Invisible Forest Lodge
MENU

Privacy Policy

Introduction

Welcome to Invisible Forest Lodge. We respect your privacy and are committed to protecting your personal data. This Privacy Policy informs you about how we handle your personal information when you visit our hotel, use our website, or engage with our services.

We process your data in compliance with the General Data Protection Regulation (GDPR) and other applicable laws. By accessing or using our services, you acknowledge that you have read this Privacy Policy.

Data Controller Information

The data controller responsible for processing your personal data is:

Invisible Forest Lodge
Ketavaarantie 21
96900 Rovaniemi
Email: [email protected]
Phone: +358 207 437 109

Personal Data We Collect

We collect and process directly and with a trusted third-party operative different types of personal data depending on your interactions with us:

Personal Information

  • Identification Data: Name, email address, phone number.
  • Booking Data: Reservation dates, room preferences, special requests.
  • Financial Data through third-party service Stripe: Payment card details, billing information.
  • Identification Documents: Passport, ID card, or driver’s license (if required by law).
  • Communication Data: Any correspondence between you and us, including emails, inquiries, and complaints.

Automatically Collected Data

  • Technical Data: IP address, browser type and version, operating system, device type, language settings.
  • Usage Data: Pages viewed, website navigation paths, time spent on our website.

Lawful Bases for Processing

Under GDPR, we must have a lawful basis to process your personal data. We rely on the following bases:

  • Performance of a Contract: To manage your booking and stay, including processing payments.
  • Legal Obligation: To comply with local regulations (e.g., registration requirements).
  • Legitimate Interests: To enhance our services, communicate with you, and improve our business operations.
  • Consent: For marketing communications, if you have opted in.

How We Use Your Personal Data

We use your personal data for various purposes:

  • To process bookings and reservations.
  • To facilitate check-in, check-out, and other hotel services.
  • To communicate with you regarding your stay, special offers, or inquiries.
  • To manage payments and billing.
  • To comply with legal obligations.
  • To improve our website and services.
  • To send you marketing communications, subject to your consent.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect data about your browsing behavior. Cookies are small text files stored on your device when you visit our website.

  • Necessary Cookies: Essential for the functioning of our website.
  • Analytical Cookies: To analyze and improve our website performance.
  • Marketing Cookies: To send you targeted advertisements.

You can manage your cookie preferences or disable cookies through your browser settings.

Data Sharing and Transfers

We do not sell or trade your personal data. We only share it in the following cases:

  • Service Providers: We may share your data with trusted third-party providers who perform functions on our behalf (e.g., payment processors, marketing agencies, IT support).
  • Legal Requirements: We may disclose your data to comply with legal obligations, enforce our policies, or protect our rights.
  • Data Transfers Outside the EU/EEA: If we transfer your personal data outside the EU/EEA, we will ensure that appropriate safeguards are in place (e.g., Standard Contractual Clauses) to protect your information.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Specific retention periods are:

  • Booking Data: 7 years after the end of your stay (for accounting purposes).
  • Marketing Data: Until you withdraw your consent or opt out.
  • Legal Obligations: As required by applicable laws.

Your Rights Under GDPR

You have several rights regarding your personal data under GDPR:

  • Right to Access: Obtain a copy of your data that we hold.
  • Right to Rectification: Correct any inaccurate or incomplete data.
  • Right to Erasure: Request the deletion of your personal data, where applicable.
  • Right to Restriction: Request to limit how we process your data.
  • Right to Data Portability: Request to transfer your data to another organization.
  • Right to Object: Object to data processing based on legitimate interests or for marketing purposes.
  • Right to Withdraw Consent: Withdraw your consent at any time for processing based on consent.

To exercise any of these rights, please contact us using the details provided in Section 2.

Security Measures

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or misuse:

  • Encryption of sensitive information during transmission.
  • Secure data storage.
  • Regular audits of security measures.
  • Access controls to restrict data access to authorized personnel only.

Complaints

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the relevant Data Protection Authority. In Finland you can contact:

Office of the Data Protection
Ratapihantie 9, 6th floor
FI-00520 Helsinki, Finland
Phone: +358 29 566 6700
Email: [email protected]
Website: https://tietosuoja.fi/en/

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or to comply with legal requirements. Any significant updates will be communicated to you, and the latest version will always be available on our website.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Invisible Forest Lodge
Ketavaarantie 21
96900 Rovaniemi
Email: [email protected]
Phone: +358 207 437 109

Last Updated: 24.10.2024