Privacy Policy

(Updated 19.8.2024)

Cookies and Location Data 

The Visit Turku website uses cookies to monitor visitor statistics and improve the service. We use, among others, Facebook tracking pixels and the Google Analytics web analytics tool, including associated advertising features. These services may use cookies and other technologies to collect and receive information about site visitors and use that information to provide analytics and targeted advertising. 

All collected data is processed anonymously, ensuring that it can never be linked to personal data or otherwise used to identify individual users. 

Our website may request your location data to suggest nearby services to you. Location data is also essential for the Digisuunnistus service to function correctly. We use your location data only for the aforementioned purposes and do not share it with third parties. The location data is stored only temporarily. You can block the use of location data in your device's settings if you wish. 

Visit Turku Archipelago Privacy Policy 

  1. Registering Body 
    Visit Turku Archipelago Oy 
    Eerikinkatu 13, 20100 Turku 
    info@visitturkuarchipelago.fi 
     

  1. Purpose of Personal Data Processing 
    Visit Turku Archipelago processes the contact information of its partners, stakeholders, and other contacts for communication, marketing, and other customer and partnership relationship management purposes. Examples of such communication include sending event invitations and notifications related to partnership activities. Additionally, the personal data of event participants is processed for event organization purposes. 
     

  1. Processed Personal Data 
    Visit Turku Archipelago may process the following personal data for the aforementioned purposes: 
     
    • Name and contact information, such as phone number and email address 
    • Role/title and information about the organization the person represents (company contact information) 
    • Information on direct marketing permissions and prohibitions, as well as other communications between the parties 
    • Additional information provided during event registrations, such as possible food allergies 
     

  1. Legal Basis for Processing 
    Processing is based on the consent provided by the data subject or on the legitimate interest of the data controller in communication between organizations. Communication may be directed at representatives of organizations under the so-called authority of position. However, all parties have the right to opt-out of direct marketing if they so wish. 
     

  1. Data Retention Period 
    Collected data is retained only for as long as necessary in relation to the original purposes for which the personal data was collected. Personal data stored in registers will be deleted when there is no longer a legal basis for processing them. Contact information is generally retained as long as there is a potential need for communication, for example, as long as the person acts as a designated contact for a partner. 
     

  1. Disclosure and Receipt of Data 
    Visit Turku Archipelago has external partners who may participate in the processing of personal data on behalf of Visit Turku Archipelago when providing certain services. These partners include, for example, suppliers and maintainers of the organization's information systems. 
     
    No personal data from Visit Turku Archipelago's registers is disclosed without the explicit consent of the data subject. Visit Turku Archipelago may receive personal data from individuals and the organizations they represent, as well as from other partners, for example, when the organizer of a jointly produced event provides us with the collected data on the event participants. Visit Turku Archipelago applies the same principles to such data as to data it has collected itself. The organization disclosing the data is responsible for communication with the individuals at the time of data collection and disclosure. 

  1. Principles of Data Protection 
    Visit Turku Archipelago Oy ensures the security, confidentiality, integrity, and availability of personal data registers through appropriate technical and administrative measures. Data is protected, among other things, by firewalls, physical security of device rooms, access rights, encryption technologies, and active monitoring of these measures. Only a limited number of people have the right to process the data. Personal data is generally not transferred, stored, or otherwise processed outside the European Union or the European Economic Area. Exceptions to this relate to the international software or online services used by Visit Turku Archipelago, such as our customer relationship management (CRM) system. In such cases, Visit Turku Archipelago has ensured that the level of data protection guaranteed by the EU’s data protection regulation is implemented despite the transfer. 
     

  1. Rights of the Data Subject 
    Right of Access and Rectification 
    You have the right to receive a copy of your personal data stored in Visit Turku Archipelago’s registers. If there are deficiencies or errors in your data, we must correct them without delay. 
     
    Right to Erasure and the “Right to Be Forgotten” 
    In certain situations, you have the right to request that the data controller erase your personal data. 
     
    Right to Be Forgotten 
    You have the right to have your data erased if processing is based on consent, if the data has been processed unlawfully, or if the data is no longer needed for the purposes for which it was collected. This right does not apply if processing is necessary for Visit Turku Archipelago Oy to fulfill a legal obligation, perform a task of public interest, exercise public authority, or establish, exercise, or defend a legal claim. 
     
    Right to Restrict Processing 
    In certain situations, you have the right to restrict the active processing of your data. For example, you may request the restriction of processing while you await our response to a request to rectify or erase your data. 
     
    Right to Object to Processing 
    You have the right to object to the processing of your personal data if the processing is based on tasks of public interest, the exercise of public authority, or legitimate interests, and you have a personal special reason to object to the processing. You also always have the right to prohibit the use of your data for direct marketing. 
     
    Right to Data Portability 
    You have the right to receive your personal data that you have provided to Visit Turku Archipelago Oy in a machine-readable format and transfer it to another organization if the processing is based on consent or a contract and is carried out automatically. 
     
    Right to Lodge a Complaint with a Supervisory Authority 
    You have the right to lodge a complaint with a supervisory authority if you believe that your personal data is being processed in violation of data protection legislation or if Visit Turku Archipelago otherwise fails to comply with its data protection obligations. In Finland, the competent supervisory authority is the Office of the Data Protection Ombudsman. 

  1. Contact Information 
    Questions and requests regarding the exercise of the above-mentioned rights should be directed to: 
    olli.ylioja@visitturkuarchipelago.fi