Privacy Policy
1. Introduction
Finland Wildlife Workshops (“we,” “our,” or “us”) is committed to safeguarding the privacy and personal information of our website visitors, customers, and users. This Privacy Policy details how we collect, use, disclose, and safeguard your data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We firmly uphold your fundamental right to privacy and ensure our practices are transparent, privacy-first, and responsible.
2. Scope and Data Controller Role
This Privacy Policy applies to all personal data processed through our website, https://finlandwildlifeworkshops.com, and any related services. For the purposes of GDPR and CCPA, Finland Wildlife Workshops is the data controller responsible for your personal data. For privacy inquiries or exercise of rights, you may contact us at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data:
a. Usage Data: Includes data about how you use our website, such as your IP address, browser type and version, device identifiers, operating system, referral sources, time and duration of visits, site navigation paths, and interactions with website elements.
b. Account Data: Consists of personal identifiers provided at registration or booking, such as your full name, email address, phone number, postal address, and authentication credentials.
c. Profile Data: Includes information related to your interactions with our services, such as language or product preferences, purchase history, browsing behavior, and past communications.
d. Communication Data: Encompasses any content you provide when contacting us, including inquiries, emails, customer support requests, and feedback.
e. Technical Data: Includes device details such as IP address, device type, browser type and version, timezone, browser plug-in types and versions, fonts, and hardware attributes.
f. Transaction Data: Involves data related to bookings, payments made to or from you, invoicing information, payment method, and delivery of workshop materials or services.
g. Preference Data: Includes your consents, marketing preferences, interests in specific workshops or wildlife experiences, and opt-in/out statuses.
4. Legal Bases for Processing
We process your personal data under the following lawful bases, as applicable:
– Consent: Where you have freely given explicit consent for specific purposes, such as receiving marketing communications.
– Performance of Contract: When processing is required to fulfill an agreement with you, such as registering for a workshop or providing services.
– Legal Obligation: Where we are legally required to process your information, such as for tax or regulatory compliance.
– Legitimate Interests: Where processing is necessary for our legitimate business interests and those interests are not overridden by your data protection rights. This includes website security, user experience enhancement, and fraud prevention.
5. Your Rights
Under applicable laws, you have the following rights with respect to your personal data:
– Right of Access: Obtain confirmation and a copy of the data we hold about you.
– Right to Rectification: Request corrections to inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal data, subject to certain lawful retention requirements.
– Right to Restrict Processing: Request a temporary halt to processing of your personal data in certain circumstances.
– Right to Data Portability: Receive your personal data in a machine-readable format and transmit it to another controller where applicable.
– Right to Object: Object to processing on grounds related to your specific situation, including direct marketing.
To exercise any of these rights, contact us at [email protected]. We will respond in accordance with GDPR and CCPA timeframes.
6. Security Measures
We implement appropriate technical and organizational safeguards to protect your personal data. These include:
– End-to-end encryption of data in transit and at rest
– Access limitations based on role and necessity
– Regular system and software updates
– Multi-factor authentication and account monitoring
– Employee training on data protection and internal protocols
– Secure data backups and incident response procedures
While we strive to ensure your data is secure, no internet transmission is completely secure. Users are responsible for maintaining the confidentiality of their own passwords and access credentials.
7. International Transfers
As part of providing our services, your personal data may be transferred outside your country of residence, including to countries that may not offer the same level of legal data protection. Where required, we use recognized safeguards under GDPR such as Standard Contractual Clauses and ensure equivalent protections are in place in compliance with international transfer requirements.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, and in accordance with legal, regulatory, and operational obligations:
– Usage Data: 12 months for analytics and security purposes
– Account Data: Duration of the user relationship plus 6 years for legal purposes
– Profile and Preference Data: As long as actively engaged or until revoked
– Communication Data: 3 years from the date of last correspondence
– Transaction Data: 7 years for tax and accounting compliance
– Technical Data: Retained for diagnostics and statistical purposes typically under 12 months
Once retention periods expire, data will be securely erased or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user experience and gather aggregate data. Categories of cookies include:
– Essential Cookies: Necessary for core website functionality, such as navigation and security.
– Functional Cookies: Remember user preferences such as language or region.
– Performance Cookies: Collect information on website usage to improve functionality.
– Analytics Cookies: Help us understand visitor behavior to optimize performance.
– Targeting/Marketing Cookies: Used (when consented) to deliver relevant ads or campaigns.
10. Cookie Management and Regional Compliance
Upon your first visit to our website, you are presented with a consent banner per GDPR and CCPA regulations. You may manage your preferences, including withdrawing consent, at any time via the cookie banner or browser settings. Do Not Track signals and Global Privacy Control (GPC) headers are respected per CCPA guidance.
11. Children’s Data Protection
Our website and services are not directed to children under 13, and we do not knowingly collect personal data from minors without verified parental consent. If you believe we have inadvertently collected data from a child, please contact us immediately at [email protected] so appropriate action can be taken.
12. Privacy Policy Updates
We reserve the right to modify this Privacy Policy to reflect changes in law, technology, providers, or business operations. Any significant changes will be communicated via the website or direct communication. Continued use of https://finlandwildlifeworkshops.com after changes indicates acceptance of the amended terms.
13. Contact
For any privacy-related questions, concerns, or to exercise your data protection rights, please contact us using the details below:
Email: [email protected]
We affirm our commitment to compliance with GDPR, CCPA, and other applicable data protection laws. Your trust is vital to us, and we welcome your inquiries or feedback regarding the handling of your personal data.