BOOKIT FINLAND LTD - PRIVACY POLICY

Updated 24.01.2019

1 REGISTER CONTROLLER NAME AND CONTACT INFORMATION

Bookit Finland Oy ("BookIT")
Kumpulatie 3

00520 Helsinki, Finland
isms@bookit.net

Contact person:

Jussi Autere,
telephone 09-4289 1098
jussi.autere @ bookit.net

2 NAME OF THE REGISTER

User register of the www.isms.fi service

3 USE AND PROCESSING ESTABLISHMENT OF PERSONAL DATA

BookIT (and in some occasions its partners) processes users’ personal data in www.isms.fi -service (“Service”) for the following purposes:

  • Providing and delivering the Service to a registered user
  • Managing, maintaining, developing and improving the Service
  • Customer communications including BookIT’s and approved by its partners’ possible direct marketing
  • Segmenting and profiling for the above purposes

Establishment of processing personal data is based on the current legislation, and in particularly:

  • Agreement relationship of the use of the Service between BookIT and the user
  • Acceptance of the registered user when he/she has given his/her permission to digital direct marketing
  • BookIT’s or its partners’ right when personal data is processed for marketing purposes

4 CONTENTS OF THE REGISTER

The following information is stored in the register:

  • name
  • postal address
  • email address
  • telephone number

The provision of the aforementioned personal data is a requirement required for conducting the agreement to identify the registered user and to provide the Service to the registered user.

In addition, direct marketing and related service denials and approvals as well as customer feedback and other communications between the data subject and BookIT relating to the Service is stored in the register.

Furthermore, the following observed information of the data subject relating to the use of Service is stored in the register:

  • Actions taken in the Service, such as visited websites
  • Time, date, frequency and duration of the visit
  • Type of browser and operating system
  • Type of device such as computer or mobile device
  • IP address
  • Time and duration of session
  • Screen resolution and operating system
  • Individual identification such as cookie or device ID
  • Interactions within the communications such as whether the customer has clicked an e-mail sent to him/her
  • Other collected information that the user has given his/her consent

For further information about Cookies, please see chapter 7.

5 REGULAR DATA SOURCES OF THE PERSONAL DATA

Personal information is collected from the data subject while registration into the Service and while managing the permissions and denials in the Service.

Personal information is collected also with aid of cookies and other respective techniques. These are described in more detail in chapter 7.

6 REGULAR FOR DISTRIBUTION AND TRANSFER OF THE PERSONAL DATA OUTSIDE THE EUROPEAN UNION AND THE EUROPEAN ECONOMIC AREA

Personal information may be distributed to the companies listed on the Service or other Bookit partners for direct marketing purposes, if the registrant has approved distributing such information. Under imperative laws and legislation personal information can be given to authorities. Personal information can be given also to other BookIT Group companies for purposes given in this Privacy instruction. Whenever a BookIT Group company is outside EU or EEA, BookIT shall implement personal information transition mechanisms that are allowed under privacy laws.

Personal information is not transferred outside the European Union and the European Economic Area. Personal information can be transferred outside EU or EEA for example in case of the Service requires it for technical implementing purposes but only under privacy laws and for example with limitation of model clauses of European Commission.

Personal information can be transferred also to a receiving company in case of a business transfer or M&A arrangement.

7 COOKIES

BookIT uses cookies in the Service to monitor traffic and to improve quality of the Service. BookIT uses cookies also for operating the Service, analyzing of usage and personalization of user experience.

Cookie is a small text file, which is stored by a browser on user’s terminal. Cookies include anonymous, individual identification, by which BookIT can recognize and count different visiting browsers in our webpages. Server that has sent a cookie can only read and use the cookie. With aid of cookie, BookIT is not able to get user name, e-mail address or other identification information.

While a user has logged into the Service and with aid of cookie BookIT can combine observed information about the user to the information the user has given as personal information.

Within the Service, BookIT uses in addition of so called first party cookies also so called third party cookies such as metering, surveillance and other analytics service providers’ (such as Google Analytics) cookies. These third party cookies are always under the terms of use and privacy practices of their respective service providers, and therefore BookIT cannot affect the content of such practices.

User has a possibility to affect choices about cookies in his/her browser settings. Preventing cookies can lead to a situation where all the features of the Service are not available. In addition by clearing cookies from his/her browser regularly and changing the unique identifier resets the previously used profile.

8 DATA PROTECTION AND STORAGE TIME

Access to the personal information if it is necessary for data processing is granted only to BookIT’s employees and partners that BookIT has qualified for operating the Service. User rights govern access to the personal information and the databases and systems are protected by appropriate technical means and procedures. Personal information is in electronic form.

Personal information is stored as long as data subject is a user of the Service. After the use of the Service personal information can be stored and used for direct marketing purposes and profiling unless the data subject has denied direct marketing and profiling. Personal information is deleted from the register after the last visit of the user or the use of the Service has last three years or immediately after the request of data subject and the data subject has ended use of the Service. The information can be stored for longer period of time at the request of the data subject.

9 RIGHTS OF THE DATA SUBJECT

The data subject has the right to inspect in accordance to applicable privacy legislation:

  • Get access to his/her personal information stored in the Service and to check information that is stored about him/her in the user register in the Service
  • Require fixing, amending or deleting his/her personal information in case the information are incorrect, unnecessary, incomplete or outdated; or change, add or delete his/her personal information by himself/herself in the Service
  • Deny to use his/her personal information to direct marketing or profiling; and require to limit processing his/her personal information and to transfer his/her personal information to another system

Requests for the rights mentioned above should be addressed to the email address
isms @ bookit.net

or to the following address:

Bookit Finland Oy
Kumpulantie 3
00520 Helsinki, Finland

Data subject has a right to appeal to the authority, in case he/she considers that his/her personal information is processed against this Privacy Policy or against to the applicable privacy legislation.

Office of Data Protection Ombudsman
Address: Ratapihantie 9, 6. krs, 00520 Helsinki
Postal address: PL 800, 00521 Helsinki
Telephone: 029 56 66700
Fax: 029 56 66735
E-mail: tietosuoja (at) om.fi