Privacy and cookie notice
Privacy policy
Personal Data Act (523/1999) 10 and 24§
1. The controller
Sun Ferry Oy, (1559950-3)
Kypäräpolku 3, 00940 Helsinki
+358 (0)10 504 2410, sunlines(at)sunlines.fi
2. Contact person for matters concerning the register
Janne Vainio
Kypäräpolku 3, 00940 Helsinki
+358 (0)10 504 2410, sunlines(at)sunlines.fi
3. Name of the register
Sun Ferry Oy's customer register
4. Legal basis for processing personal data
The processing of personal data in the customer register is based on the customer's relationship with Sun Ferry Oy.
5. Purpose of processing personal data
- Enabling the contacts required for customer service. Maintaining, managing, managing and developing customer relationships.
- Provision and production of services
- Managing customer data and customer and contact history.
- Organising support and advice services for the client, managing service operations, orders, invoicing and quality assurance.
- The controller also collects data to identify the customer and to prevent abuse.
- Transmission of electronic information content to subscribers.
- Marketing services to potential customers and visitors to the site. Marketing will only be directed to a registrant, company, contact person, website visitor or natural person if the registrant, company, contact person, website visitor or natural person allows it.
- Marketing communications targeting, product and service offering development, business development and reporting.
- Research and statistical analysis. Customer analysis, forecasting, grouping and development.
- Processing, analysing and compiling statistics on customer feedback and the results of customer surveys and studies.
6. Data content of the register
- Name information:
- first names
- surname
- Address details:
- postal address
- postal code
- postal address
- Phone number
- E-mail address
- Consents and prohibitions on direct marketing
- The identifiers and numbers associated with the customer's debit and credit cards:
- Bank details
- bank account number
- Information about the employer, company, organisation, association, organisation, limited company, company, association, etc:
- Name
- address details
- Business ID
- Position in the company, role, function, title, duties, responsibilities, etc.
- Information related to customer service or new customer acquisition:
- customer feedback
- customer service transaction data
- the start date of the customer relationship
- the end date of the customer relationship
- offer history
- details of previous contacts
- information on the services ordered by the customer, their delivery and billing
- information provided in response to surveys and inquiries and related discussions
- website behaviour
- Campaign data and related monitoring data.
- Tags used for marketing targeting
As a general rule, personal data will be processed for as long as the contract on the basis of which the personal data are processed is in force. The data will be entered in the register as received from the data subject and will be updated as the data subject notifies the controller.Form data sent from sunlines.fi will be automatically deleted five (5) years after sending. From our customer and marketing register, we delete unnecessary personal data every five (5) years. You can unsubscribe from our email marketing list yourself via the unsubscribe link in each marketing email sent.
7. Regular sources of information
The data sources are the initiation of a customer, subscription or customer prospect relationship in a personal meeting, by e-mail or via an electronic form on the controller's website. After the customer, subscription or prospect relationship has been established, data is collected by automatic electronic identification in the controller's e-mail correspondence. The data of potential customers is obtained, with their consent, from them when they visit the website or in the course of other personal or digital interactions.
The data collected in Sun Ferry Oy's own operations will be supplemented, where necessary, by publicly available business information sources (such as the YTJ and TIEKE) or, in their absence, by information publicly available on the target's website.
8. Regular disclosures of data
Information is disclosed to public authorities in cases required by law, such as for the detection and prevention of abuse. Customer data may also be transferred or disclosed to temporary registers, such as event, lottery, contact or research registers, in order to fulfil a customer order or with the customer's consent. Data from these temporary registers will only be processed for the purposes of each of these registers, in an individually informed manner. Sun Ferry Ltd will disclose personal data to a collection agency when necessary for the purposes of monitoring payments.
9. Transfer of data outside the EU or EEA
As a general rule, Sun Ferry Oy does not transfer or disclose customer personal data outside the European Union or the European Economic Area. However, if necessary, data may be transferred or disclosed outside the European Union or the European Economic Area in the ways permitted by the Personal Data Act, provided that:
- the data is transferred to a country or organisation in that country where the European Commission has determined that there is an adequate level of data protection; or
- contractual arrangements can ensure an adequate level of data protection; or
- if the registrant has given his or her consent.
