Privacy statement for Hotel Red & Green feedback register
Hotel Red & Green
Närpesvägen 16 C
2. Keeper of the register
3. Name of register
Hotel Red&Green feedback register
4. Purpose of processin personal data
The information given by you on the feedback form will be stored in the S-Group´s feedback register. The register will store the information you have given on the feedback form and this will be used solely for responding to the feedback, for producing services or for operational development. The information you provide on the feedback form will not be used for direct marketing. You may also give feedback on the form entirely anonymously.
5. Basis for processing personal data
The basis for processing personal data is consent
6. Personal data processed
Only the information provided by you on the feedback form and any attachments to the feedback, will be stored in the feedback register. The feedback form includes for example the following fields: given name and family name, email address and the message submitted, and the requested form of contact. The information identifying a person will be deleted from the register as soon as they are no longer needed for the handling of the feedback
7. Source of information
The person providing the feedback will also submit the personal data
8. Receivers of the information
Data may be submitted to organizations within the Hotel Red&Green to which the feedback is addressed, or that are subjects of the feedback. If your feedback concerns a partner of the Hotel Red&Green, the information you provided on the feedback form may be submitted to that partner for the purpose of processing your feedback. Otherwise the information you provided on the feedback form will not be disclosed to any third parties.
Data may be submitted to authorities to the extent allowed and required by the valid legislation.
9. Transfer of personal data to third countries or international organizations and guarantees of protection used.
Personal data in the feedback register will not be transferred outside the EU or the EEA
10. Duration of storing personal data.
The personal data is stored until response is given
11. The data subject´s rights
Everyone entered in the register has the right to receive information about what personal data is collected, to what purposes it is used, what is the legal basis for processing the data, and to which data is disclosed.
You have the right to receive confirmation of whether your personal data is processed. If your personal data is processed you have the right to receive a copy of your personal data.
You have the right to require corrections to any inaccurate and incorrect information about you, and you have the right to have incomplete personal data completed.
You have the right to request that your personal data is removed without inappropriate delays. Removal required that one of the following conditions is met:
- The personal data is no longer needed for the purpose for which they were collected or for which they were otherwise processed.
- You cancel the permission the processing has been based on, and there are no other legal grounds for processing.
- The personal data has been processed in an unlawful way.
- The personal data has to be removed to fulfil a statutory obligation in accordance with EU law or international legislation.
If the processing of the personal data is based on the controller´s legitimate interest, you have the right to request that the data processing is limited, if one of the following conditions is met:
. You deny the accuracy of the personal data.
-The personal data has been processed in an illegal way, and you object to removal of the personal data.
- The controller does not need the personal data in question for the processing purpose, but you need them for making, presenting or defending of legal claim.
You have the right to cancel the permission you have given for processing your personal data at any time, without it affecting the legality of the processing done based on your permission before this.
You have the right to receive the personal data about you that you have provided yourself in a structured, commonly used and machine-readable format, and the right to transfer the data to another controller.
If you wish to exercise your rights or to get more information about the processing of your personal data, please contact the controller mentioned in this statement in writing:
Hotel Red & Green
Närpesvägen 16 C
Indicate on the envelope: Feedback/request for inspection, feedback/request for correction or f feedback/request for removal or scanned to the following email address: sales [at] hotelredgreen.fi
In addition to name, other information identifying the feedback based of which the feedback given by the customer can be searched for should be provided with the request for inspection, correction or removal.
You also have the right to file a complaint with the supervisory authority if you consider that the processing of the personal data does not follow the applicable data protection regulation.
12. Key information for automated decision-making or profiling
No automated decision-making or profiling is associated with the personal data processing
13. General description of technical and organizational safety measures
We will protect the personal data for the whole duration of their life by using appropriate data protection and data security measures. Hotel Red&Green protects personal data for example, by preventing risk management and safety planning, protection measures for data communication and by using secure equipment facilities, across control and security systems. Giving and controlling user rights is well managed. We regularly train our personnel participating in the processing of personal data and ensure that also the personnel of our partners understands the confidential nature of personal data and the importance of secure processing. We choose our subcontractors carefully. We continuously update our internal policiesand instructions. If in spite of all our safety measures, personal data ends up in the wrong hands, it is possible that thee identity is stolen or that the personal data is misused in any other way. If we observe such an event, we will immediately start an investigation and will try to prevent any damage. We will inform the necessary authorities and the registered persons about the data breach in.