PRIVACY STATEMENT

PRIVACY STATEMENT REGARDING THE PASSENGER REGISTER

In accordance with Sections 10 and 24 of the Personal Information Act and Section 7 of the Act on Accommodation and Catering.

Date of preparation: 20 April 2023

1. Registrar

Uhanda Oy – group
Satakunnkatu 7, 33100 Tampere
+358 10 2007 300

2. Register name

Passenger register

3. Purpose of personal data processing

This is a passenger register referred to in the Act on Accommodation and Catering Activities (308/2006) (“MaRaL”), in which passenger personal data stored is processed for the purpose of making a passenger report in accordance with Section 6 of the MaRaL, maintaining public order and safety, and preventing and investigating crimes, as well as compiling statistics.

MaRaL obliges the Uhanda Oy group to identify its customers and store the data of the guests for 1 year. The hotel’s doors are opened with door codes, which require the e-mail addresses and phone numbers of the guests to be delivered.

In addition, the customer’s personal data can be processed for the customer service and direct marketing purposes of the controller (Hotel), if the customer has allowed such processing.

4. Data content of the register

The following passenger data according to section 6 of MaRaL is stored in the passenger register and under the conditions mentioned therein:

1) the passenger’s full name and Finnish personal identification number or, if this is not available, date of birth and citizenship;

2) full names and Finnish personal identification numbers of the spouse and minor children accompanying the passenger or, if they are not available, dates of birth;

3) address information of the passenger;

4) the country from which the passenger arrives in Finland (if the passenger’s place of residence is other than Finland); 

5) the number of the passenger’s travel document (such as passport and visa), except if the passenger is a citizen of a Nordic country or has a residence in Finland;

6) Date of arrival and departure to the passenger’s accommodation; mixed

7) the purpose of the accommodation (such as leisure, work or other reason), if the passenger has indicated this.

In addition, the passenger’s e-mail address and mobile phone number are stored in the passenger register.

Information stored in the passenger register is kept for one (1) year after entering it in the register, after which the passenger information is deleted. However, the following passenger information can then be transferred to the controller’s customer register for processing for the purposes mentioned therein:

1) passenger’s name and date of birth;

2) citizenship;

3) address information of the passenger;

4) time, duration and purpose of the visit; mixed

5) e-mail address and mobile phone number of the passenger

5. Regular sources of information

The information is obtained from the registrants themselves when filling out the passenger declaration. In addition, data can be collected, stored and updated from the register of the registrar providing a publicly and freely available information service in order to meet the requirements according to MaRaL.

6. Regular transfers of information

Personal data stored in the passenger register can be disclosed to the authorities for the purpose and scope as stipulated in the MaRaL law. Passenger data can also be stored on servers managed by the service provider used by the data controller to the extent required for data processing.

7. Data transfer outside the EU or EEA

In principle, passenger data is not transferred outside the EU or EEA. However, the said transfer of data may be justified in cases permitted by law.

8. Principles of registry protection
9. Manual material

Materials containing manual personal data are stored in locked rooms. Material containing personal data cannot be accessed by external persons or employees whose duties do not include the relevant processing of personal data.

1. Electronically processed information 

The data is technically protected and stored in a secure manner so that outsiders or employees whose duties do not include the relevant processing of personal data do not have access to the data. The data is located on a server located in a locked space and access to the space is limited.

9. Rights of the data subject
10. Right of inspection and rectification

The passenger has the right to check the information about him stored in the register. Communications regarding the right of inspection must be made in writing and signed to the address mentioned in section 2. If there are errors or omissions in the registered information, the passenger can submit a request to correct the error to the person responsible for registry matters mentioned in section 2. The controller can also correct such information on its own initiative.

1. Right of prohibition

The passenger has the right to prohibit the controller from processing information about him/her for direct marketing and market and opinion research. In cases of prohibition and correction, the passenger can contact the registrar by e-mail or mail to the address mentioned in point 1 or to the person responsible for registry matters mentioned in point 2.

