Privacy Policy

This privacy policy informs you solely about the customer registry of Midnight Sun Wake Oy’s Johku store and the principles of processing the data.

We may occasionally modify our privacy practices and this privacy policy. We recommend that you review our privacy practices regularly.

  1. Data Controller
    Summer Activity Center Roiske
    Ounasjoen Itäpuolentie 21
    +358405022500
    info@roiskeelle.fi
    Midnight Sun Wake Oy, 2886325-4

  2. Person Responsible for Register Matters and/or Contact Person

    Midnight Sun Wake Oy
    0405022500
    info@roiskeelle.fi

  3. Name of the Register
    Midnight Sun Wake Oy Online Store Customer Register

  4. Legal Basis and Purpose of Processing Personal Data / Purpose of the Register
    The legal basis for processing personal data under the General Data Protection Regulation (GDPR) is the contract formed when the customer orders products and/or services from Midnight Sun Wake Oy’s online store. The purpose of the register is to facilitate online trading via Midnight Sun Wake Oy’s online store, such as transmitting order details, billing information, payment confirmation details, or processing information between Midnight Sun Wake Oy and the customer. Additionally, the register is collected to enable customer service-related communications, maintain the customer relationship, and for electronic marketing communications when the customer has consented to this.

    Midnight Sun Wake Oy does not store orders made for other merchants' products or related information in its customer register.

    Data is not used for automated decision-making. Data may be used for profiling.

  5. Contents of the Register

    • First and last name

    • Address

    • Postal code

    • Country

    • Phone number

    • Email address

    • Source page of the order
      For businesses, the following are also recorded:

    • Company name

    • Business ID

    • E-invoice address

    • Intermediary ID

    • Reference

    • Brand
      Additionally, in the process’s additional information field, customers may be asked to provide other relevant details at their discretion.

    Data Retention Period
    Data is retained as long as the user and Midnight Sun Wake Oy have a valid mutual agreement and/or consent.

    Data may be retained longer if necessary to fulfill obligations under applicable legislation, such as those related to accounting and consumer trade, to demonstrate compliance with these obligations.

  6. Regular Data Sources
    Data is collected through electronic forms on the Johku online service. Customers input their data personally when ordering from Midnight Sun Wake Oy’s Johku online store.

  7. Regular Data Disclosures and Transfer of Data Outside the EU or EEA
    Data is not disclosed to third parties and remains with the data controller. Data may be processed technically outside the EU or the European Economic Area.

  8. Principles of Register Protection
    The data is processed with care and is protected appropriately with information systems. When register data is stored on Internet servers, their physical and digital security is properly maintained. The data controller ensures that stored data, server access rights, and other security-critical information are handled confidentially and only by those employees whose duties require such access.

    Electronically Stored Data
    The register is located in the Johku service, and Aptual Commerce Oy processes the data. Complete registry data can only be accessed by the data controller and technical maintenance personnel of Aptual Commerce Oy.

    More about Johku’s privacy principles: johku.fi/fi/tietosuoja

    Manual Data
    As a rule, we avoid printing register data as manual material. If, in some situations, manual data is printed from the register, it will be stored in a locked space, and only the data controller will have access to the material.

  9. Right of Access and Implementation of the Right to Access
    Every person in the register has the right to check their stored data and correct any inaccurate or incomplete data. This right is automated by the Johku system used by Midnight Sun Wake Oy as follows:

    Johku communicates to the user through the "Oma Johku" service about the processing of their personal data in connection with the merchant’s confirmation messages. These messages include a link to the "Oma Johku" service.

    In "Oma Johku", the user can check the data stored about them and make any necessary corrections. The service also allows the user to download the data in a structured format for transferring it to another system. "Oma Johku" can be accessed anytime at johku.com/customer.

    "Oma Johku" also offers the possibility to terminate the "Oma Johku" agreement and delete the data from "Oma Johku". If the user stops using "Oma Johku" and terminates the agreement with Johku, all automated functionalities related to personal data management cease. After the termination of the agreement, the user must manage their own data (checking, correcting, the right to be forgotten, restricting, or transferring to another system) in writing directly with Midnight Sun Wake Oy. Midnight Sun Wake Oy may request the user to verify their identity if necessary. Midnight Sun Wake Oy will respond to written requests within the time frame set by the EU Data Protection Regulation (generally within one month).

    "Oma Johku" service use is free of charge.

  10. Other Rights Related to the Processing of Personal Data
    The person in the register has the right to request the deletion of their personal data from the register ("right to be forgotten"). Registered individuals also have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations.

It should be noted that the data stored in Midnight Sun Wake Oy’s customer register is always generated when the customer purchases products and/or services. In such cases, Midnight Sun Wake Oy is also bound by accounting and tax laws regarding the retention of such data.

Requests should be sent in writing to the data controller. The data controller may request the user to verify their identity if necessary. The data controller will respond to the customer within the time frame set by the EU Data Protection Regulation (generally within one month).

  1. Cookies
    This website uses cookies. The website sends a small file to the browser, which is stored on the computer's hard drive. There are both (temporary) session cookies, which close when the browser is closed, and persistent cookies, which are stored on the computer’s hard drive. The purpose of cookies is to enhance the user experience on the site. If you are a registered user, cookies also manage login and access to pages intended only for registered users. Cookies can track and observe the user's interests and thus influence the service's usability. Most Internet browsers automatically accept cookies. If necessary, cookie usage can be disabled in the browser settings, which will disable some functionalities.

Advertising cookies may be used to optimize the advertising experience for the user of the service. Some third-party providers, including Google, may also use cookies or web beacons (1-pixel image files) to improve the advertising experience.

The information collected through cookies and web beacons does not contain the user's personal information. Online activities cannot be linked to a specific individual through this information.

These policies made: 1.7.2021