This privacy policy applies to the processing of personal data collected by Haawe Oy for the purposes of customer acquisition, service delivery and customer relationship management.
Haawe Oy is committed to protecting the privacy of its customers and to processing personal data in accordance with applicable legislation and privacy policies. This privacy policy applies to the personal data of Haawe customers and Haawe website visitors.
The controller is Haawe Oy. The controller’s contact information can be found in section 7 of this privacy policy.
1. Use and processing of personal data
We only collect and process a customer’s personal data when it is necessary for Haawe’s business operations and for the delivery of the customer’s desired service, and we have the customer’s consent. The personal data we process is primarily collected directly from the customer by telephone, email or electronic/printed forms.
The data in the personal data register is used for the following purposes:
- developing, delivering and offering our services
- managing customer relationships and customer service
- advertising and marketing services and products
- communication
- ensuring safety
Accommodation services
Based on an agreement between the customer and the controller, and its execution, we process the following data:
Contact information: first and last name, address, postcode, city, country, email address, phone number
Payment data: credit card number, name on the credit card, card expiry month and year
Traveller notifications
The processing of traveller notifications is based on the statutory obligation of the controller.
Data processed in a traveller notification: the customer’s name and Finnish personal identity code or date of birth and nationality, the names and Finnish personal identity codes of the spouse and underage children accompanying the customer, the customer’s address, the country from which the customer has arrived to Finland, the number of the customer’s travel document and the dates of arrival and departure. In addition, the customer may specify the reason for the accommodation.
Marketing and advertising
We process data disclosed by the customer, e.g. email address, for direct marketing purposes, such as sending newsletters and possible feedback queries to the customer.
2. Disclosure and transfer of data
We are committed to processing personal data confidentially. Personal data about a data subject may be disclosed to Haawe Oy’s staff and partners for the delivery of the agreed service. Even in this case, personal data will only be processed to the extent required for the agreed service. Otherwise, data will only be disclosed as permitted and required by law.
Data will not be disclosed outside the EU or EEA unless required for providing the service. If data is disclosed, its level of protection will be ensured in accordance with the valid legislation.
3. Data security
The data collected in connection with the room reservation is stored on the server of the service provider responsible for our booking system (Sirvoy Limited). The service provider is committed to complying with the GDPR and also requires the same commitment from its subcontractors. The service provider carries out all normal technical measures to prevent the misuse of data and the access to the data by unauthorised third parties.
You can read more about Sirvoy’s privacy policy HERE.
4. Exercising the data subject’s rights and access to data
The data subject has the right to access the data pertaining to him/her stored in the register. The access request shall be submitted in writing to the controller whose contact information can be found in section 7. The data subject should be prepared to prove his/her identity in accordance with the instructions given by the controller.
The data subject has the right to request his/her data to be corrected if the data has changed or he/she discovers errors in the data. In this case, the request for correction shall be submitted in writing to the controller mentioned in section 7. The data subject should be prepared to prove his/her identity in accordance with the instructions given by the controller.
The data subject also has the right to withdraw his/her consent to, e.g. electronic direct marketing. In addition, in certain situations he/she has the right to be forgotten, in which case we will erase all data collected about him/her. However, we may have statutory obligations to store personal data. For example, the Finnish Act on Accommodation and Food Service Operations may require us to store the traveller notification data for a specific period of time.
5. Storage of data
Personal data is stored for the period required for the purpose of the data, as long as we are required to do so by law or until we receive a request to erase the data. The data storage period begins once the data has been received. We store traveller notifications for 1 year and personal data relating to requests for bids for a maximum of 2 years.
6. Cookies
We use cookies on our website. A cookie is a small text file stored by the web browser on the user’s device. Our website uses cookies for tracking website visitors, generating statistics as well as developing the website. Users’ personal data is not linked to visitor data. Cookies can be disabled from the browser settings.
Google Analytics and Google Tag Manager are used for tracking visitors and generating statistics. Both are web analytics services maintained by Google Inc. (later Google). The services store cookies on the user’s device in order to analyse how the website is used. The data collected on the cookie is sent to the service provider and stored on the service provider’s servers. Google’s servers may be located outside the EU or EEA. The data allows Google to assess the use of the website and compile website usage reports for the owner of the website. The data also enables the targeting of online advertising to site users. The service provider may disclose the information to third parties if required to do so by law.
Additional information about Google’s use of cookies is available HERE .
You can read more about Google’s privacy policy HERE.
We also use the Facebook pixel on our website. The Facebook pixel is a small piece of code embedded into a website. The pixel enables showing targeted Facebook ads to the website visitors.
You can read more about Facebook’s privacy policy HERE.
7. Contact information of the controller and the person responsible for the register
Controller:
Haawe Oy
Valtakatu 22, 96200 Rovaniemi, Suomi Finland
Tel. +358 40 039 3689
Email: [email protected]
Postal address:
Valtakatu 22, 96200 Rovaniemi, Suomi Finland
Contact person responsible for the register:
Yolanda Xu
Tel. +358 40 039 3689
Email: [email protected]