Register and privacy policy
This is Majatalo Sova's register and privacy policy in accordance with the EU General Data Protection Regulation (GDPR). Created on 6.3.2025. Last modified on 12.3.2025.
1. Register holder
Majatalo Sova
Ivalontie 1
99600 Sodankylä
Business ID: 3462313-4
+358 40 635 3360
myynti@majatalosova.fi
2. Contact person of the register
Eveliina Kanervo
info@northernechoes.fi
+358 45 7873 3969
3. Name of the register
Majatalo Sova customer register
4. Legal basis and purpose of the processing of personal data
We process personal data for customer relationship management and communication with the customer. The processing of data entered into the customer register is based on the consent of the data subject.
The data is not used for automated decision-making or profiling.
5. Information content of the register
The information stored in the register does not include personal information about customers, unless it is necessary for the customer relationship. The register may contain the following information:
- First and last name
- Phone number
- Postal address
- Email address
- Information about previous orders
- Invoicing-related matters
For companies, the following are also registered:
- Company name
- Business ID
- Online billing address
- Intermediary ID
In addition, the "message" field on the contact forms offers the customer the opportunity to freely provide other information they deem relevant.
Data retention period
We will only retain information for as long as necessary to fulfill the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law.
6. Supported sources of information
The information stored in the register is obtained from the customer, for example, from messages sent via www forms, by email, by telephone, customer meetings and other situations in which the customer provides their information.
Information about contact persons of companies and other organizations can also be collected from public sources such as websites.
7. Regular disclosures and transfers of data outside the EU or the EEA
The data will not be separately disclosed and will remain with the data controller only. The data will not be transferred outside the European Union or the European Economic Area.
8. Principles of registry protection
The register is handled with care and the data processed by the information systems are protected appropriately. When the register data is stored on Internet servers, the physical and digital security of their equipment is appropriately ensured. The controller ensures that the stored data, as well as the access rights to the servers and other information critical to the security of personal data, are handled confidentially and only by employees whose job description requires it.
9. Right of inspection and right to have the data corrected
Every person in the register has the right to check their data stored in the register and to demand correction of any incorrect data or completion of incomplete data. If a person wishes to check the data stored about them or to demand correction, the request must be sent by email or telephone to the contact person of the register. If necessary, the controller may ask the requester to prove their identity. The controller will respond to the customer within the time period stipulated in the EU Data Protection Regulation (generally within one month).
10. Other rights relating to the processing of personal data
A person in the register has the right to request that personal data concerning them be deleted from the register ("right to be forgotten"). Data subjects also have other rights under the EU General Data Protection Regulation, such as the restriction of the processing of personal data in certain situations. Requests should be sent to the contact person of the register by email or telephone. The controller may, if necessary, ask the requester to prove their identity. The controller will respond to the customer within the time period stipulated in the EU Data Protection Regulation (generally within one month).