The controller: Milargo Oy / Elämys Group / Elämysmatkat
Address: Kuortaneenkatu 5, 00520 Helsinki
Business ID: 0945161-7
Name of Registry: Elämys Group customer and marketing registry
Controller’s contact and DPO:
+358 400 182 749
Purpose of customer data filing
Personal data is used for orders, credits, billing, recovery, contacts, transactions, customer enquiries, service development, reporting, marketing, and other customer relationship management measures.
Purchasing, transaction and location information in the filing system can also be used for profiling and targeting marketing activities and customer communications to make them more interesting to the registered. Personal information is also used when sending newsletters, or when people attend events and other marketing activities.
Data content and information categories of the filing
Data that can be used includes contact persons of the controller’s current or past customer organisations, persons with connections to the controller, Elämys Group service users, participants of Elämys Group events, or persons who approved the marketing.
The registry may contain data from following information categories relevant to the purpose of the use of the registry:
Basic information such as name and contact details (address, email address, telephone number) of the controller’s current or past customer organisations as well as their contact persons’ name and contact details. Information relating to the customer relationship between the controller and the registered persons, such as information on orders or appointments, possible direct marketing permits and prohibitions, and other communications between the parties, and related information. Data, including the first and last name, address, contact details, date of birth, position, employer, gender, mother tongue, username and password of a person registered in the controller’s Elämys Group service or its ancillary service, or information obtained through the application and the various functions contained therein, such as location and information the user has provided in the application. Transaction information from the controller’s website on different websites, information on behaviour on websites and other related category information, participation in events, information entered for events, contacts made with customer service, contacts made with other Elämys Group employees and services, and information related to subscribing to the newsletter. First and last name of the person registered for the event, as well as possible contact details and information provided on the event. Registration information provided by the person may include the following: email address, phone number, address, birth date, allergy information, passport number or personal ID.
Regular sources of information
Information provided by the customer, customer data system and billing database, user and transaction information on websites, blogs and newsletters, information on customer relationship management and customer service systems, mobile application and Elämys Group service information, partners and companies and authorities offering personal information services.
Regular disclosure of information
Filing system information can be shared within the Elämys Group and with Elämys Group’s dealers or subcontractors.
Elämys Group can also outsource the processing of your personal data to companies outside the enterprise which may also be in countries outside the European Union and the European Economic Area, such as the United States of America. These companies can process personal data to provide, for example, infrastructure and IT services, or other services. In such cases, sufficient data security and the handling of the filing system are taken care of by an EU-U.S. – Privacy Shield arrangement, or by contract using templates approved by the EU Commission.
Principles of filing system protection
The information is technically protected. Physical access to data is blocked by access control, as well as other security measures. Access to information requires adequate rights and multi-stage identification. Unauthorised access is also prevented by firewalls and technical protection. The filing system information can only be accessed by the controller and by specially designated technical persons. Only designated persons have the right to process and maintain the filing system information. Users are bound by professional secrecy. The filing system is backed up safely and can be restored as needed. The level of secrecy is audited at recurring intervals either by external or internal auditing.
The right to check and amend the filing system information
A person on the filing system has the right to check what information there is on him or her on the filing system The request must be made in writing to the controller A data subject has the right to amend any incorrect information on the filing system.
What are Cookies?
A cookie is a small file and holds a certain amount of data, which our website can send to your browser. It may then be stored on your computer’s hard drive and can be accessed by our web server. This cookie data can then be retrieved and can allow us to customise our web pages and services accordingly. It is important to clarify that cookies do not collect any personal data stored on your hard drive or computer.
We use two analytics packages in order to constantly improve your browsing experience on our websites.
Social Media Third Party Cookies
To enrich our website content, sometimes we may embed video content from other social media websites such as YouTube or Facebook. As a result, when you visit a page with content embedded, you may be presented with cookies from these websites.
How to Control and Delete Cookies?
You can disable, reject or block our cookies, some parts of our websites will not function fully.
For more information on how to control your cookie settings and browser settings, or how to delete cookies on your hard drive, please visit www.allaboutcookies.org.