Privacy Policy: Parking area

1. Data Controller

Kiinteistö Oy Hotelli Marina, 1969137-4, Linnankatu 34, 20100 Turku (hereinafter ”Controller”).

The Controller processes personal data of customers (hereinafter ”Customer”), such as license plate numbers of their vehicles. The Controller is committed to processing all personal data carefully and in full compliance with valid data protection legislation, such as GDPR.

2. Why do we process personal data?

We process personal data in order to be able provide for example parking service to our Customer.

We also process the personal data of Customer using a camera surveillance system. We process recorded camera surveillance images in an effort to protect our property and Customer’s property, to prevent crime, and to investigate any crimes committed or accidents occurring on or in close proximity to our premises.

The processing is based on a legitimate interest. The processing of personal data is permitted when it is necessary to realise the legitimate interests of Controller or a third party. Controller considers the processing of personal data for the processing purposes specified above to be absolutely necessary to the protection of property of Controller and Customers, and these same interests cannot be effectively protected by means of other, less stringent measures.

3. What data do we process and where does this data come from?

License plate registration (LPR) camera at the entrance of parking area takes pictures of license plates of each arriving vehicle. The pictures of license plates as well as the license plate numbers are stored into our register.

Regarding Customers that have contract with us, in addition to the license plate number(s) informed by the Customer, we store the Customer name and invoicing information to our register.

The camera surveillance register consists of video recordings made on a time and place-bound camera surveillance system. Data subjects are informed of recorded camera surveillance by ”Recorded camera surveillance” signs and/or lables posted at operational premises.

4. Who is permitted to process personal data?

Personal data may be processed by employees working for Controller, whose job description includes the monitoring of the entrance or the maintenance and development of the camera surveillance system. Personal data may also be processed by those Controller employees whose job description includes dealing with criminal matters or damages.

In addition, personal data is transferred to outside IT service providers for the technical maintenance of the service.

Personal data is transferred to the police and other government agencies which are legally entitled to process camera recordings. Personal data is also transferred to government agencies in situations where processing is necessary for filing a lawsuit or for responding to or deciding such a lawsuit. Personal data is also transferred to insurance companies for the purpose of processing and resolving insurance claims.

Personal data is not transferred outside of the EU or EEA.

5. Principles for securing the register

Controller employs technical and organisational measures to prevent the unauthorised use, transfer, deletion or other processing of personal data that may jeopardise data protection. The register is kept in electronic form. The register may only be used by appointed and restricted personnel, whose task is to maintain and administer the system. Register data is protected against outside access. Use of the register is monitored.

6. How long do we store personal data?

Controllers stores camera recordings for one (1) month after the moment of recording. When one month has passed, the recordings are automatically destroyed. Recordings may be stored for a longer period of time, if they are required for investigating a crime or damage case. Even in such cases, the recordings will be destroyed when they are no longer needed. 

We have decided on one month as the storage time period because many criminal matters and damage cases do not immediately come to our attention. We want to ensure that we can use our camera surveillance system in accordance with our stated purposes.

 

7. Customer rights

 

Customer may exercise the rights mentioned below by contacting Controller by mail or email. Controller reserves the right to request additional information from Customer in order to verify their identity and carry out the request for information.

 

Right of access

Customer has the right to inspect their own data in the register.

 

Right to request correction of incorrect data

Customer has the right to request that incomplete or incorrect data be corrected.

 

Right to erasure

Customer has the right to request that their personal data be deleted from the register ("Right to be forgotten"). At Customer's request, Controller shall make every effort to delete the data without undue delay, except in cases where there are legal reasons for denying the deletion of data.

 

Right to restrict and oppose processing

Customer has the right to restrict and oppose the processing of their personal data. When Customer has submitted a request, Controller may no longer process Customer's personal data, unless there is a legal reason for processing.

 

Right to file a complaint

 

If Customer feels that their privacy has been violated, they may file a complaint with the applicable authority in the EU member state where they reside. Detailed information on National Data Protection Authorities can be found here: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

 

Contact information:

 

Kiinteistö Oy Hotelli Marina

Business ID: 1969137-4

Linnankatu 34

20100 Turku

privacy@hesburger.fi