This Privacy Policy is based on the Personal Data Act
CUSTOMER DATA FILE
1. Controller
Kolmosvälitys Oy (auxiliary name Hotel Bastian) (hereinafter “Hotel Bastian”) , Pertuskatie 13, 02630 Espoo
2. File manager
Ari Kaarakainen, Board Member
3. Name of file
Customer data file of Hotel Bastian
4. Purpose of handling personal data
The controller handles the personal data of customers for the following purposes:
Personal data are handled in accordance with section 8(1), paragraphs 1, 2, 5 and 6 of the Personal Data Act.
5. Data file contents
The following data on the customers are collected and stored:
6. Regular sources of data
The regular sources of data are:
Hotel Bastian may collect IP address and cookie data on its customers when they visit the online service. These data are used for targeted marketing and for the provision of services.
Collection of data
Personal data are collected when the customer makes room or meeting service reservations by telephone, fax, e-mail or on the website, in compliance with the Personal Data Act.
Information on customers are collected from the customers who have consented to the collection (section 8(1)(1) of the Personal Data Act), and from reservation transactions relating to services requested by the customer, or from purchase transactions (section 8(1), paragraphs 2 and 5 of the Personal Data Act). Personal data may be collected from, stored in and updated from registers controlled by the Population Register Centre or by another provider of address, updating or other such services.
Hotel Bastian stores the customer data through the validity of the customer relationship between Hotel Bastian and the customer. The validity of the relationship is considered to end when the time between the most recent purchase of an accommodation, meeting or restaurant service is three years. After this time the customer data will be deleted from Hotel Bastian’s data archive.
7. Regular disclosure of data
Informing the customer in accordance with Section 24 of the personal data act
The description of the file is available on the Hotel Bastian website and at its office Pertuskatie 13, 02630 Espoo.
The customer has the right to inspect the information recorded in the data file that concerns him/her. Whenever a customer wishes to use his/her right of inspection, he/she shall send an inspection request, signed, to Hotel Bastian, at the address specified above. The customer shall give his/her name, address and telephone number in the inspection request. Hotel Bastian submits its reply to the customer in writing within 30 days from the arrival of the customer’s written inspection request.
In the case of errors in the customer’s information, the customer may request rectification of the error.
Right to prohibit: The customer has the right to prohibit the controller from processing his/her data for direct advertising, distance selling or other direct marketing purposes. The customer also has a right to cancel his/her consent on the processing of his/her data to the extent that is being processed on his/her consent.
The customer has the right to request a transfer of his/her processed data to another system.
8. Transfer of data outside the EU or EEA
Data are not transferred from the data file or handled outside the EU or EEA.
9. Protection principles of the file
Manual Material
Manual material is stored until the information has been entered into the relevant systems. Manual material is destroyed when it is no longer needed. Accounts and debt collection data and other data possibly classified as accounting material, which may contain customer information, are stored for the prescribed time required by the Accounting Act. For instance, invoice vouchers are stored for six years from the end of the accounting period involved. Accounting material is stored in a locked storage.
B Automatically processed data
Only those Hotel Bastian employees who need the data in their work may access the data file. They access the file with usernames and passwords.
Data collected by means of cookies are stored for no longer than six month, depending on the type of the cookie.
SURVEILLANCE CAMERA FILE
1. Controller
Kolmosvälitys Oy (auxiliary name Hotel Bastian) (hereinafter “Hotel Bastian”), Pertuskatie 13, 02630 Espoo
2. File manager
Ari Kaarakainen, Board Member
3. Name of file
Surveillance camera file of Hotel Bastian
4. Purpose of handling personal data
The camera surveillance of the public premises of the hotel constitutes a personal data file within the meaning of the Personal Data Act (523/99). Camera surveillance also complies with the Act on the Protection of Privacy in Working Life (759/2004).
Hotel Bastian uses the file (the recorded images) to guarantee personal safety and the safety of business on the premises, to prevent crimes against personnel and property, to find the responsible parties in the case of eventual damages, and to keep the property in good condition and order.
Section 16 of the Act on the Protection of Privacy in Working Life (759/2004)
The employer has the right to use the data recorded in the file in the cases specified in section 17(2), paragraphs 1–3 of the Act on the Protection of Privacy in Working Life (759/2004): to substantiate the grounds for termination of an employment relationship; to investigate and substantiate harassment or molestation as referred to in the Act on Equality Between Women and Men (609/1986) or harassment and inappropriate behaviour as referred to in the Occupational Safety and Health Act (738/2002); and to investigate an occupational accident or some other situation causing a danger or threat referred to in the Occupational Safety and Health Act.
Camera imagery of areas that need surveillance for the purpose of security or access control can be monitored real-time.
5. Data file contents
The data content of the file comprises imagery from the surveillance cameras, complemented with the necessary technical data, including the location of cameras and the date and time of filming.
6. Regular sources of data
The data stored in the file originate from the camera surveillance system installed at public premises of Hotel Bastian. The file is not connected to other data sources.
7. Regular disclosure of data
Camera imagery of areas that need surveillance for the purpose of security or access control can be monitored real-time . There are no other regular uses or disclosures of the data.
The handling or disclosure of data only takes place in the cases referred to in section 4 that specifies the purpose of use of the file.
In accordance with the Personal Data Act, every data subject is entitled to inspect the recordings, images and sound that concern them. The request concerning the inspection right may be made by sending a letter that contains the personal signature of the data subject, or made by visiting the controller personally. The requesting party shall indicate the place and time of recording, as accurately as possible, in order to find the right data. The requesting party is advised to attach their photograph to the inspection right request. The right to inspect is realised within two weeks from making the request.
Recordings that concern the period subject to the inspection request are stored for an extended period, until the need for the material ceases to exist.
Informing customer in accordance with Section 24 of the Personal Data Act
There is a sign indicating the presence of recording camera surveillance in the entrance.
The description of the file is available on the Hotel Bastian´s website and at its office at Pertuskatie 13, 02630 Espoo.
8. Transfer of data outside the EU or EEA
Data are not transferred from the data file or handled outside the EU or EEA.
9. Protection principles of the file
A MANUAL MATERIAL
No material is entered manually into the data file.
B AUTOMATICALLY PROCESSED DATA
The recording devices and material related to the data file are stored in a locked room.
Only those Hotel Bastian employees who need the data in their work may access the data file. They access the file with usernames and passwords.
The data are stored in a closed network of Hotel Bastian, and the network is technically protected with a firewall.
The handling or disclosure of data only takes place in the cases referred to in section 4 that specifies the purpose of use of the file.
If a damage or another crime is reported during the retention period, the relevant record is stored for the period needed for investigating the crime.