Privacy Policy

Tmi Erä-Eero Customer Register Privacy Policy

Data controller:
Tmi Erä-Eero (business ID 1492776-3)
Registry contact: Eero Kortelainen, company owner
Visit address: Keljänpurontie 12. 81650 Hattuvaara, Finland
Postal address: Riippusillantie 12, 81700 Lieksa, Finland
Telephone: +358 400 432 218 (English) + 358 400 159 452 (Finnish only)
Email: info@eraeero.com

1 Register name:
Tmi Erä-Eero Customer Register

2 Purpose of processing personal data:
Personal data is processed for purposes related to making a reservation, managing customer relationships and handling contacts, invoicing and developing the service. Personal data is also processed for purposes required to resolve potential complaints and other claims.

3 Legal basis for processing:
The processing of personal data is based on Article 6(1)(b) of the General Data Protection Regulation
(GDPR): Processing is necessary for the performance of a contract to which the data subject is a party, or in order to take steps at the request of the data subject prior to entering into a contract.

4 Data content of the register:
We collect the following information from our customers, among others:
Name
Email
Telephone number
Address
Age for minors (affects family discounts)
Arrival time and length of stay

Payment method (cash/card/invoice)
Content of the reservation with services, such as type of hide, rentals, snacks, allergies, transportation,
accommodation and other possible special requests.

5 Regular data sources:
Information provided by the customer himself/herself through a reservation or other contact (including
contact form, email, phone call, WhatsApp, SMS, passenger card). Some or all of the information about
customers arriving through a tour operator is obtained from the tour operator in advance. In these cases, additional information can also be obtained from the customers themselves after they arrive with us.
We also receive anonymized information through social media (Facebook, Instagram).

6 Retention period of personal data:
We store customer register information for a maximum of 5 years after the last reservation or service
contact.

7 Principles of register protection:
The information is stored both electronically and in written form (reservation books).
We ensure appropriate data security. The register information is protected from external users by
passwords and firewalls, and its processing is only possible for designated persons whose duties include maintaining and managing customer data.
Written materials containing personal data are stored in locked facilities, which can only be accessed by
designated persons who are authorized to access it due to their duties.
The employees and other persons of the controller are obliged to observe confidentiality and to keep
confidential the information they receive in connection with the processing of personal data.

8 Recipients of personal data (recipient groups) and regular disclosures of data:
Personal data will not be disclosed to third parties.

9 Transfer of data outside the EU or EEA:
Personal data contained in the register will not be transferred outside the EU or EEA.

10 Rights of the data subject:

  1. Right to access and inspect personal data
    The data subject has the right to receive a copy in paper or in a commonly used electronic format and to inspect his or her personal data described in this statement.
  2. Right to rectification of data and restriction of processing
    The data subject has the right to have incomplete or incorrect data rectified. The data subject also has the right to restrict processing upon request until the data has been updated.
  3. Right to data portability
    The data subject has the right to have the data concerning him or her transferred to another system, if technically feasible.
  4. Right to erasure
    The data subject has the right to request the erasure of his or her data. Erasure is possible in accordance with applicable law.
  5. Right to object to data processing and automated decision-making
    The data subject has the right to object to data processing. However, it should be noted that this may prevent the provision of the service (reservation and/or invoicing). We do not use automated decision-making.
  6. Right to lodge a complaint with a supervisory authority
    If the data subject considers that his or her data has been processed in violation of this Privacy Policy and applicable law, he or she has the right to lodge a complaint with the competent supervisory authority.

All inquiries and requests regarding your personal data and its use should be sent to info@eraeero.com.

11 Web analytics:
The services below collect anonymized information about visitors to our website:
Facebook and Instagram

12 Targeted marketing:
Based on your visit to the website, we may perform targeted advertising on the following services:
Facebook and Instagram