Privacy policy

Privacy policy Frank & Vekka Ltd

Personal Data Act (523/99) 10 §

Date of issue 01.06.2021

1. PERSONAL DATA CONTROLLER

Frank & Vekka Ltd
(2685630-9)
Eteläkatu 5, 13100 Hämeenlinna

2. CONTACT INFORMATION IN MATTERS RELATED TO REGISTRY

Tapio Vekka
tapio@vekka.fi
040 900 0150

3. REGISTRY NAME

Frank & Vekka Ltd tietosuojarekisteri

4. PURPOSE FOR THE REGISTER AND THE PROCESSING OF PERSONAL DATA

Villamarenki.fi – personal data is being processed for predetermined purposes, which are: Customer service and customer relationship management, customer communication, informing about our products and services, marketing, and other online services.

Matin ja Maijan Majatalo’s customer registry personal data is saved to sirvoy.com-booking system. Matin ja Maijan Majatalo’s passenger cards are collected, stored, and disposed of in accordance with official guidelines.

Frank & Vekka Ltd employee personal data is stored in Maraplan.fi-payroll administration and finla.fi-occupational health administration database for salary payment and statutory occupational health care.

5. PERSONAL DATA RECORDED IN THE REGISTRY

The customer registry contains the following information:

• name
• address
• phone number
• email
• information on products/services bought (online store)
• account number (salary)
• withholding tax rate (salary)
• social security number (salary and occupational health)

6. REGULAR INFORMATION SOURCES

Registry holder registers the data the user themself states when using villamarenki.fi online store and sirvoy.com booking system. In the case of employees, the data submitted is registered. The data transferred to Sirvoy.com through Booking.com and Expedia.com is submitted by the customers themselves.

7. REGULAR DISCLOSURE OF DATA AND TRANSFERRING DATA OUTSIDE THE EU

The data is not disclosed for third parties complying with data protection legislation. Personal data is not transferred outside the EU or EEA. Sirvoy.com processes its data within the framework of its own rules.

8. PRINCIPLES OF REGISTRY PROTECTION

User and employee registry data is stored in the systems managed by the registrar which are protected by operating system security software. Access into the system requires username and password. The systems are also protected by firewalls and other technical means. The data stored in the registry is only available for authorized, predetermined registry employees that are under obligation of confidentiality.

9. THE DATA SUBJECT'S RIGHT TO DELETION

The data subject has the right to prohibit the registry from using their personal data. The prohibition must be written and addressed to the people responsible for registry matters.

10. THE DATA SUBJECT'S RIGHT TO ACCESS DATA

The data subject has the right to check their data that is recorded in the registry, and the right to get a copy of it. The request must be written and addressed to the people responsible for registry matters.

11. THE DATA SUBJECT'S RIGHT TO RECTIFICATION

The registry will delete, rectify inaccurate or incomplete personal data by their own initiative or at the request of the data subject. The data subject must contact the registry responsible for registry matters to rectify their data.