The Riiho Guest House’s data protection and GDPR practice
Who we are
What personal data do we collect and why?
When visitors leave comments on the website, we collect the information provided on the comment form, their IP address and their browser’s user agent string to detect spam.
If you upload images to the website, you must not use images that include embedded location information (EXIF GPS). Visitors are able to download and retrieve location information from images displayed on the website.
We use contact forms only to collect contact information. We never use contact forms to collect sensitive data. The data collected from contact forms is used to create a customer register for communication, marketing and invoicing.
When sending a message using a contact form, you can choose to some degree whether you wish to provide your name, email address, phone number and any other information for which you are asked. This information may be stored in cookies. If you do not provide us with this information, it may be difficult for us to give you a quote or otherwise communicate with you. When your information is stored in cookies and you revisit the website, your personal data may be automatically inserted in forms. This makes it easier for you to communicate with us. Cookies are stored on the website for one year, and are then automatically deleted.
If you have created an account and you sign in to the website, we set a temporary cookie to determine whether your browser accepts cookies. This temporary cookie does not contain personal data, and it is deleted when you close your browser.
When you sign in, we also set several cookies to store your sign-in information and screen settings. Sign-in cookies are stored for two days, and screen-setting cookies are stored for one year. If you select ‘Remember me’, you will remain logged in for two weeks. If you log out, your sign-in cookies are deleted.
If you edit or publish an article, a new cookie is stored in your browser. This cookie does not contain personal data. It only contains identification information for the post you created. This cookie will be deleted after one day.
Embedded content from other websites
The articles on the website may include embedded content (videos, images, articles, etc.). Embedded content from other websites works in the same way as content on the original site, meaning that it equals a visit to that site.
We do not disclose your data to third parties. Email messages arrive directly on our server. Some messages run through MailChimp mailing software (or similar services). MailChimp, Google and Facebook store and process your data in accordance with their own practices.
Data storage periods
If you leave a comment, your comment and its metadata are stored indefinitely. This enables us to identify and accept all monitored comments automatically instead of keeping them in the moderator’s processing queue.
If users sign up for our website, we also store the personal data provided in their user profile. All users are able to view, edit and delete their personal data at any time, but they cannot change their username. Website administrators also have access to this data and are able to edit it.
Your rights to your data
If you have an account with this website or you have left comments, you can ask us to provide you with all the personal data we have about you, including all the data you have submitted to us. You can also ask us to delete the personal data we have about you. This does not include the data we must store for administrative, legal or security reasons.
Visitors’ comments may be checked using an automatic spam detection service.
Our contact information
The comments you leave and any blog articles you post on the website are visible to all. The information you provide on the contact form is transferred encrypted to our email server.
Data protection practice
We are not currently collecting sensitive data (e.g. personal identity codes) about website visitors. The data we collect mainly includes contact information. Google, Facebook and any other services we use collect information about website visitors in accordance with their own practices. They have their own procedures in case of data breaches, and these procedures are beyond our control.
Data received from third parties
Google and Facebook provide us with data related to marketing and remarketing.
Collection of data about advertising features
We use Google Analytics Advertising Features. These collect website traffic information for Google Analytics in addition to other data. Data collection for remarketing requires that Remarketing and Advertising Reporting Features in Google Analytics are enabled. More information.
We allow the automatic collection of traffic data in Google Analytics.
This function enables data collection in display and search network remarketing. The data collection concerns those logged-in users of Google who have given Google permission to combine their online and application browsing history with their Google account and use this Google account information to tailor advertising. Google Analytics temporarily connects these identifiers to your Google Analytics information to support your audiences. By enabling this setting, we agree to comply with the practices concerning the policy requirements for Google Analytics Advertising Features, including sensitive category restrictions and obligatory data disclosure practices concerning the collection of end-user data and the disclosure of this data to Google.
Advertising Reporting Features
Advertising Reporting Features enable audience target group data and interest reporting, DoubleClick Campaign Manager and DoubleClick Bid Manager reporting, and Google Display Network impression reporting. These features provide us with a better understanding of our website users. More information.
Storage of user and event data
Data related to cookies, user identifiers and advertising identifiers, for example, are stored for 50 months from the most recent visit. More information.
Automatic decision-making and/or profiling
Google and Facebook provide us with access to their marketing and profiling tools. We also use a chat service that enables us to engage in profiling and segmentation to some degree.
Any articles or comments by visitors on the website do not necessarily reflect the values, operating principles or opinions of the Riiho Guest House’s owners. Such articles and comments are their author’s own opinions and outputs.
We operate in accordance with the laws of Finland and the EU.
Customer account and data protection in the online store
The Riiho Guest House welcomes all individuals and companies as customers. The commercial relationship complies with the applicable laws of Finland and the EU in terms of consumer trade, marketing and advertising. Commercial agreements between companies and the Riiho Guest House primarily comply with these terms and conditions, and with the Sale of Goods Act in other respects.
When placing an order, the customer must provide their full contact information. For consumers, this means at least their name, address, telephone number and any email address. For companies, this means their name, telephone number and email address, as well as mailing and billing addresses if necessary.
Customer data is stored in the Riiho Guest House’s customer register. The data contained in the customer register is used to maintain customer relationships. The Riiho Guest House also has the right to process and disclose data contained in the register for justified purposes (such as direct marketing) in accordance with the Personal Data Act (523/99).
Payment, delivery and returns
In our online store, you can pay for your purchases through payment channels provided by our selected partners. No data required for payment is stored in our service if you choose to prohibit its collection on your account.
We seek to ship products within 48 hours of the order (orders are processed on weekdays only). The stock information on our online store is not necessarily fully up to date, meaning that deliveries may be delayed. This is affected by how quickly our suppliers can deliver products to us.
Items may be returned unopened within 14 days. Complaints must be filed in writing (via email, for example) as soon as a defect has been detected. We will not accept opened items unless the product is clearly defective or its quality is extremely poor. Our products are high-quality Finnish products.
Procedures for force majeure events will be negotiated on a case-by-case basis.