PRIVACY STATEMENT REGARDING THE CUSTOMER REGISTER

In accordance with §§ 10 and 24 of the Personal Data Act.

Date of preparation: 20 April 2023

1. Registrar

Uhanda Oy – group
Satakunnkatu 7, 33100 Tampere
+358 10 2007 300

2. Register name

Customer register

3. Purpose of personal data processing

The purpose of the customer register is to enable the provision and development of the accommodation and other services provided by the controller at any given time and to ensure their quality.

The personal data stored in the customer register, mentioned in section 5, can be processed in accordance with the personal data legislation for the following purposes:

ï   Establishing, implementing and maintaining a customer or other contractual relationship; 

ï   Providing, producing and developing the services of the registrar, communicating with the customer and other customer service purposes;

ï   Maintaining and ensuring order and security and investigating crimes and abuses;

ï   Billing and collection procedures and credit monitoring;

ï   Direct marketing, opinion and market surveys, research, statistics and analysis as well as other justified uses, such as profiling based on the choices made by the customer in order to provide more individual and versatile content and service to the customer.

4. Data content of the register

The information stored in the customer register may vary according to the choices made by the customer. The data may include at least the following information about the customer: name, contact information, email, date of birth and possible social security number, passport or identity card number, citizenship, time and duration of the visit, user IDs if the customer is registered with the service of the data controller, the customer’s interests and other choices made by the customer in the service, as well as profiling information.

Recording camera surveillance may be in use in the common areas of the registrar’s hotels. Camera surveillance is always reported separately. The recordings can only be used to maintain and ensure the order and security of the accommodation facilities and to investigate possible crimes and abuses. Camera surveillance recordings are stored for a maximum of two (2) weeks from the date of recording, unless storage for longer than this is justified due to mandatory legislation or an official investigation.

5. Regular sources of information

The information is obtained from the registered person in connection with making an accommodation reservation and/or making a purchase and/or filling in a passenger declaration, as well as from the registrar’s passenger register or when the customer himself provides information, e.g. in connection with participation in a marketing campaign. We consider it important that customer information is accurate and up-to-date at all times, which is why information can be collected, stored and updated from the register of a registrar offering a generally and freely available information service.

6. Regular transfers of information

Personal data stored in the customer register can be disclosed for the purposes mentioned in section 4 to companies belonging to the same group as the data controller and to the data controller’s marketing communication partner. Individual customer information is not disclosed to third parties. Information can also be disclosed to the authorities in situations defined by law and/or for the purpose stipulated by law.

The customer’s personal data can be transferred and stored on servers managed by the service provider used by the data controller to the extent required for data processing.

7. Data transfer outside the EU or EEA

In principle, the customer’s data is not transferred outside the EU or EEA. However, data can also be transferred outside the EU or EEA for the purposes of section 3 in accordance with the Personal Data Act. 

Partners outside the EU are required to comply with the EU’s privacy practices, e.g. the EU-US Privacy Shield.

8. Principles of registry protection
9. Manual material

Materials containing manual personal data are stored in locked rooms. Material containing personal data cannot be accessed by external persons or employees whose duties do not include the relevant processing of personal data.

1. Electronically processed information

The data is technically protected and stored in a secure manner so that outsiders or employees whose duties do not include the relevant processing of personal data do not have access to the data. The data is located on a server located in a locked space and access to the space is limited.

9. Rights of the data subject
10. Right of inspection and rectification

The customer has the right to check the information about him stored in the register. Contact regarding the right of inspection must be made in writing to the address mentioned in section 1. If there are errors or omissions in the registered data, the customer can submit a request to correct the error. The controller can also correct such information on its own initiative.

1. Right of prohibition

The customer has the right to prohibit the data controller from processing information about him/her for direct marketing and market and opinion research and to demand that the data controller delete the data about him/her from the register. In cases of prohibition and correction, the customer can contact the controller by e-mail or by post to the address mentioned in section 1.

