SSH Group Ay Ab is committed to protecting and ensuring the confidentiality and privacy of the personal data it possesses in accordance with the General Data Protection Regulation (EU 2016/679, the “GDPR”).
This privacy policy applies to personal data that SSH Group Oy Ab collects about you when you contact us as a decision maker, contact person or representative of a (prospective) corporate customer, supplier, or partner or when you visit our website.
With this privacy policy SSH Group Oy Ab informs you about the processing of your personal data in the above-mentioned situations.
Register keeper
SSH Group Oy Ab
Business ID: 3333440-2
Email: info@aikotravel.com
Purpose of the processing of personal data
SSH Ggroup Oy Ab processes and collects personal data for the following purposes:
- establishing, managing, and developing customer-, supplier- and partner- relationships, as well as related contractual relationships
- planning and developing business activities and services
- sale of services and products
- to provide information, communicate and market services and products
- invoicing
Legal basis for the processing of personal data
The legal basis for the processing of personal data is SSH Groups Oy Ab’s legitimate interest where the processing is related to the establishing, managing, and developing of customer/supplier/partner relationships (including the entering into a contract with the organization you represent and the management of such a contract). SSH Group Oy Ab also processes personal data based on its legitimate interest when providing and developing its services and when processing personal data for the purposes of communicating, marketing, and invoicing and where the mentioned activities are related to a customer/supplier/partner relationship.
In some cases, we may also process your personal data to perform a contract to which you are a party or to carry out pre-contractual measures at your request.
SSH Group Oy Ab also processes personal data based on your consent for marketing purposes and possibly through cookies, depending on the type of consent you have given for the use of cookies. Our cookie policy can be found in the end of this document.
Contents of the register
- first and last name
- contact details (phone number, email address)
- name and contact details of the company you represent
- your position in the company you represent
- consents and prohibitions concerning direct marketing
- data related to marketing and sales promotions (for example, marketing measures targeted to the data subject)
- payment information such as payment method, payment date, IP address, account number
- technical information sent by your browser to our service providers server (e.g. IP address, browser, browser version, page from which you accessed our website)
Your rights
To the extent permitted by the GDPR you have the following rights. Requests regarding the use of these rights shall be sent to info@aikotravel.com
- Right of access: You have the right to access the personal data we store about you.
- Right to require your personal data to be rectified: If you think the personal data we hold about you is incorrect or incomplete, you can always request that we rectify such data.
- Right to object: You have the right to object to the processing of your personal data if the processing is based on SSH Groups Oy Ab’s legitimate interest. In this case, however, we may continue the processing if, for example, we have a compelling legitimate interest to the processing which overrides your interests. You can always object to direct marketing.
- Right to restrict processing: You have the right, in certain circumstances, to request that the processing of your personal data is restricted. For example, if you consider that the processed personal data is inaccurate, the processing is unlawful or SSH Group Oy Ab no longer needs the personal data for the purposes of the processing, but you need it for the establishment, exercise, or defense of legal claims, you have the right to request that SSH Group Oy Ab restricts the processing of your personal data.
- Prohibition of direct marketing: You have the right to prohibit the use of your data for direct marketing.
- Right to erasure: You have the right to request the removal of your data. Such a situation may arise, for example, if the processing is no longer necessary for the purposes for which SSH Group Oy Ab has collected the data. We will process the request for removal, after which we will either erase the data or provide a justified reason why the data cannot be erased. Please note that SSH Group Oy Ab may have a legal or other right not to erase the requested data (see section 9 “Data retention period” below).
- Withdrawal of consent: If the processing of your personal data is based on your consent you can withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of the processing of personal data that we have carried out prior to the withdrawal.
- Right to lodge a complaint: You have the right to lodge a complaint with the Data Protection Ombudsman, if you consider that we process personal data in breach of applicable data protection legislation.
