Privacy Policy for IFTDays 2020 Ticket Sales

Privacy Policy – Register Prescription

This is International Forest Therapy Days’ Privacy Policy – Register prescription by GDPR regulation. It was made on June 1st, 2018.

1) Controller

Luontomieli 2859867-3 (Heidi Korhonen) Päivärannantie 1, 28330 Pori, Finland, +358 400821069, foresttherapydays@gmail.com

2) Contact persons in matters relating to the register

Heidi Korhonen, Väinönraitti 1K, 28330 Pori, +358400821069, foresttherapydays@gmail.com

3) Register name

International Forest Therapy Days client register

4) Purpose of processing personal data

Personal data is collected for the purpose of billing or for the purposes of being able to make a purchase at International Forest Therapy Days’ web shop. The billing relates to the event of International Forest Therapy Days held in the summer 2019 in Finland.

It is important to maintain personal information throughout the planning of the event to ensure that international guests manage to arrive safely to the event location; for example, so that they can be reached by phone or other means.

The transaction will be concluded with the customer for further processing of personal data. Other personal data except e-mail will be destroyed in Wordpress and Holvi web shop systems. The email will be stored in a password-protected Luontomieli computer in an excel file if the customer makes a purchase.

5) Data content of register

Company name, person's name, billing address, telephone number and email. Information on dietary restrictions and food allergies are necessary in order to secure successful and safe event, and will be kept throughout the duration of the event. After the event, the data content of the register contains only email addresses if the customer signs the consent or signs up to newsletter. The billing material and the accounting material are kept in accordance with the time period specified in the Accounting Act.

6) Sources of information

Information is collected from the registered person himself and from Holvi web shop and payment service. The person personally signs up for the event or purchases a ticket from the Holvi web shop, after which he is approached by email.

7) Deliveries of information

Personal information is received and handled by: Luontomieli, Holvi Payments Services Ltd, the receiver of the order and payment by the client, and deliverer of information to Luontomieli.

Both organizers of the International Forest Therapy Days event will need access to some of the information. The other organizer, NatureMinded, will have access to e-mail and telephone number information of the clients, which is essential for organizing the event. For example, in the event of a pick up at the airport, both organizing parties need to have access to the phone numbers of customers being picked up. The controller does not disclose personal information to anyone in any case.

8) Transfer of data outside EU and EEA

Not applicable.

9) Registry protection principles

Careful handling of the registry is ensured and data processed by the information systems will be adequately protected. The customer registry information is stored in the controller's system, that is protected by the operating system security software. Entering the system requires entering a username and password. The system is also protected by firewalls and other technical means. The information contained in the register is located in locked and secured spaces. Luontomieli keeps billing material and accounting material for the time period specified in the Accounting Act.

10) The right to inspect and rectify

Every person whose data is included in the registry has the right to check his / her data stored in the registry and to demand that any incorrect information be corrected or incomplete information supplemented. The requests for changes should be sent in writing to the controller. The customer has the right to inspect personal data concerning himself, the right to correct the information, limit the processing (e.g. to prohibit marketing), the right to object to the processing, and the right to appeal to the supervisory authority. A person has the "right to be forgotten" only if the company has no statutory obligations to continue the processing of customer's personal data.

11) Other rights relating to processing of personal data

A person in the register has the right to request the deletion of his / her personal data from the register. Also, those who are included in the register also have rights under the EU's general data protection regulation such as restricting the processing of personal data in certain situations. Requests should be sent in writing to the controller of the register.

Merchant info

IFTDays 2020 Ticket Sales