of the experience booked.
We only collect information that is voluntarily provided to us at:
· booking a room or a holiday
· at the guesthouse
Upon booking we collect the following personal information directly from the customer
· name of the booker
· phone number and/or email address
Upon checking in we ask you to fill in Passenger Card. All accommodation services are required to collect passenger card information from all accommodation passengers. Accommodation service provider is designated information holder of this information in order to comply with Finnish law (see details below).
Upon payment: the accommodation may be paid with cash or by card via iZettle. No record of card details is kept by us.
Outdoors excursions, courses and tours
To provide quality customer service and operate our excuriosions smoothly and safely we request the following information:
· Shoe size
· Mobile number (not necessary)
· Date of Birth (not necessary)
The guest may or may not provide the following information
· health/dietary requirements
These are the pieces of information the travel agents collect directly from customers and forward to us. We will in turn forward some of this information to our network of service providers. You consent to this information transfer upon purchasing the service.
We cannot be held responsible for any information that third parties, for example reservation websites or travel agents, collect and use regarding your reservation. We are responsible of only the information provided directly to us.
Name lists of customers are being stored until the end of each fiscal year (ending of 30th of April) after which they are deleted from computer. Physical name/room arrangement/dietary lists are burned in the oven soon after the excursion is over.
Passenger Card (applies to international guests only)
Collecting passenger card information is based on Finnish law 28.4.2006/308 ”Law regarding accommodation and restaurant services”.
Passenger cards are collected and handled for general safety as well as to collect data for Finnish tourism statistics. Accommodation providers may use the collected information for direct marketing when opted-in by the customer.
Accommodation provider is obliged that all accommodation customers fill passenger card accurately. Group reservation can be handled as one passenger notice. Passenger card must state company details, contacts and address. Passenger card must contain following information:
· Full name of the passenger as well as a personal identification number or date of birth
· Full names of all other passenger travelling with the primary traveller and their personal identification number or dates of birth
· Permanent address
· Country of entry to Finland
· Check-In and Check-Out date
· Passenger may also state the reason for journey (business/leisure/conference/other).
Physical copies of passenger cards are being handed over to the Finnish Authorities for further processing and no copies are being stored by us.
We send newsletters to our business partners twice a year with the help of MailChimp (compliant to Privacy Shield). A newsletter may be send via email to a private person if the person subscribes to our mailing list. The Email Service Provider (Mailchimp) provides clear procedures for unsubscribing from the list for those who do not wish to receive our newsletter.
An email newsletter is send to private persons who have requested to be added to our newsletter list and can unsubscribe at any time by following the Unsubscribe link. Once you subscribe, we will keep you on our email newsletter list until you request to unsubscribe.
We will never forward, rent or sell customer information for third parties.
Names and contact details are only forwarded if you ask us to book or use third party services for you.
Passenger card information is forwarded to police at the end of the year and no copies of them is stored at Äksyt Ämmät.
|5. Source of information||Directly from the client, our partners or from an International Travel Agent.
|6. Regular disclosures of information and recipient categories||Data may be disclosed to Äksyt Ämmät Ltd’s co-operation partners for for the purpose of arranging room, transfers and food during the holiday. This data is in printed form and shall be disposed after the group has stayed overnight.
All accommodation services are required to collect passenger card information from accommodation passengers. Accommodation service provider is designated information holder of this information in order to comply with Finnish law.
Äksyt Ämmät Ltd may use the collected information for direct marketing if the client consents to this by ticking the box in the passenger card or by signing up the Newsletter subscription list at the website.
|7. Transfer of data outside of the EU or EEA
|Personal data may be transferred outside of the European Union or the European Economic Area as we use the services of Google, Microsoft, Mailchimp and WordPress in accordance with the data protection legislation and within the boundaries imposed by same. If the transfer
does constitute a transfer to the United States in accordance with the Privacy Shield system, the transfer shall occur by means of employing the standard clauses approved by the European Commission.
|8. Personal data retention period||We shall erase data concerning a person from the register latest if there have been no active measures in relation to a client for a period of [one] year and the person is not related to any pending matter.
Information concerning practical arrangements provided for the purposes of holiday arrangements (such as food/accommodation, etc. details) shall be erased once there is no longer any need to process the event information.
The erasing shall take place by means of deleting the information in its entirety, by rendering the data passive so that the data are no longer processed and access to the data is restricted, by means of encrypting or overwriting.
|9. Profiling||Profiling of any sort is not conducted.
|10. Data subject’s rights||Data subject’s right to object to the processing of personal data
The data subject shall have the right, in connection with their personal specific circumstances, to object to profiling pertaining to themselves and to other processing measures directed by the data controller at the data subject’s personal data to the extent the data processing is based upon the data processor’s legitimate interests.
Data subject’s right to obtain access to the information (Right of Access)
Data subject’s right to require the rectification or erasure of data or restriction of processing
The data subject shall, without any undue delay, after becoming aware of the error, or, having detected the error themselves, rectify, erase or supplement any piece of information found in the register being contrary to the purpose of the register, erroneous, un-necessary, deficient or outdated
The data subject shall also have the right to require the data controller to restrict the processing of their personal data
Data subject’s right to object to direct marketing
The Data Subject may issue the Data Controller consents or prohibitions pertaining to direct marketing on a channel-specific basis, including profiling taking place for direct marketing purposes.
Data subject’s right to lodge a complaint with the supervisory authority
The data subject shall have the right to lodge a complaint with the competent supervisory authority, if the data controller has not complied with the applicable data protection regulation in its operations.
|11. Principles for protecting the register||Personnel access to the electronic data content of the register has been protected with personal user IDs and passwords. Utilisation of some of the data content of the register has been restricted to a limited group of users. The environment has been protected with appropriate firewalls and other technical safeguards.
Any material to be retained on paper is stored in locked facilities equipped with access control. The data controller’s personnel have undertaken confidentiality obligations.
|12. Contacts||In all questions concerning the processing of personal data and situations related to the exercise of the data subject’s rights, the data subject should contact the data controller. The data subject may exercise their rights by contacting email@example.com .