Adore 360 Ltd (later Adore 360) is committed to protecting and respecting your privacy, whilst offering the best service and experience. We follow strict security procedures on the holding and usage of personal information. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
1. Data controller and contact details
Adore 360 Oy
Johanneksenrinne 1 B 49
00120 Helsinki, Finland
Tel: +358 40 5646 717
Contact person: Eeva Pukkila
2. Name of the register
The name of the register is Adore 360’s client and marketing register.
The register covers Adore 360’s clients, prospective clients, and other parties who receive marketing communication.
3. Purpose of privacy notice
This privacy notice aims to give you information on how Adore 360 collects and processes your personal data through your use of this website or our services, including any data you may provide through this website when you leave us a message.
4. Data protection principles
We will comply with data protection law and principles, which means that your data will be:
• Used lawfully, fairly and in a transparent way.
• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
• Relevant to the purposes we have told you about and limited only to those purposes.
• Accurate and kept up to date.
• Kept only as long as necessary for the purposes we have told you about.
• Kept securely.
5. Sources of personal data and updating
Personal data is collected from the customer itself and when the customer uses the services of Adore 360. This includes personal data you provide when corresponding with Adore 360 or place a request for services with Adore 360 and includes circumstances in which you:
• Apply for our products or services;
• Complete booking transaction;
• Request marketing to be sent to you;
• Enter a competition, promotion or survey; or
• Give us some feedback.
Individuals may be added to the register, when the individual belongs to a group which is Adore 360’s client. Personal data may also be collected and updated based on information from publicly available sources and third parties, such as Suomen Asiakastieto Oy.
Our company is hosted on the Showit.com platform. Showit.com provides us with the online platform that allows us to sell our services to you. Your data may be stored through Showit.com’s data storage, databases and the general Showit.com applications. They store your data on secure servers behind a firewall.
We use Google Analytics to help us understand how our customers use our website — you can read more about how Google uses your personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
6. The data we collect about you
The following categories of personal data are processed:
• Basic data: Full name, date of birth, nationality, passport details
• Contact data: Delivery address, email address and telephone numbers
• Marketing and Communications data: your preferences in receiving marketing from us and your communication preferences
• Interests: The interests and hobbies of the client, prospective client, and other parties who receive marketing communication
We may collect any special categories of personal data about you, such as dietary requirements and medical conditions, if required for the purpose of the services.
7. How we use your personal data
The purpose of use is:
• To manage your booking
• To contact you with information and detail about your booking
• To personalize your customer experience
• To improve our service
• To send you marketing material
• To ensure security and protect business interests
• To use data analytics
• To company with legal obligations
Marketing Material and Practice
We sometimes collect your information so that we can form a view on what we think you may want or need, or what may be of interest to you. With this information we decide which products, services and offers may be relevant for you and what marketing you may be interested in.
We keep you up to date with our latest offers, partnerships, competitions that we think might be of interest/relevance to you. We will only contact you in this way if:
• You have signed up to receive marketing communications from us
• You have requested information from us or entered a competition or registered for a promotion and provided your details
• You have made a booking with us
You may opt-out from receiving marketing material from us at any time by either clicking the unsubscribe option in our emails or by contacting firstname.lastname@example.org.
8. Transferring personal data
We require all third parties to respect the security of your personal data and to treat it in accordance with Privacy Law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
This will involve transferring your data outside the European Economic Area (EEA). Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is carried out and that those countries have been deemed to provide an adequate level of protection for personal data by the European Commission.
9. Securing your data
We have security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We limit access to your personal data to those employees and third parties who require information for the purpose of a transaction or service on your behalf. Your personal data will remain confidential and only be used on our authority.
We have set out procedures to combat suspected personal data breach and will notify you of any applicable breach where we are legally required to do so.
10. Holding your data
We will only retain your personal data for as long as necessary to fulfil the purposes of use, including: legal, accounting, or reporting requirements. For the purpose of Tax and accounting we are required by law to retain information about our customers for ten years after the final transaction.
The necessity of retaining client’s and prospective client’s personal data for sales and marketing purposes, as well as the data’s correctness, is reviewed annually. Unnecessary and outdated data will be erased in accordance with the reviewing of the data’s correctness, and also at other times when deemed necessary.
11. Rights of the data subject
The data subject has the right to receive confirmation from the data controller as to whether or not personal data concerning the data subject are being processed, or whether personal data has been processed.
The data subject is entitled to receive a copy of the processed personal data and the personal data undergoing processing. The data subject has also the right to obtain from the controller the rectification or erasure of personal data concerning him or her and the data subject has the right to prohibit the processing of personal data for direct marketing purposes.
In certain cases, the data subject has also the right to request from the controller restriction of processing of personal data or otherwise object to processing. Furthermore, the data subject may require the transmission of the personal data, which he or she has provided to the controller in a machine-readable format based on the GDPR.
All requests mentioned here shall be provided in writing and signed to the above-mentioned representative of the controller.
Whether the data subject finds the processing of his or her personal data unlawful, he or she has the right to lodge a complaint with a supervisory authority.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We implement security measures to confirm your identity when requesting data and may ask for specific information before we are able to release personal data.
12. Providing your personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us by email at email@example.com.