Hotelli Uninen logo

Privacy Policy

1 PNR (Passenger Name Record) Data File

In accordance with the Laws on Personal Data Protection, Act § 10 and 24 and Hospitality Act § 6 and 7.
Date of issue: 01-Oct-2020

1. The Registrar

Majoituspalvelu Uninen Oy
Haruddintie 9, 07900 Loviisa
matti.rahkonen@gmail.com

2. Contact person in registry matters

Matti Rahkonen
Majoituspalvelu Uninen Oy
matti.rahkonen@gmail.com
Haruddintie 9, 07900 Loviisa

3. Name of the register

PNR (Passenger Name Record)

4. The purpose of processing Personal Data

This PNR is required by Law in the hospitality Act (308/2006). Within the document, the recorded
customer data is used to process the customer’s PNR required by law, to ensure general order and
safety, as well as to prevent and detect criminal activity, and for the production of statistics, for
example, national statistical authority purposes.
By law, the passenger’s Personal Data may be used for the Registrar’s customer service and direct
marketing purposes, unless the passenger has prohibited such processing according to the Personal
Data Act, § 30.

5. Information in the Register

The accommodation operator is responsible for ensuring that a PNR is made. A joint declaration can
be made for group travellers. The notification must include information on the accommodation operator
name, company and corporate identity, as well as the street address. The passenger notification shall
include the following information (passenger information):
• Full name of the passenger, and a Finnish identity number or in their absence, dates of birth
and nationality;
• Full names of the Passenger’s accompanying spouse and minor children, including their
Finnish personal identity numbers or in their absence, dates of birth;
• Passenger’s address;
• Country from which the passenger arrives in Finland;
Passenger’s travel document number; and
• The date of arrival and departure to the accommodation site, if known.
• In addition, the passenger can inform in the PNR, whether the stay is related to leisure
activities, work, meetings or any other reason.
Data will be stored for one year of registration, after which the passenger data will be deleted. The
below mentioned passenger data may, however, be transferred to the same Registrar’s customer
register for handling, for the purposes also indicated below:
• the name and date of birth of the passenger;
• the nationality;
• address information; and
• timing of the visit, duration and purpose.

6. Regular Sources of Information

Records are collected from the passenger himself in the passenger notification. Not limited to this, the
data can be stored and updated on the Registrar’s open data collection system, in order to maintain
the register up-to-date according to the lawful requirements.

7. Legitimate Disclosure of Data

According to the law on hospitality, it is required to hand over information in a PNR as per the rules,
to police or other authorities in so far as the law so requires.

8. Transfer of data outside the EU or EEA

Information is not in principle to be transferred outside of the European Union or the European
Economic Area. Nevertheless, data may in certain cases be transferred when permitted by the Law.

9. Principles for Protecting the Register

A. Manual
Personal Data is stored in locked premises, which are accessible only by persons whose duties
include data processing.

B. Electronically Processed Data
Data stored in information systems or similar digital recording formats is protected through
technology, with confined access only to persons whose duties involve data processing.

10. Rights of the Registree

A. Inspection and right to amend information
The passenger always has the right to check his or her own data stored in the register by extending
a written and signed request to the address mentioned in paragraph 2. Should there be any errors or
omissions in the data, the passenger may request to edit his or her information by submitting a request to a person in charge of the Registrar. The person in charge of the register also has the right
to take own initiative in order to correct inaccurate or incomplete data.

B. Right of Refusal
By law, the Registree has the right to prohibit the Registrar from using his data for direct marketing
purposes, and marketing and opinion surveys. In such prohibition cases the Registree must contact
a person employed at the Registrar directly by email or mail.

