Made 17th December 2019
Pielinen Karelia Development Center Ltd PIKES
Contact person in matters concerning the filing system
Data Protection Officer
tel: +358 400 783 374
Name of filing system
Pielinen Karelia Development Centre Ltd tourism marketing filing system.
Purpose and basis for personal data processing
The filing system consists of contact details of representatives of tourists, businesses and associations. Personal information is processed in PIKES so that marketing material can be sent to tourists in the area. The personal data is collected for customer, marketing and communications purposes basis for personal data processing may be public interest, a contract and the controller’s legitimate interest. PIKES processes the personal data of minors to the same extent as the data of other customers, taking into account the requirements of the Data Protection Act. The register data can be used for tourism marketing in the area, including electronic direct marketing. The data subject has the right to prohibit direct marketing concerning him.
Data content of the filing system
The filing system may include names and contact details of recipients. The filing system of PIKES customers may include information about company name, branch, profession and person’s title.
Regular sources of information
The data is collected through forms on the bomba.fi website that users fill in. The data is also provided via telephone and email. Personal information is also collected in PIKES own operations at different stages of the customer relationship.
Regular disclosures of data
The data will not be regularly disclosed without registered person permission. With the written consent of the data subject, the data may be disclosed to experts and financial institutions for measures according to the client’s needs. Personal data will not be disclosed for commercial purposes or to commercial parties or outside the EU or the EEA.
Security principles and registry confidentiality of the filing system
PIKES is committed to taking appropriate measures to protect personal data. The technical, administrative and physical processes are designed to protect personal data against accidental, illegal or unauthorized loss, access, disclosure, use, alteration or destruction. Staff have received training and guidance on the proper and safe handling of data. The entire company’s personnel and third parties acting on its behalf have a duty of confidentiality with regard to all customer information.
The register is kept electronic, but the records extracted from the register, ie the so-called sub-registers may be kept as separate Excel files in writing with due care. All written personal information material will be destroyed through a disposal service. The electronic register is protected from access by third parties with personal usernames and passwords. The information contained in the register can only be accessed by PIKES employees whose duties require the processing of the information in the register. PIKES ensures that databases cannot be accessed via the network (eg firewall technology). Although the systems are protected, PIKES cannot guarantee that computer systems or the transmission of data via the Internet or any other public network will be completely secure.
Right of access
The data subject has the right to check what data concerning him/her is stored in the filing system. The request for inspection shall be made in writing, either by post or e-mail, and addressed to the controller. The request for inspection can also be made in person at the data controller. The request for inspection must state that the request concerns the register information of the PIKES tourism marketing register. The company will provide the customer with the stored information in print, either in writing or electronically, within one month of receiving the request.
The request for verification can be sent in writing and signed to
Pielisen Karjalan Kehittämiskeskus Oy PIKES
or via email to contact person of filing system.
The customer manages all personal data provided to PIKES. The customer has the right in certain situations to request the deletion of personal data about him from the register. The customer also has the right to restrict the processing of personal data and to object to the processing of their personal data. The controller shall correct, delete or supplement personal data which is incorrect, unnecessary or out of date for the purpose of the processing in the register on its own initiative or at the request of the customer. The customer has the right to lodge a complaint with the supervisory authority if he considers that the processing of personal data concerning him violates the applicable legislation.
PIKES points out that the provision of information and the authorization of processing may, in certain situations, be a precondition for the introduction or use of the service. The company reserves the right to suspend the provision of services or block access to the services if the customer does not provide information relevant to the service or demands its deletion.
Personal data will be stored in PIKES only for as long as the data can be considered necessary for the purposes described in this data protection statement, unless the retention of the data for a longer period is required by law or permitted by law.
Reporting a personal data breach
In the event of a personal data breach that is likely to pose a high risk to the rights and freedoms of natural persons, PIKES as the controller, will notify the customer of the security breach.