Privacy Policy

This document contains two file descriptions:
Customer data file
Surveillance camera file
Based on the Personal Data Act (523/1999), descriptions shall be drawn up of data files.

Customer data file

1. Controller
Hotel Helka, Hotelliyhtymä Oy Pohjoinen Rautatienkatu 23 FI-00100 HELSINKI

2. File manager
Jukka Räisänen, Hotel Manager

3. Name of file
Customer data file of Hotel Helka

4. Purpose of handling personal data
The controller handles the personal data of customers for the following purposes:

– maintaining and developing customer relationships

– managing bookings

– making, controlling and collecting payments

– marketing the goods and services of the controller

– development of the controller’s business and the customer service related thereto

– making table reservations for customers and reserving meeting rooms

– the monitoring and analysis of the interests and the accommodation and food choices and wishes of customers, and the development of customer service in relation to these

– registering loyalty programme functions and benefits

– taking the wishes of loyal customers into account, developing customer service and targeting the services

– registering the benefits of the cooperation partners within the loyalty programme.

Personal data are handled in accordance with section 8(1), paragraphs 1, 2, 5 and 6 of the Personal Data Act.

5 Data file contents
The following data on the customers are collected and stored:

– customer information: name, date of birth, customer number, contact information (e.g. telephone and mobile number, e-mail address and other electronic address) for contacting purposes, title or profession, language code, sex, nationality, the number of adults and children staying with the customer, and invoicing address

– customer feedback information: customer satisfaction score, comments on the controller’s services, and other information provided by the customer with the customer’s consent

– booking information (e.g. previous bookings and future bookings)

– information related to the use of the services: e.g. service use, purchase and cancellation data and the hotel or restaurant where the customer bought the service at

– information on the customer’s wishes and selections: e.g. non-smoking room or table, room class and information on the services requested

– the customer’s method of payment and payment history data (including delayed payments), along with invoicing information

– the customer’s consent to direct marketing via e-mail, SMS or other automatic means

– the statutory prohibitions on direct advertising, distance selling and other direct marketing

– information on hobbies and interests

– other information collected with the customer’s consent (e.g. reduced mobility, disabilities and illnesses reported by the customer which affect the service the customer has requested)

– an indication of membership in loyalty programmes or other equivalent programmes of the controller or the controller’s partners, and the information necessary for obtaining the benefits of the programme

– loyalty card data (e.g. card number and validity period)

– use of the controller’s services, itemised by card (e.g. nights and purchases)

– the points earned within the loyalty programme and the benefits rewarded based on them

6. Regular sources of data

The regular sources of data are:

– the booking and invoicing systems of the hotel

– e-mail and telephone conversations with the customer.

– information the customer has entered in the online services of Hotel Helka and its partners.

Collection of data
 Personal data are collected when the customer makes room, table or meeting service reservations by telephone, fax, e-mail or on the website, in compliance with the Personal Data Act.

Information on customers are collected from the customers who have consented to the collection (section 8(1)(1) of the Personal Data Act), and from reservation transactions relating to services requested by the customer, or from purchase transactions (section 8(1), paragraphs 2 and 5 of the Personal Data Act). Personal data may be collected from, stored in and updated from registers controlled by the Population Register Centre or by another provider of address, updating or other such services.

7. Regular disclosure of data

INFORMING THE CUSTOMER IN ACCORDANCE WITH SECTION 24 OF THE PERSONAL DATA ACT
The description of the file is available on the Hotel Helka website and at the hotel reception at Pohjoinen Rautatiekatu 23, Helsinki.

The customer has the right to inspect the information recorded in the data file that concerns them. Whenever a customer wishes to use their right of inspection, they shall send an inspection request, signed, to Hotel Helka, at the address specified above. The customer may also visit the hotel and present a document that proves their identity. The customer shall give their name, address and telephone number in the inspection request. Hotel Helka submits its reply to the customer in writing within 30 days from the customer’s personal visit to the hotel or the arrival of the customer’s written inspection request at the hotel.

In the case of errors in the customer’s information, the customer may request rectification of the error.

Right to prohibit: The customer has the right to prohibit the controller from processing their data for direct advertising, distance selling or other direct marketing purposes.