COOKIES

A cookie is a small text file that a web browser saves on your device. There are two types of cookies. Temporary session ID cookies close when you close your browser. Permanent cookies are stored in your browser’s memory. Cookies do not damage your device, and neither you nor other individual users can be identified with the information collected through them.

Cookies help us serve you better

In order to use our electronic services, we require that you accept the use of cookies. The purpose of cookies is to improve the user experience on our site. We use cookies to collect information related to the use of services, usage volumes and other statistics. We use analytics programs to process cookies – we do not collect any personal data from users.

Cookies look for targeted advertising for you 

In order to use our electronic services, we require that you accept the use of cookies. The purpose of cookies is to improve the user experience on our site. We use cookies to collect information related to the use of services, usage volumes and other statistics. We use analytics programs to process cookies – we do not collect any personal data from users.

With the help of cookies, we track, among other things, the loading time of the pages and what kind of information the visitors are looking for. We also use cookies to measure the effectiveness of advertising. If you are registered on our website, the cookie manages your login and access to your own booking information. We analyze the data we collect and, based on it, develop our services to be even more user- friendly.

Cookies look for targeted advertising for you

We also use cookies in remarketing and Google Analytics. Third parties, such as advertisers and ad networks, may target their advertising based on your likely interests. If you do not want targeted advertising, you can block it by clicking on the links below. You will still be shown ads after blocking, but they have not been selected according to your interests.

ï   Block Adform advertising targeting here

ï   Block Google advertising targeting here

ï   Block Facebook advertising targeting here

ï   Block duplicate advertising from other third parties here

Do you want to disable cookies?

By clearing cookies at regular intervals, you change the identifier that serves as the basis of your user profile. Clearing cookies does not stop data collection completely, it only resets the profile based on previous behavioral data.

Most browsers accept cookies automatically, but you can also modify your browser settings and disable cookies completely. If you block the use of cookies, you can still browse our site. However, you may not be able to use all parts of our site then. Blocking the use of cookies may affect the functionality of some services on our site.

We recommend allowing the use of cookies. With cookies, we have the opportunity to monitor and review our customers’ interests and offer an even better service.

UHANDA OY – GROUP – COMPETITION RULES

Participation in competitions

Contests organized by the Uhanda Oy Group (“UHANDA”) can only be entered by persons of legal age (turned 18 before the end of the contest). Participating in the competition does not require the purchase of a product or service. UHANDA is not responsible for problems or obstacles to participating in the contest or receiving a prize due to IT or reasons beyond UHANDA’s control.

If the participation in the competition requires filling in contact information, all the information requested in the participation form must be filled in for the participation to be valid. By giving the “I may send marketing messages” consent, you grant UHANDA permission to use your data for targeted marketing. Uhanda Oy – group does not provide marketing information to third parties. 

Carrying out the draw and redeeming the prizes

UHANDA will raffle the prizes of its competitions among all those who have met the competition conditions and participated in the competition by the deadline after the end of the competition period. The winners will be notified personally, after which UHANDA will ask the winners to provide the necessary contact information for claiming and delivering the prize.

If the winner cannot be reached within a reasonable time after the draw, UHANDA has the right to draw a new winner instead, and the unreachable winner loses his right to the prize. UHANDA has the right

publish the winners’ names and hometowns on their own media channels without separate consent or compensation.

Competitions on social media

Contests held on social media channels, such as Facebook and Instagram, follow the general rules of Uhanda Oy – Group’s contests. The social media channel on which the contest is held does not sponsor, recommend or manage UHANDA contests in any way, and they are in no way related to that social media channel.

Competition prizes

Contest prizes cannot be exchanged for money, and they cannot be transferred to another person.

Uhanda Oy – group reserves the right to change the rules during the competition or to suspend the competition for a justified reason. Possible changes will be announced on the channel where the competition is taking place.