Register and privacy statement
This privacy statement concerns the processing of personal data conducted by Hotel Sommelo / HS-Retro Oy for the provision of its services to its customers and the acquisition and maintenance of customer relationships.
Hotel Sommelo / HS-Retro Oy is committed to protecting the privacy of its customers and to processing personal data in accordance with current law and privacy practices. This privacy statement applies to personal data related to customers of Hotel Sommelo, newsletter subscribers, and individuals visiting Hotel Sommelo’s website and online store.
Hotel Sommelo acts as the data controller for the personal data covered by this privacy statement. The contact details of the data controller can be found in section 7 of this privacy statement.
1. Use and Processing of Personal Data
We collect and process customer personal data only when they are necessary for the business of Hotel Sommelo and we have your consent. The personal data we use are primarily collected directly from the customer by telephone, email, or electronic/printable forms for customer relationship management.
The information in the personal data registry is used for the following purposes: to develop, deliver, and offer our services, to manage customer relationships and service, for advertising and marketing of services and products, for communication, and to ensure security.
ACCOMMODATION, MEETING, AND RESTAURANT SERVICES
We process the following information based on the contract between the customer and the data controller and its execution:
Contact details: first and last name, address, postal code, city, country, email address, phone number
Payment details: credit card number, name on the credit card, card’s expiry month and year
TRAVEL NOTIFICATIONS
The processing of travel notifications is based on a legal obligation of the data controller.
Information processed in travel notifications: customer’s name, personal identification number or date of birth, nationality, names of spouse and minor children traveling with, Finnish personal identification numbers, address, country of arrival in Finland, travel document number, and arrival and departure dates. Additionally, the purpose of the stay may be recorded.
MARKETING AND ADVERTISING
We process the information provided by the customer, such as an email address for direct marketing, for sending newsletters to the customer.
2. Disclosure and Transfer of Information
We are committed to processing personal data confidentially. Information about the registered person may be disclosed to Hotel Sommelo’s staff and partners for the described purpose, such as the implementation of marketing. Even in this case, personal data is processed only to the extent required by the agreed services. Otherwise, information is disclosed only within the limits permitted and required by law.
Information is not transferred outside the EU or EEA unless it is necessary for the provision of the service. If information is transferred, its security level is ensured according to current legislation.
3. Data Security
The register’s information is stored on Hotel Sommelo’s server, which is protected by the operating system’s security software. System access requires entering a user ID and password. The system is also protected by firewalls and other technical means. Only certain predefined employees of the data controller are entitled and able to access the information contained in the registry. The registries are located in a locked space.
The online store’s databases are stored on servers within the EU and their protection is managed by generally required security methods in the industry. Hotellinx has protected the hardware and server using commonly accepted methods in the industry, such as firewalls, antivirus protection, and other commonly used data protection practices. The server where the customer database is located is also protected by access control. Programs that operate directly in the browser, e.g., NetReservations and Housekeeping, are on a server that is protected with SSL encryption technology.
4. Exercising Registered Rights and Access to Information
The registered individual has the right to inspect the information about him/her stored in our register. The inspection request must be made in writing and delivered to the data controller, whose contact details can be found in section 7. The registered individual must be prepared to prove their identity in accordance with the instructions provided by the data controller.
The registered individual has the right to request the correction of their information if their data have changed or they notice errors. In this case, the correction request must be made in writing to the data controller mentioned in section 7. The registered individual must be prepared to prove their identity in accordance with the instructions provided by the data controller.
The registered individual also has the right to withdraw their consent, for example, to electronic direct marketing. In certain cases, they also have the right to be forgotten, where we remove all the information we have collected about you. However, we may have legal obligations to retain your personal data. For example, the law on accommodation and restaurant operations may require us to retain the details of travel notifications for a certain period.
5. Retention of Information
Personal data is retained for as long as is necessary for the purposes for which the data was collected, as long as the law requires us to, or until we receive a request to delete the data. The retention period starts immediately upon receipt of the data. We retain travel notifications for 1 year and personal data related to quotation requests for a maximum of 2 years.
6. Cookies
Google Analytics and Google Tag Manager are used for tracking visitor information and statistics. Both are web analytics services maintained by Google Inc. (later referred to as Google). The services store cookies on the user’s end device to analyze website usage. Information added to the cookie is transmitted to the service provider and stored on the provider’s servers. Google’s servers may be located outside the EU or EEA. The information is used by Google to evaluate website use, compile usage reports for website owners, and may enable targeted online advertising to website users. The service provider may transfer the information to third parties if required by law.
For more information on how Google uses cookies, please visit here: https://policies.google.com/technologies/cookies
You can read more about Google’s privacy policy here: https://policies.google.com/privacy
7. Contact Information
Contact details of the data controller and the person responsible for the register
Data Controller:
Hotelli Sommelo / HS-Retro Oy
Pallokentäntie 2, 45700 Kuusankoski, Suomi Finland
Tel. +358 5 740701
Email: info@hotellisommelo.fi
Written mail should be sent to the following address:
Hotelli Sommelo
Pallokentäntie 2, 45700 Kuusankoski
Person responsible for the register:
Inka Kosonen,
Email: info@hotellisommelo.fi
Tel. +358 5 740701
Hotel Sommelo
Customer service on-site:
Monday 6:00 - 19:00
Tuesday - Friday 6:00 - 18:00
Saturday 8:00 - 16:00
Sunday 8:00-12:00