Wherever possible, Sun Ferry Ltd has chosen to store personal data in secure data centres located in Europe. Some of the above service providers and/or data processors may back up data outside the EU/EEA to the United States. Data is backed up to ensure that it is safe even in the event of a failure of the main servers. Sun Ferry Ltd has verified that service providers and/or data processors are members of the EU-US Privacy Shield (https://www.privacyshield.gov/list), which aims to ensure the secure processing of European data in the United States.
10. Principles of register protection
Manual material is stored in locked containers located in Sun Ferry Ltd's locked premises. Unauthorised access to the facility is prevented to outsiders. Personal access to the premises is permitted only to those who are bound by written agreements as members of Sun Ferry Ltd. Access to the premises by so-called outsiders is always controlled.
The data stored and processed by the information systems are accessible to limited and designated persons. Access requires logging into the information system. The computer network and the hardware on which the register is located are protected by a firewall and other necessary technical measures. The access codes required to log into the information system are disclosed only to members of Sun Ferry Ltd. Such disclosures are controlled by a contact person. All persons using the data in the register are bound by confidentiality.
11. Right of inspection
Every data subject has the equal right to inspect, process, erase, rectify and edit the data stored in the personal data file. A request for the above listed measures may be addressed, mandated and requested by the data subject using any of the more common written means of communication. The request for inspection and correction must be made in writing and signed and sent to the person responsible for the register mentioned above. The processing of one inspection and repair request per year is free of charge for the data subject. The request for verification and correction of data shall identify the error to be corrected and indicate the corrected data. Only a member of Sun Ferry Ltd authorised in writing may process the data on behalf of the data subject and upon specific request.
12. Other rights relating to the processing of personal data
Right to object:
- The data subject has the right to object to the processing of personal data at any time if the data subject considers that Sun Ferry Ltd has unlawfully processed the personal data or that Sun Ferry Ltd is not entitled to process certain personal data.
Direct marketing ban:
- Sun Ferry Ltd acquires online advertising from Facebook and Google, among others. However, these companies never receive the data subject's personal data through Sun Ferry Ltd and such advertising is not direct marketing, but is based on cookies.
- Sun Ferry Ltd will never sell or otherwise disclose personal information to other parties for marketing purposes.
Right of withdrawal:
- If the data subject considers that the processing of certain personal data concerning him or her is not necessary for the purposes of the Sun Ferry Ltd, the data subject shall have the right to obtain the erasure of such data by Sun Ferry Ltd. Sun Ferry Ltd will process the request, following which the data will either be deleted or the data subject will be informed of the legitimate reasons why the data cannot be deleted. If the data subject disagrees with the decision, the data subject has the right to lodge a complaint with the Data Protection Ombudsman (http://www.tietosuoja.fi/fi/index/yhteystiedot.htmlThe data subject also has the right to request Sun Ferry Ltd to restrict the processing of the disputed data until the matter is resolved.
Targeted advertising
We allow third party advertising agencies to collect certain information when you visit our site. These companies may use cookies, pixels or other technologies to collect non-identifying information when you visit this site or other sites. Examples of non-exclusive information include aggregated data, browser type, date and time, and the subjects of clicked or touched advertisements. The information collected allows us to advertise products and services of interest to you (i.e. targeted advertising). Companies may also use persistent identifiers to anonymously track your Internet usage when you visit other sites in their networks. For example, if you visit one of our tour sites, we may show you a targeted advertisement for that tour when you browse the Internet later. If you visit our Contact Us page and fill out the form on that page, we collect personal information about you - specifically, your name and email address. This site does not respond to ”Do Not Track” signals sent by your browser or device. Any material changes to this notice will be posted on this site.
To find out more about targeted advertising or to opt-out of such advertising, you can visit the Digital Advertising Alliance website. www.aboutads.info and the Networking Advertising Initiative trade group website www.networkadvertising.org/choices.