Rovaniemen kylien kehittämissäätiö
Privacy policy
Register and Privacy Policy
This is the RKKS's register and privacy policy in accordance with the EU General Data Protection Regulation (GDPR). Drafted on 27.9.2021. Modified on 20.11.2023.
Controller
Rovaniemen kylien kehittämissäätiö
Matti Alatalo, Managing Director
Ainonkatu 1
96200 Rovaniemi, Finland
Requests related to data protection
Data protection requests are handled by Louru Oy.
Name of the register
RKKS's online service user register.
Purpose of processing personal data
The purpose of processing personal data is to contact customers, maintain customer relations and marketing. In addition, the information collected may be used to develop the online service. The data will not be used for automated decision-making or profiling.
Data content of the register
The data to be recorded in the register are: Name of the person, name of the company, contact information (phone number, e-mail address, address), website addresses, information about ordered services and changes thereto, billing information, other information related to the customer relationship and ordered services.
The data will be kept for the time being.
Regular sources of information
The information stored in the register is obtained from the customer via email, telephone, social media services, contracts, customer meetings and other situations where the customer discloses their information.
Information on contact persons of businesses and other organisations may also be collected from public sources such as websites, directory services and other businesses.
Transfer of data outside the EU or EEA
Data is not regularly disclosed to other parties. Data may be published to the extent agreed with the customer. Data may also be transferred outside the EU or EEA by the controller.
Principles for the protection of the register
The controller shall ensure that stored data, server access rights and other information critical to the security of personal data are treated confidentially and only by employees whose job description includes this.
Risks
Risks related to personal data include data leaks. Personal data stored in the register is protected against unauthorised access, accidental or unlawful destruction, alteration, disclosure, transmission or other unlawful forms of processing.
Right of access and rights relating to the processing of personal data
Every person in the register has the right to inspect the data recorded in the register and to request that any inaccurate or incomplete data be corrected or completed.
If a person wishes to check the data stored about him or her, request rectification or request the erasure of personal data concerning him or her, the request must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity. The controller will reply to the customer within the time limits set by the EU General Data Protection Regulation (as a general rule, within one month).
Cookies and visitor tracking
Website visitor data and statistics are stored via Google Analytics web analytics service on Google servers, which may also be located outside the EEA (in Privacy Shield countries).
What are cookies?
Cookies are small text files that are stored on a user's device when they visit a website. On each visit, these cookies are sent back to the website that identifies the cookie. Cookies can be used, for example, to identify the user's device, to store the choices made by the user on the website and to store login information. Cookies can also be used for visitor tracking, for example to improve the user experience and target advertising.
Cookies used on the website
This website uses Google Analytics, a web analytics service that uses cookies to track visitors. Google Analytics cookies can be used to collect information such as
- from
- location
- pages visited (on this site)
- from the open links
- about visiting hours
- the source of arrival.
This website may contain embedded content from other sources. Downloading or accessing embedded content is comparable to visiting a third party website.
Targeting the collected data to a person
None of the data collected can be attributed to individuals, as the IP addresses and other identifying information of individuals have been removed from the reports. Google Analytics reports provide indicative figures on the number of visitors, information about their devices and their behaviour on this website.