8. Transfer of data outside the EU or EEA
Data are not transferred from the data file or handled outside the EU or EEA.

9. Protection principles of the file

A MANUAL MATERIAL
Manual material is stored until the information has been entered into the relevant systems. Manual material is destroyed when it is no longer needed.

B AUTOMATICALLY PROCESSED DATA
Only those Hotel Helka employees who need the data in their work may access the data file. They access the file with usernames and passwords.

The data are stored in a closed network of Hotel Helka, and the network is technically protected with a firewall.

Surveillance camera file

1. Controller
Hotel Helka, Hotelliyhtymä Oy Pohjoinen Rautatienkatu 23 FI-00100 HELSINKI

2. File manager
Jukka Räisänen, Hotel Manager

3. Name of file
Surveillance camera file of Hotel Helka

4. Purpose of handling personal data
The camera surveillance of the public premises of the hotel constitutes a personal data file within the meaning of the Personal Data Act (523/99). Camera surveillance also complies with the Act on the Protection of Privacy in Working Life (759/2004).

Hotel Helka uses the file (the recorded images) to guarantee personal safety and the safety of business on the premises, to prevent crimes against personnel and property, to find the responsible parties in the case of eventual damages, and to keep the property in good condition and order.

Section 16 of the Act on the Protection of Privacy in Working Life (759/2004)
The employer has the right to use the data recorded in the file in the cases specified in section 17(2), paragraphs 1–3 of the Act on the Protection of Privacy in Working Life (759/2004): to substantiate the grounds for termination of an employment relationship; to investigate and substantiate harassment or molestation as referred to in the Act on Equality Between Women and Men (609/1986) or harassment and inappropriate behaviour as referred to in the Occupational Safety and Health Act (738/2002); and to investigate an occupational accident or some other situation causing a danger or threat referred to in the Occupational Safety and Health Act.

Camera imagery of areas that need surveillance for the purpose of security or access control can be monitored real-time.

5. Data file contents
The data content of the file comprises imagery from the surveillance cameras, complemented with the necessary technical data, including the location of cameras and the date and time of filming.

6. Regular sources of data
The data stored in the file originate from the camera surveillance system installed at Hotel Helka. The file is not connected to other data sources.

7. Regular disclosure of data
Camera imagery of areas that need surveillance for the purpose of security or access control can be monitored real-time at the reception. There are no other regular uses or disclosures of the data.

The handling or disclosure of data only takes place in the cases referred to in section 4 that specifies the purpose of use of the file.

In accordance with the Personal Data Act, every data subject is entitled to inspect the recordings, images and sound that concern them. The request concerning the inspection right may be made by sending a letter that contains the personal signature of the data subject, or made by visiting the controller personally. The requesting party shall indicate the place and time of recording, as accurately as possible, in order to find the right data. The requesting party is advised to attach their photograph to the inspection right request. The right to inspect is realised within two weeks from making the request.

Recordings that concern the period subject to the inspection request are stored for an extended period, until the need for the material ceases to exist.

INFORMING THE CUSTOMER IN ACCORDANCE WITH SECTION 24 OF THE PERSONAL DATA ACT
There is a sign indicating the presence of recording camera surveillance near the entrances.

The description of the file is available on the Hotel Helka website and at the hotel reception at Pohjoinen Rautatiekatu 23, helsinki.

8. Transfer of data outside the EU or EEA
Data are not transferred from the data file or handled outside the EU or EEA.

9. Protection principles of the file

A MANUAL MATERIAL
No material is entered manually into the data file.

B AUTOMATICALLY PROCESSED DATA
The recording devices and material related to the data file are stored in a locked room.

Only those Hotel Helka employees who need the data in their work may access the data file. They access the file with usernames and passwords.

The data are stored in a closed network of Hotel Helka, and the network is technically protected with a firewall.

The handling or disclosure of data only takes place in the cases referred to in section 4 that specifies the purpose of use of the file.

The data (recordings) are stored in the file for a maximum period of three (3) months. If a damage or another crime is reported during the retention period, the relevant record is stored for the period needed for investigating the crime.