This privacy policy informs customers of Arctic Europe Travel & Marketing (hereinafter referred to as the "Merchant") about the Merchant’s Customer Register and the principles governing the processing of data within it.
We may occasionally modify our privacy practices and this privacy policy. We therefore recommend that you review our privacy practices regularly.
1. Data Controller
Arctic Europe Travel & Marketing
Address Pulmusentie 4 B 3, FI-99490 Kilpisjärvi
Phone +358 40 142 6061
mail@sinikkaniskanen.com
Corporate Code 173485-9
Contact Person: Sinikka Niskanen
2. Name of the Register:
Arctic Europe Travel & Marketing Customer Register
3. Legal Basis and Purpose of Processing Personal Data / Purpose of the Register
The legal basis for processing personal data in accordance with the EU General Data Protection Regulation is the contract that is formed when the Customer orders services from the Merchant. The purpose of the register is to enable the Merchant's sales, such as the transfer of order information, billing information, payment confirmation information, or processing information between the Merchant and the Customer. In addition, the register is collected to enable customer service contacts, maintain customer relationships, and for electronic marketing communications when the Customer has given their consent. Data is not used for automated decision-making. Data can be used for profiling.
4. Content of the Register
First name and family name
Address
Postal code
Country
Phone number
Email address
Personal identity number (private billing customer)
Order source page
For companies, the following is also registered:
Company name
Business ID
E-invoice address
Intermediary ID Reference Mark
The "Additional Information" field of the process offers the Customer the opportunity to provide other information they consider relevant.
5. Data Retention Period
Data is stored as long as there is a valid agreement and/or consent between the Customer and the Merchant. Data may be stored for longer periods to the extent necessary to fulfill the obligations imposed by applicable legislation, such as accounting and consumer protection liabilities and to demonstrate their proper fulfillment.
6. Regular Sources of Data
Data is collected through electronic forms on the Johku web service, as well as during phone conversations or e-mail correspondence with the Customer.
7. Regular Disclosures of Data and Transfer of Data Outside the EU or the European Economic Area
Data is not disclosed separately and remains solely with the data controller. Data may be technically processed outside the EU or the European Economic Area.
8. Principles of Register Protection
Due diligence is exercised in the processing of the register, and data processed using information systems is protected appropriately. When register data is stored on internet servers, the physical and digital data security of the equipment is taken care of appropriately. The data controller ensures that stored data and the user rights and other information critical to the security of personal data are treated confidentially and only by those employees whose job duties include it.
Aptual Commerce Oy is the controller of data collected from sales transactions and communications performed in the Merchant’s Johku Online Store. Only the Merchant’s Data Controller and the technical maintenance personnel of Aptual Commerce Oy have access to the complete register data. For more information on the Johku service's data protection principles: johku.fi/fi/tietosuoja
Manual Material
As a general rule, the Merchant avoids printing the data in the register as manual material. If, in some situations, manual material is printed from the register, the material is stored in a locked location and only the Data Controller has access to the material.
9. Right of Inspection
Every person in the register has the right to inspect the data stored in the register and correct any incorrect or incomplete data. The person in the register has the right to request that personal data concerning them be deleted from the register ("right to be forgotten"). Similarly, data subjects have other rights under the EU General Data Protection Regulation, such as the restriction of the processing of personal data in certain situations. It should be noted, however, that the data stored in the Merchant’s Customer Register originates from the Customer purchasing products and/or services. In this case, the Merchant is also bound by the obligations imposed by accounting and tax legislation regarding the storage of data. Requests must be sent in writing to the Data Controller. The Data Controller may, if necessary, ask the person making the request to prove their identity. The Data Controller shall respond within the time limit specified in the EU Data Protection Regulation (in principle within one month).
10. Cookies
This site uses cookies. The site sends a small file to the browser, which is stored on the computer's hard drive. Both (temporary) session cookies, which close when you close your web browser, and persistent cookies, which are stored on your computer's hard drive, are used. The purpose of the cookie is to improve the user experience on the site. If you are a registered user, the cookie also manages login and access to pages intended for registered users only. Cookies can be used to track and analyze user interests and thus affect the usability of the service. Internet browsers generally accept cookies automatically. If necessary, the use of cookies can be disabled in the browser settings, in which case some of the functionality will be removed. Advertising cookies can be used to help optimize the advertising experience for the service user. Some third-party providers, including Google, may use cookies or web beacons (1-pixel image files) to improve the advertising experience. The data collected through cookies and web beacons does not contain the user's personal data. Online activities cannot be linked to a specific person through it.
Update 10.10.2024