The contact details of the Data Protection Ombudsman:
Lintulahdenkuja 4, 00530 Helsinki
Phone number: 029 566 6700
Email: tietosuoja@om.fi
Additional information: www.tietosuoja.fi
Regular sources of data
Personal data is primarily obtained from you by telephone, online, from the website of the company you represent, in meetings or other similar manners. When entering into agreements and during the course of a contractual or other similar relationships, personal data is also collected.
Personal data may also be collected and updated from publicly available sources like company websites and the trade register.
Regular disclosures of personal data
To provide you with the best possible service, we may disclose data to our partners, who will process your data only to the extent necessary to provide the service in question.
SSH Group Oy Ab may also disclose personal data to the extent permitted and required by applicable law, for example to authorities.
Transfer of personal data outside of the EU or the EEA
As a general rule, SSH Group Oy does not transfer personal data outside of the EU or the EEA.
If the purpose of the processing of personal data or the technical implementation of the processing so requires, personal data may be transferred outside the EU and the EEA. In this case SSH Group Oy Ab will comply with the requirements of the GDPR and the primary transfer tool used by SSH Group Oy Ab are the standard contractual clauses of the EU Commission, provided that the EU Commission has not adopted an adequacy decision for the receiving third country.
The personal data processors used by SSH Group Oy Ab are also through data processing agreements committed to using the standard contractual clauses of the EU Commission as the primary transfer mechanism, if personal data is transferred outside the EU/EEA.
Automated decision-making and profiling
We do not use data for automated decision-making or profiling.
Retention period of personal data
As a general rule, personal data is processed as long as your and SSH Groups Oy Ab’s relationship is active and the processing of your personal data is necessary for the purposes of processing in accordance with this policy, however taking into account retention periods set forth in mandatory and applicable laws (for example the accounting act).
Personal data processed based on a contractual relationship with a customer/supplier/partner is stored for the duration of the said relationship. After this, we will retain your data in case of any legal claims for a further three years, calculated from the end of the financial year during which the relationship ended.
SSH Group Oy Ab may process your personal data for marketing purposes for one additional year from the end of the financial year during which your relationship with SSH Group Oy Ab has ended. After this we consider your relationship with SSH Group Oy Ab passive.
After a withdrawal of consent SSH Group Oy Ab no longer processes personal data for purposes requiring consent.
Principles of register security
Electronically processed data is protected by firewalls, passwords and other methods generally approved by the information security industry. We store your data in accordance with the from time-to-time applicable legislation and only for as long as it is necessary to fulfil the purposes described in this policy.
Consequences of failure to provide data
In case you do not provide all the requested personal data to SSH Group Oy Ab, we might not be able to establish, manage and develop a customer/supplier/partner relationship with you or the legal entity you represent or communicate about our services with you.
Changes to the policy
SSH Group Oy Ab reserves the right to amend and update this policy. The up-to-date version of the policy is always found on SSH Groups Oy Ab’s website. We recommend that you review the contents of the policy on a regular basis.
Cookie policy
What are cookies?
Cookies are small text files that can be used by websites to make a user’s experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission.
How do we use cookies?
Our website uses first- and third-party cookies, for different purposes. The first party cookies are usually necessary for the website’s operation, and they don’t collect any personal data. The third-party cookies are used so that we can understand how our users interact with our webpage and make it more smooth and easier to use.
Your consent is for www.aikotravel.com
What kind of cookies do we use?
Necessary cookies – that are needed for the operation of the webpage. These cookies are:
CookieConsent – Stores the user’s cookie consent state for the current domain.
rc::aThis cookie is used to distinguish between humans and bots. This is beneficial for the website, to make valid reports on the use of their website.
rc::c This cookie is used to distinguish between humans and bots.
Preference cookies
pll_languageThis cookie is used to determine the preferred language of the visitor and sets the language accordingly on the website, if possible.
Statistic cookies
_ga Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
_ga_# Used by Google Analytics to collect data on the number of times a user has visited the website as w ell as dates for the first and most recent visit.
How can I handle my cookie settings?
If you would like to change your cookie settings later during your session, you can press the button in the left down corner. You can select withdraw consent or change consent.