Privacy Policy
Privacy Statement for Accommodation Services Condo.fi / Rock Your Day OY
As per the General Data Protection Regulation (GDPR), the data controller is obligated to provide clear information to the data subjects. This privacy statement fulfills that obligation.
Data Controller:
Rock Your Day Oy
Contact Information: For matters regarding the registry and, if applicable, the Data Protection Officer:
Janne Immonen
b2b@condo.fi
0401259291
Data Subjects:
Customers and potential customers.
Purpose and Legal Basis for Processing:
The legal basis for maintaining the registry is the customer relationship, and personal data is processed based on that relationship.
Purpose of Processing Personal Data:
Personal data is processed only for predefined purposes, which include managing customer relationships and informing about our services.
Personal Data Stored in the Registry:
The customer registry contains the following information:
- Contact information: name, address, email, phone number
- Billing details
Rights of the Data Subject:
The data subject has the right to make requests regarding the following rights by contacting b2b@condo.fi:
- Right of Access: The data subject can check the personal data we have stored.
- Right to Rectification: The data subject may request correction of any incorrect or incomplete information.
- Right to Object: The data subject can object to the processing of their personal data if they believe the data is being processed unlawfully.
- Right to Restrict Direct Marketing: The data subject has the right to prohibit the use of their data for direct marketing purposes.
- Right to Erasure: The data subject has the right to request the deletion of their data if it is no longer necessary. We will process the request and either delete the data or provide a legitimate reason why the data cannot be deleted. It is important to note that the data controller may have a legal obligation or other right to retain certain data, such as accounting records, which must be kept for 10 years as per the Accounting Act (Chapter 2, Section 10). Therefore, accounting-related data cannot be deleted before the expiration of this period.
- Withdrawal of Consent: If the processing of personal data is based solely on consent and not on a customer relationship or membership, the data subject may withdraw their consent.
The data subject has the right to lodge a complaint with the Data Protection Ombudsman if they believe that we have violated data protection laws.
The data subject also has the right to request that we restrict the processing of disputed data until the matter is resolved.
Right to Lodge a Complaint:
The data subject has the right to file a complaint with the Data Protection Ombudsman if they believe that we are violating applicable data protection legislation in our handling of personal data. Contact information for the Data Protection Ombudsman can be found at: www.tietosuoja.fi/en/index/contact.html
Regular Data Sources:
This is a privately maintained customer registry, with information obtained directly from the customer or collected through online business data sources. Our customers are primarily businesses, and we provide furnished accommodation for companies across Finland and abroad if necessary. In addition to the information provided by the customer, contact details are sourced from the internet. Customer information is regularly obtained as follows: Sales searches for new customers online. We do not use any software for customer searches.
- Information from the customer when the customer relationship is established
- Information provided by the customer via an online form
Regular Data Disclosures:
Data is not generally disclosed to third parties for marketing purposes.
Duration of Processing:
Personal data is processed primarily for as long as the customer relationship is active.
Personal Data Processors:
The customer registry is used by the supplier’s employees. Both the data controller and its employees handle personal data. We may also outsource the processing of personal data to third parties, ensuring through contractual arrangements that personal data is processed in accordance with current data protection laws and appropriately.
Transfer of Data Outside the EU:
Personal data is not transferred outside the EU or the European Economic Area (EEA).
If data is transferred outside the EU or EEA, we ensure that adequate protection measures are in place, including contractual arrangements that comply with legal requirements regarding the confidentiality and handling of personal data.
Automated Decision-Making and Profiling:
We do not use personal data for automated decision-making or profiling