This is the privacy policy of Lazydog / Lazydog Adventures, prepared in accordance with the Finnish Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Created on February 1, 2022.
1. Data Controller
Lazydog Adventures, Kallionkaari 3, 40900 Säynätsalo Y-tunnus: 2180909-5
2. Contact Person Responsible for the Register
Teija Perämäki, 040 358 6609, info@lazydog.fi
3. Register Name
Customer Register of the Company.
4. Legal Basis and Purpose of Processing Personal Data
The legal basis for processing personal data under the EU GDPR is: The individual’s consent (voluntary) and legitimate interest of the data controller (employment relationship).
The purpose of processing personal data is to maintain contact with customers and manage customer relationships. The data is not used for automated decision-making or profiling.
5. Contents of the Register
The register contains the following information: Name, age, contact details (phone number, email address, location), prior activity experience, and the participant’s general health condition.
Data is stored on the company’s computer in an Excel file from registration until one week after the trip ends, after which customer data is deleted.
6. Regular Data Sources
The data in the register is obtained from the customer via email or through an electronic registration form.
7. Regular Disclosures of Data and Transfers Outside the EU or EEA
Data is not regularly disclosed to third parties. Data may be published only to the extent agreed with the customer.
8. Principles of Data Protection
The processing of the register is handled with care, and data processed via information systems is appropriately secured. If register data is stored on internet servers, the physical and digital security of the hardware is duly ensured. The data controller ensures that stored data, server access rights, and other critical information for personal data security are handled confidentially and only by employees whose job descriptions include such tasks.
9. Right to Inspect and Correct Data
Every individual in the register has the right to inspect their stored personal data and request the correction of inaccurate or incomplete information. If an individual wishes to inspect their data or request a correction, they must submit a written request to the data controller. The data controller may require the requester to verify their identity if necessary. The data controller will respond within the timeframe stipulated by the GDPR (usually within one month).
10. Other Rights Related to Personal Data Processing
Individuals in the register have the right to request the deletion of their personal data (“right to be forgotten”). Similarly, individuals have other rights under the GDPR, such as restricting the processing of their personal data in certain circumstances. Requests must be submitted in writing to the data controller. The data controller may require the requester to verify their identity if necessary. The data controller will respond within the timeframe stipulated by the GDPR (usually within one month).