REGISTER STATEMENT AND PRIVACY POLICY OF HELSINKI CITY PREMISES

This privacy policy states what personal data we collect and for what purposes said data is used. This privacy policy must be accepted in order for the user to use the kaupunkitilat.fi website and the following websites administrated by Helsinki City Premises Ltd: vanhakauppahalli.fi, hietalahdenkauppahalli.fi, hakaniemenkauppahalli.fi, torikorttelit.fi, helsingintorit.fi and helsingintukkutori.fi.

Helsinki City Premises Ltd processes personal data submitted via all of the aforementioned websites.

This register statement and privacy policy may be updated in response to changes in good data processing practice or for other similar reasons. Any substantial changes to the register statement and privacy policy or restrictions to the rights mentioned herein will be announced separately and in advance.

1. CONTACT INFORMATION OF HELSINKI CITY PREMISES LTD (CONTROLLER)

Helsinki City Premises Ltd (business ID: 3226884-5)
Siltasaarenkatu 6–10, 6th floor
00530 Helsinki
email: viestinta@kaupunkitilat.fi

2. PERSONAL DATA BEING PROCESSED AND SOURCES THEREOF

The personal data we collect is divided into two categories: customer data and technically collected data.

Customer data

We collect email addresses when customers email us or send us feedback via a feedback form. The addresses are collected for replying purposes.

If you want to inspect, correct, prevent the use of or remove your own personal data, please contact: viestinta@kaupunkitilat.fi

Technically collected data

We may automatically collect technically collected data such as the following when you use our services: device data (e.g. the specifications of the technical equipment) and usage data (e.g. the time you spent on our websites and the subpages that you visited, the website from which you came onto ours).

Online analytics services

We use the Matomo Analytics service and other online analytics services in order to improve the usability of our websites. You can find more information on Matomo Analytics on the following website: https://matomo.org/

3. PURPOSE AND LEGAL BASIS OF PROCESSING PERSONAL DATA

Purpose

For customer communications and marketing (legal basis: legitimate interest)

Helsinki City Premises Ltd processes personal data in order to contact you in matters related to communications and marketing.

For quality improvement (legal basis: legitimate interest)

We may also use data pertaining to your use of the website for purposes such as conducting customer satisfaction surveys.

Legal basis of processing

Helsinki City Premises Ltd will process your personal data in order to fulfil its mandatory obligations and its agreement obligations as your agreement partner. We will also process your personal data on the grounds of our legitimate interest to carry out, maintain and develop our business operations and manage our customer relations. When we decide to use your data on the grounds of our legitimate interest, we will weigh our own interest against your right to privacy, which we take into account by e.g. offering you an opportunity to exclude yourself from our marketing communications.

4. TRANSFER OF THE REGISTER DATA

We will share your personal data only within the Helsinki City Premises organisation and only in a manner that is reasonably necessary based on the intended purposes presented in this statement.

We will not disclose your personal data to third parties outside the organisation or outside the EU/EEA.

5. RETENTION PERIOD

Helsinki City Premises Ltd will not retain your personal data any longer than is legally allowed and necessary for our services or essential parts thereof. The length of the retention period will depend on the nature of the data and the purpose of its processing. Therefore, the maximum period may vary based on the intended purpose of the data.

Personal data will only be retained for as long as the law requires or is otherwise reasonably necessary in order for us to fulfil our agreement obligations with you or other legal requirements or legitimate interests, such as the processing of compensation claims, accounting and internal reporting.

In Finland, the supervisory authority is the Data Protection Ombudsman (www.tietosuoja.fi).

6. DATA SECURITY AND PROTECTION OF THE REGISTER

The customer register can only be accessed by persons serving under the controller and other designated persons who need the data in their work duties. They have user IDs and passwords for the register. The data is protected technically with a firewall.

No customer data is processed in the form of printouts.