Register description - Visit Meri-Lappi

Register description

Register description pursuant to section 10 of the Personal Data Act (523/1999) and the EU General Data
Protection Regulation. Updated on January 18, 2021.

  1. Controller

Sea Lapland Travel Ltd (Meri-Lapin Matkailu Oy)

Lukiokatu 10

95400 Tornio, Finland

Tel. +358 20 7479 440

  1. Contact person or person in charge of the register

Sales Director Teija Mikkola +358 400 357 420

  1. Name of the register

Sea Lapland Travel Ltd and its subisidiaries’ customer register that contains customer data. The grounds for registering are a sales or service relationship with Sea Lapland Travel Ltd.

  1. Purpose of the register

Sea Lapland Travel Ltd is committed to safeguarding the privacy of the users of its services pursuant to the Personal Data Act (523/1999) and other applicable legislation.

The purpose of personal data processing is to maintain a customer and contact information register of

natural persons who have made a reservation or registered for an event.

Sea Lapland Travel Ltd needs personal data to process and confirm bookings. Personal data is also needed in order for Sea Lapland Travel Ltd to send customers information about their booking(s).

By using our services, the user approves the terms and conditions of this Privacy Statement. If the user

does not approve these terms and conditions, he/she does not have the right to use our services.

The collected data is used for service provision, delivery of services and products to the customer, product

and service development, invoicing as well as customer relationship management and development.

Anonymised data is used for statistical purposes.

The information can be also used, with the customer’s consent, for advertising, marketing, direct marketing

and customer-targeted marketing. The customer has the right to prohibit direct marketing targeted at him

or her.

  1. Data content of the register

Data on Sea Lapland Travel Ltd´s customers

  • First and last name
  • Address
  • Mobile telephone number
  • Landline telephone number
  • Email address
  • Date of birth
  • Gender
  • Other country of residence
  • Household ID
  • Newsletter history (if any)
  • Participation in events
  • Direct marketing prohibitions and consents
  • Unique customer ID
  • Information about the booking, such as the accommodation, date of departure, date of booking,

hotel, price of the trip, discounts and reasons for these, sales channel, clerk (if any), the group of people who made the booking, any additional services associated with the trip, loyal customer numbers

The data above will be stored if they are associated with customer relationship.

  1. Regular data sources
  • Data disclosed by the customer
  • Transaction data generated as a result of a purchase of a trip or additional services, when the

customer is the person who performed the booking, his or her companion or part of a group

  • Data provided by the customer in customer service situations
  • Email marketing management system
  • Cookies or other such technologies
  1. Regular data disclosures and transfer or data to entities

Data may be transferred to an entity outside the EU or EEA when necessary for the technical

implementation of a service requested by the user or when otherwise necessary under section 23,

subsection 2–5 of the Personal Data Act. Partners outside the EU are required to comply with the EU data

protection practices.

In order to provide the service, any data essential for the provision of the service will be disclosed to the

service provider(s), for example joint marketing companies.

Personal data may also be disclosed to authorities as allowed and required by the legislation in force.

Information is not disclosed on a regular basis.

  1. Principles of register security

Data processed in IT systems:

  • This data is stored in an online system protected by SSL protocol.
  • This data is only accessed by people who need access to it on the basis of their role. Every user has

a personal user ID and a password. The users are also under a secrecy obligation. Access rights to

the register are granted and supervised by the person in charge of the register.

Manual materials:

  • can be stored as paper printouts with sufficient data protection practices.
  1. Checking register data

Pursuant to the Personal Data Act, the data subject has the right to inspect which data about him or her are

stored in the register. The inspection request must be submitted in writing by regular mail or email to the

person in charge of the register stated in section 2 of this register description.

  1. Right of rectification and right to prohibit processing

A customer of Sea Lapland Travel Ltd has the right to have an error in his or her data rectified. The request concerning the rectification of the error must be submitted in writing by regular mail or email to the person in charge of the register stated in section 2 of this register description.

A data subject has the right to prohibit the processing of his or her data and its disclosure for direct mail,

distance sales, direct marketing, market surveys and opinion polls by contacting Sea Lapland Travel Ltd customer service.

Plan your trip