2 Customer Register file description

Personal Data Protection Act § 10 and 24.
Date of issue: 01-Oct-2020

1. The Registrar

Majoituspalvelu Uninen Oy
Haruddintie 9, 07900 Loviisa
matti.rahkonen@gmail.com
AHoP Management Oy, on behalf of HOTEL
Hirsalantie 11, 02420 Jorvas, Finland
ahop@ahopmanagement.com

2. Contact person in registry matters

Matti Rahkonen
Majoituspalvelu Uninen Oy
matti.rahkonen@gmail.com
Haruddintie 9, 07900 Loviisa
Jens Stenström
jens.stenstrom@ahopmanagement.com
AHoP Management Oy
Hirsalantie 11, 02420 Jorvas

3. Register name

Customer register

4. The purpose of processing Personal Data

The purpose of the Customer Register is to enable the provision and development of services
produced and provided by the Registrar as well as ensuring their quality. In addition, Personal Data is
processed in connection with bookings, billing, debt collection, credit control, customer contacts,
transactions, customer surveys, reporting, marketing and other customer-related activities. Information
in the registry can also be used to create offers, campaigns and other for targeting other marketing
activities and customer communications to the data subject (the customer). Personal Data is also
processed for sending newsletters and other targeted marketing.
In addition to the abovementioned, the below specified information stored in the register, may be used
in accordance with the laws of Personal Data in addition, for the described purposes:
The establishment of a customer or other contractual relationship, implementation, maintenance
and development;
Maintaining law and order and ensuring and maintaining security, as well as detecting and
preventing criminal activities and abuse;
Market research and other studies, statistics and analysis, as well as other legitimate uses.

5. Information Content of the Register

Information in the customer registry is stored case by case for each customer and contractual
relationship. Such information may include at least the following information about the customer:
name, contact information, e-mail, date of birth and a passport or personal identification card number
if applicable, nationality, date and duration of the visit and the reason for the visit. If the customer has
signed up for any service provided by the Registrar that saves Personal Data, his or her interests and
profile data may be saved.
There may be an activated recording camera in the Registrar’s public areas to ensure public safety
and to prevent damage. Camera supervision is always informed separately. In such cases, the video
recordings are used exclusively for maintaining and ensuring the order and security of accommodation
facilities, as well as for the prevention and detection / investigation of possible crimes and abuses.
Camera surveillance recordings are kept for a maximum of two (2) weeks from the date of recording,
except for in situations where retention is justified due to the law or regulatory investigations due.

6. Legitimate Sources of Information

Records are collected from the customers themselves. Nevertheless, data can be stored and updated
in the Registrar’s open information service register in order to meet the requirements of the Act.

7. Legitimate Disclosure of Data

Personal Data stored in the customer register may be shared together with the Registrar, for purposes
mentioned in paragraph 4, with companies that belong to the same group at the time and other
partners of the group. In addition, the information is handed over to the authorities in accordance with
the Law.
customer information may also be transferred and stored to the service provider’s servers used by the
Registrar to the extent required for data processing.

8. Transfer of Data outside the EU or the EEA

No data, in principle, is to be transferred outside the European Union the European Economic Area.
Nevertheless, data can be transferred to the extent permitted by the Law.

​9. Principles for Protecting the Register

A. Manual
Personal Data is stored in locked premises, which are accessible only by persons whose duties
include data processing.

B. Electronically Processed Data
Data stored in information systems or similar digital recording formats is protected through
technology, with confined access only to persons whose duties involve data processing.

10. Rights of the Registree

A. Inspection and Right of Correcting Information
The passenger always has the right to check and correct his or her own data stored in the register
by extending a written and signed request to the address mentioned in paragraph 2. Should there be
any errors or omissions in the data, the passenger may request to edit his or her information by
submitting a request to a person in charge of the Registrar. The Registrar’s representative also has
the right to take own initiative in order to correct inaccurate or incomplete data.

B. Right of Refusal
By law, the Registree has the right to prohibit the Registrar from using his data for direct marketing,
and marketing and opinion surveys. In such prohibition cases the Registree must contact a person
employed at the Registrar directly by email or mail.

© 2022 Majoituspalvelu Uninen Oy
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram