Privacy Statement

Purpose of this Privacy Statement

Lomakeskus Revontuli (later referred to also as “We”, “Us”, “Our”) and its employees are committed to protecting your privacy and personal data. We process your personal data in accordance with the Finnish and European Data Protection Principles and applicable personal data legislation (including the European General Data Protection Regulation, as applicable).

This privacy statement provides you information about the personal data processing activities conducted by us. In this Privacy Statement we present the rights granted by the Finnish and European Union data protection laws.

Please read this Privacy Statement carefully if you plan to browse or otherwise use the site. If you do not agree with this Privacy Statement, you must leave the site.

File Controller and Contact Information

In all data protection related matters, data subjects may contact us by using the following contact information:

Lomakeskus Revontuli Oy

Revontulentie 1, 41500 Hankasalmi, Finland

Telephone: +358 14 8448 200

Contact person: Tiia Valkama,

Telephone: +358 14 8448 200,

Business ID: 0927037-3

Name of the Data File

Customer and marketing data register related to Lomakeskus Revontuli and services.

Purpose of the Processing of Data

The purpose is to process customer data for the:

1) Development, analysis and management of the customer relationship

2) Development and management of our services and thereto related products

3) Marketing purposes, business planning and communication with customers

4) Surveys and market analysis or other related services.

5) Distance selling, direct marketing and data mining and thereto related actions such as profiling of customer data for the above purposes

Information Contained in the Data File

Demographic customer data, such as name, contact information, gender and description of the customer’s business.

Data used for customer relationship, such as

- Identifiers used for customer relationship (e.g. customer ID, user credentials)

- Date when customer relationship initiated

- Financial customer data related to the purchases of the services and thereto related products

- Order information and other data related to our services and thereto related products

- Use of services, such as subscribing for our newsletter

- Campaigns and benefits linked to a customer and use of related products/services

- Data linked to invoicing and debt collection

- Interests and other data provided by the customer

- All communication with customers, including complaints, feedback and customer service call recordings

- Permissions and refusals for direct marketing

- Combinations of the above data in the form of customer profiles

Sources of Data

Personal data is collected from the customer through campaigns, feedback, newsletter subscriptions, orders and use of all services related to Lomakeskus Revontuli. Personal data is received directly from the data subject or obtained in connection with their use of the site, products or services provided by Lomakeskus Revontuli.

Cookies are used to collect information on how customers use the website.

Regular Transfers of Data or Transfers of Data Outside of EU or EEA

Data shall not be transferred without customer’s permission unless required by the law or authorities.

Data can be transferred to entities within Lomakeskus Revontuli Oy, its partners, affiliates, subsidiaries and subcontractors some of which may be located outside the EU and the EEA for the purposes defined above. Under those circumstances the controller ensures adequate level of data protection through contracts.

Retention Period

Lomakeskus Revontuli stores customer data only for a period necessary for the use of such data.

Principles for the Protection of the Data File

Databases used to store data are technically and physically protected from access by outsiders. Only pre-designated employees of Lomakeskus Revontuli, its partners, affiliates, subsidiaries and subcontractors have access to the personal data contained in the data file.

Data Subject’s Rights

Data subjects may at any time contact us and request access to their personal data. We will at the data subjects’ request rectify or erase any incomplete, inaccurate or outdated personal data. This request needs to be made in writing and be addressed to the controller (contact information above). If necessary, the controller has the right to ask the person requesting access to their personal data to provide identification.

Data subject has the right to ask us to erase all personal data saved in the file or to deny use of such data for marketing purposes. Request should be addressed to the representative of the controller.

We may refuse a request or obtain a reasonable fee for fulfilling a request if the request is manifestly unfounded or excessive or we have another legitimate ground for refusing the request. Such legitimate grounds could e.g. prevent us from deleting personal data that needs to be retained due to local legal requirements or to maintain an audit trail until the end of local claim period. We may also need to retain the data to be able to fulfil contractual obligations.

Revontuli Website and Internet Services

Collected Personal Data

Most sections of the site can be visited without entering any personal data.

When visiting the site, certain technical and other information is automatically sent by your computer to us or Google Analytics (e.g. IP address, the type of your browser and the source of your visit). We also collect information about your website usage by using cookies. Please see the Cookie Policy for further information.

On certain parts of the site, you may be asked to provide personal data and/or sign up for the service to access a service that you have requested. Once you register on the site or have otherwise been assigned a specific identification code to access your accounts, we may request that you provide certain information.

The Purposes of the Processing

Through processing of personal data collected through the site we aim to ensure an efficient and secure use of the site, develop the site, provide customized services and content, improve our services, contact you, conduct research and collect statistics (e.g. what sections of the site users visit and how much time they spend on the site).

Website Analytics

Our website uses Google Analytics website analytics to gather statistics about the users of the site with the aim to improve the contents of the site. Normally this data is anonymous, however, if you have logged into our online service or entered the website through a link in an e-mail, we may be able to identify the analytics data collected about your use of the site.

Lomakeskus Revontuli’s Customer Relationship Management Databases (“CRM”)

Collected Personal Data

Following information is collected and processed in connection with CRM:




Mobile phone number

Fixed phone

Fax number




Possible other information relevant for the business/customer relationship

Such personal information is also referred to as “personal data” and the individuals, whose personal data is processed, are referred to as “data subjects”.

The Purposes and Legal Grounds of the Processing

The purpose for processing personal data is to facilitate our business, support sales activities; manage deliveries, maintenance services and invoicing, contacting customers and businesses for contract management and marketing purposes and otherwise maintaining the customer relationship. We may also use personal data to handle incidents and claims as well as provide assistance as requested by customer.

Source(s) of Personal Data

The personal data has been received from businesses and customers or obtained in connection with their use of our products and services. Personal data may also originate from our representatives based on their business interactions with the data subjects.

Transfers of Personal Data

In general, we use the personal data only for our internal business purposes and do not transfer the data to any external parties. Some of the personal data may be accessible and processed by our subsidiaries, subcontractors and other service providers, to the extent needed in connection with the above said purposes. We ensure that such third parties are always bound by contracts, which sufficiently address data protection and confidentiality requirements.

Updates to the Privacy Statement

We reserves the right to amend this Privacy Statement. We hope that you review this Privacy Statement from time to time for any amendments.