Data protection statement
This data protection statement applies to Visit Pietarsaari – Jakobstad Oy Ab and the realisation of electronic services.
In this data protection statement, we go through why we process your personal data and what your rights are in the processing of your personal data when you visit our websites, contact us and use our products.
We respect your privacy and undertake to protect your personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Data Protection Act.
This privacy statement was most recently updated on 21 May 2024.
1. Personal Data Controller
Visit Pietarsaari – Jakobstad Oy Ab (hereinafter “we”, “us” or “Visit Jakobstad”)
Corporate ID number: 3373425-4
Salutorget 1
68600 JAKOBSTAD
Finland
Phone number:
+358 44 493 88 34
Website:
en.visitjakobstad.fi
The contact person for the personal data controller is Matilda Engström (matilda.engstrom@visitpietarsaari.fi).
2. Name of the register
Visit Jakobstad’s customer and user register (hereinafter “Register”).
3. Purpose of processing personal data and scope of processing
We collect, store and process personal data in our Register only for the purposes that we have defined in advance and we always ensure that we have a legal basis for storing and processing personal data.
The personal data in our Register is primarily used to offer products, for customer communication, business planning and development, management, the maintenance and development of customer relationships and the improvement of user experiences. Regarding the improvement of user experiences, this primarily refers to the maintenance and development of the webpages in order to ensure that the webpages are functional (more information about cookies can be found later in the document).
The processing of personal data is carried out on the basis of your consent, completion of an order and thus the conclusion of a contract, compliance with legal obligations (such as bookkeeping and taxation) and our legitimate interests.
When it comes to marketing our products or other information about our company, the processing of personal data is based on our legitimate interest to promote our business and nurture customer relationships.
The processing of personal data is based on our legitimate interest to nurture customer relationships and gain new customers.
In connection with contact requests via, for example, various social media channels such as Facebook and Instagram as well as via email, text messages and the communication tool WhatsApp, we undertake not to process any sensitive data through these various social media channels.
When you, as a user of different channels on social media, have accepted the terms of use for the respective channel and use the channel in question, you are the data controller. We are not responsible for your personal data as a registered user of one or more channels on social media and thus do not commit to protecting such information.
4. Data we collect
On our website, we may need to collect personal data when certain features are to be used. We process the following categories of personal data in our Register for the purposes referred to in paragraph 3 above:
Cookies
Our website and the third-party services we use store cookies in your browser, provided that you choose to accept this. You can view the data on the website even if you declined the storage of cookies, but some features may not work as intended. Most browsers accept cookies automatically. Go to the Help menu in your browser for instructions on how to disable cookies.
Google Analytics
Here you can read about the cookies that Google stores in your browser. Google Analytics is only active if the user has given permission for us to store cookies in the browser.
Meta Pixel
Here you can read about the cookies that Meta stores in your browser. Meta Pixel is only active if the user has given permission for us to store cookies in the browser.
Visitor statistics
Provided that the visitor has given us permission to do so, we collect anonymous data to help us understand how the website is used. This also enables us to improve our services. This data is collected using Google Analytics, LinkedIn Insight Tag and Meta Pixel. You can read more about this at the bottom of the page.
Other
A large part of the data in our Register consists of data that the registered subjects themselves provide via orders or via e-mail and the like in connection with the customer relationship.
Please note that what determines what personal data is processed, and the scope of this processing, is your status, for example whether you act as a customer or a website visitor.
5. Who we share the collected data with
Google Analytics
We use Google Analytics to store statistics on our visitors. Google Analytics creates a profile of the visitor by collecting anonymous data, such as the browser used and the type of hardware used.
When you visit the website, information is transferred to Google, which processes the information as an independent data controller. Data about website visitors is transferred to Google, which processes the data as a data controller for its own purposes. Google may also combine the data with its other information about the visitor. For indirect identification, Google uses the visitor’s unique identifier (IP address) to identify users, but it is also possible to link this IP address directly to a natural person, for example when logging into a Google account.
Please note that when you are logged into a Google account, Google collects even more unique identifiers about you, such as identifiers that identify your device, information about the browser or application you use, advertising identifiers for Android or IOS mobile users, language choice, your network of friends and your most popular YouTube videos.
Google uses data collected about website visitors for at least the following purposes:
- positioning (country, city, business or community-owned network)
- visitor behaviour on the website
- visitors’ interests on the website
- retargeting and advertising.
To carry out retargeting, Google supplements your IP address with information based on its use, on the basis of which Google classifies the user according to, among other things, location, address and age. You can find Google’s privacy policy and terms of use at https://policies.google.com/privacy.
Blocking cookies: The customer has the option to block the use of cookies by changing their browser settings. Blocking the use of cookies may affect the functioning of our services.
Clearing cookies: The registered user can clear cookies from the browser settings. By clearing cookies periodically, the user changes the set of data used to form a profile of the user. However, clearing cookies does not stop the data collection completely, but rather resets the profile based on previous behavioural data.
Meta Pixel
We use Meta Pixel to keep statistics on our visitors and to target our marketing.
No personally identifiable information is collected by Meta Pixel.
Read Meta’s Privacy Policy and Terms of Service to learn how they use the data we share with them.
Other
Any transfer of your personal data to third parties is based on written agreements that ensure that your personal data is protected. We disclose personal data to authorities in accordance with the legal obligations imposed on us.
We do not process personal data outside the EU/EEA area.
6. This is how long we store collected data
Your data is saved for as long as it is needed for the purpose for which it was collected or as required by law. It is, therefore, not always possible to define the storage period in advance.
However, we may be obliged to retain some of our customers’ personal data in order to comply with the Accounting Act or other mandatory legislation even after the customer or user relationship or any other basis for processing personal data has ended.
7. The users have full control over their data
The users have full control over their data. This means, for example, that you have the right at any time to request a statement of what data we possess regarding the user. You also have the right to request that the data be deleted.
As a starting point, there is no cost attached to exercising the rights you have as a data subject. However, we reserve the right to charge a reasonable fee if the request is repetitive in nature or manifestly unfounded or unreasonable.
If you wish to exercise your rights as a data subject, please contact matilda.engstrom@visitpietarsaari.fi.
8. How we protect collected data
By taking organisational and technical measures, we ensure we ensure that all your data is safe, protected from unauthorised processing and not destroyed, deleted, altered or unlawfully transferred. The software that powers the site is continually updated to address security vulnerabilities that are revealed over time. The traffic between the visitor’s browser and our server is encrypted.
Persons who process personal data are obligated to maintain professional secrecy and confidentiality. The data is stored in databases, which are protected by usernames and passwords and technically protected by firewalls.
9. Contact
Enquiries relating to this data protection statement/privacy policy may be sent to the person named at the beginning of this document.
Contact details of the supervisory authority:
Tietosuojavaltuutetun toimisto (Information Commissioner’s Office)
Visiting address: Lintulahdenkuja 4, 00530 Helsinki
Postal address: P.O. Box 800, 00531 Helsinki, Finland
Switchboard: 029 566 6700
Registry Office: 029 566 6768
E-mail: tietosuoja@om.fi