-
Essential:
Essential cookies are essential for you to browse the website and use its features. Cookies that allow web shops to hold your items in your cart while you are shopping online and navigating the website are an example of strictly necessary cookies. Our website does not work without these cookies, so they are stored without your express consent.
-
Preferences cookies:
Preferences cookies can be used to change the user experience of our website. Preferences cookies allow a website to remember choices you have made in the past.
-
Statistics cookies:
Statistics cookies are used to collect information about how you use our website. None of this information can be used to identify you.
-
Marketing cookies:
Marketing cookies track your online activity. The purpose of marketing cookies is to help advertisers deliver more relevant advertising or to limit how many times you see an ad.
Tietosuojaseloste
Privacy Policy
Gasthaus Joutseno Privacy Statement
Updated: April 10, 2024
1. Data Controller
Lepojoutsen Oy
Munkkentie 2 B, 21620 Kuusisto
Business ID: 0696126-7
Phone: +358 41 506 9584
2. Person Responsible for Registry Matters
Name: Henri Pakarinen
Postal Address: Luodontie 501 a 3, 21500 Piikkiö
Email: henri.pakarinen@gmail.com
3. Name of the Register
Gasthaus Joutseno Customer Register
4. Purpose of Processing Personal Data
The legal basis for processing personal data under the EU General Data Protection Regulation (GDPR) includes:
-
Legal obligation
-
Contract
The purpose of processing personal data is to manage customer relationships, fulfill the rights and obligations of the customer and the data controller, and process personal data as required by law for online services. We process personal data for order handling based on a contract (the order).
5. Data Content of the Register
For order processing, we process the following personal data based on the contract:
-
Name
-
Email address
-
Date of birth
-
City
-
Country
-
Travel and/or other phone number
-
Organization
-
Organization address
-
Customer and order history
-
Communication log
Personal data is retained at least for the duration of the customer relationship. Longer retention complies with legal obligations. The data controller is required to retain accounting records for 10 years as specified in the Finnish Accounting Act (Chapter 2, Section 10).
6. Rights of the Data Subject
The data subject has the following rights. Requests to exercise these rights must be submitted in writing to the contact details listed in this privacy policy.
Contact:
Henri Pakarinen
henri.pakarinen@gmail.com
6.1 Right to Access
The data subject has the right to inspect the personal data we have stored about them.
6.2 Right to Rectification
The data subject may request the correction of inaccurate or incomplete data.
6.3 Right to Object
The data subject can object to the processing of personal data if they believe it has been processed unlawfully.
6.4 Right to Erasure
The data subject has the right to request deletion of their data if it is no longer necessary. We will review the request and either delete the data or provide a justified reason for not doing so.
Note: The data controller may have a legal or other right to retain certain data. For example, accounting records must be stored for 10 years as mandated by law.
6.5 Withdrawal of Consent
If data processing is based solely on consent and not on a customer relationship or membership, the data subject may withdraw consent.
6.6 Right to Restrict Processing
The data subject can request to restrict processing of disputed data until the issue is resolved.
6.7 Right to Lodge a Complaint
The data subject may lodge a complaint with the Data Protection Ombudsman if they believe we have violated current data protection legislation.
More info: www.tietosuoja.fi
7. Regular Sources of Data
Customer information is collected from:
-
The user directly via web forms
-
Use of the provided services
The website includes third-party (partner) cookies for analytics and tracking. These third parties may place cookies on your device when visiting the site. The cookies primarily collect technical, marketing, and analytics data. A separate notice regarding cookies is available for the user to accept.
8. Regular Disclosures of Data
Primarily, personal data is processed only by employees of our company. Data is not used for marketing unless the customer has explicitly consented. Data may be disclosed to authorities if required by law, and customers will be informed if allowed by law.
9. Transfer of Data Outside the EU or EEA
Personal data is not regularly transferred outside the EU or European Economic Area.
10. Data Storage
Personal data is stored only in Gasthaus Joutseno’s online store system.
11. Duration of Processing
Personal data is stored only as long as necessary for its purpose or as required by contract or law. (E.g., accounting records must be kept for 10 years under Chapter 2, Section 10 of the Finnish Accounting Act.) Unnecessary data will be deleted.
12. Register Protection
Personal data is kept confidential. The networks and systems used by the controller and any IT partners are protected by firewalls, personal user IDs and passwords, and other generally accepted technical safeguards. Only personnel whose duties require access may view the data. No physical copies of the register are made. If a data breach occurs, the data controller will inform all affected parties and the Data Protection Authority in accordance with GDPR. We may outsource processing to third parties, in which case we ensure through agreements that data is processed lawfully.
13. Changes to the Privacy Policy
The most recent change date is always indicated. We reserve the right to make changes to this policy at any time without prior notice, including changes required by law. It is the responsibility of the data subject to review the current version of the Privacy Policy.
14. Automated Decision-Making
Data is not used for automated decision-making or profiling.
