privacy policy

Updated March 30, 2021

We value your privacy. Hotel Hyppeis värdshus Oy is committed to protecting your privacy in the best possible way and to process your personal data in a transparent way according to the applicable legislation and good privacy policy practices valid at any given time.

This privacy policy applies to the processing of personal data that Hotel Hyppeis värdshus Oy carry out to offer their customers accommodation and restaurant as well as to acquire and maintain the aforementioned customer relationships. This privacy policy applies to the personal data of Hotel Hyppeis värdshus Oy’s hotel and restaurant customers, newsletter subscribers and those visiting the Hotel Hyppeis värdshus Oy's websites.

Hotel Hyppeis värdshus Oy act in the capacity of a controller in relation to the personal data and respective processing activities referred to in this privacy policy. Controllers' contact details can be found from ‘Controller and contact details'.

In this privacy policy, we explain in more detail how Hotel Hyppeis värdshus Oy is committed to collecting, processing and protecting your personal data during and after the customer relationship.

Below we have defined the most important definitions which we will use in this privacy policy.

“Personal data”
Personal data means any information relating to an identified or identifiable natural person. For example, name, personal identity code, location data, online identifier, address or accommodation data.

“Processing of personal data”
Processing of personal data means any operation which is performed on personal data by automated means or manually.

Processing of personal data is, for example, collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Data subject”
An identified or identifiable natural person that the processed personal data relates to. For example, a jobseeker or a customer.

A natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

We collect and process personal data only as far as it is necessary for the business of Hotel Hyppeis värdshus Oy for the following purposes:

  • development, production, supply and offering of services
  • maintaining and administering the customer relationship
  • organizing customer service and events
  • invoicing and credit control
  • communication
  • marketing and advertising services and products, by, for example, direct marketing and targeting it for our customers
  • offering, targeting and developing marketing communications (for example, market surveys)
  • statistical purposes
  • ensuring safety.

We collect and process your personal data according to the legislation which is valid at any given time and our legitimate interests.

Personal data are mainly collected directly from you via telephone, email or electronic/printable forms to administer the customer relationship. In customer service situations, the communication between you and Hotel Hyppeis värdshus Oy, such as emails, can be stored for the purpose of developing customer service and verifying its contents.

The purpose of the processing defines what data we collect in each situation and for which purpose. We process the personal data mentioned below only on legal grounds for the purposes referred to

Accommodation and restaurant services

  • Based on the contract and its fulfillment between the customer and the controller, we process the following data: contact details (first and last name, address, ZIP code, city, country, email address, telephone number).
  • Based on the customer’s consent, we can also process the following data:
    • When booking restaurant and meeting services, we collect the customer’s contact and as well as the possible allergy information.

Passenger cards

  • Processing passenger cards is based on the controller’s legal obligation.
  • The processed data: the customer’s name, personal identity code or birthdate, nationality, the names of the spouse and underage children accompanying the traveler, Finnish personal identity codes (or, if they are not available, birthdates), address, country of entry to Finland, number of travel document and arrival and departure dates. Moreover, the purpose of traveling can be documented (such as leisure, work or other reason).

Marketing and advertising

  • We process, for example, the customer’s email address to deliver a newsletter to the customer, whereupon the processing is based on consent from the customer.
  • Marketing and advertising is also based on the controller’s legitimate interest.
  • Targeted marketing:
    • Hotel Hyppeis värdshus Oy carries out the profiling of its customers in the context of targeted marketing, so that you may be offered services that are interesting to you based on your previous buying behavior or the data stored in your customer register. Profiling is based on a consent given by you and you have the right to withdraw it at any time.
    • The customer’s email address, name, domicile, possible interests and earlier buying behaviour are used to target marketing. Based on previous buying behaviour, we can offer, for example, anniversary offers to customers who have previously reserved a wedding package.
    • In addition, we use Facebook Inc.’s custom audience tool in our interest-based online marketing, whereby a pixel tool has been added to our website. A pixel tool is an analytics tool that enables us to create target groups for advertising and it ensures that our ads are shown to the correct target groups (such as age and interests). The data collected for us is kept anonymous and we cannot see an individual user’s personal data. However, Facebook stores and processes the collected data.

Data collected by the website

  • As you browse our website, we will obtain data, such as your IP address. We use IP addresses to analyse the use of our website tor, for example, solve server problems, manage the website and track the users’ activity for statistical purposes.
  • Hotel Hyppeis värdshus Oy uses Google Analytics to analyse the use of the website and to produce statistics. Google Analytics is a web analysis tool offered by a third party, Google Inc. Google Analytics collects certain data on the website visitors with the help of cookies so that we can analyse and improve your use of the website. This data includes, for example, where the user entered the site from and how they operate on the site. The data collected by these cookies is transferred and stored on Google’s servers, some of which may be located outside the EU. 

Hotel Hyppeis värdshus Oy is committed to processing your personal data in a confidential manner and we do not disclose your personal data to third parties except in the following circumstances:

  • Authorities: Due to its legal obligation, Hotel Hyppeis värdshus Oy discloses the passenger card data of those other than Finnish customers to the police authorities. Furthermore, we may have to disclose some data to the authorities or administrators of law when there is some other prerequisite for it in the legislation. We only do this based on a valid decree from the court or on the authorities’ orders or summons.

We have adequate technical and organizational data protection measures to protect your personal data from loss, abuse, or other unlawful access. These kinds of measures are, for example, firewalls, encryption techniques and the use of safe equipment premises.

Access to your personal data has also been restricted internally by admission and monitoring of user IDs. Your personal data are processed by only those employees who have the right to do so based on their work tasks. 

You have the right to control what data we have collected on you and to affect how we use such data. It is up to you to decide if you want to receive direct marketing and, in some instances, you have the right to be forgotten or to request to have your data transmitted to another controller. In this section, we explain what rights you have based on the applicable legislation and how you can exercise your rights:

  • Right to withdraw consent

When the processing of personal data is based on your consent, you have the right to withdraw your consent at any time. You can, for example, withdraw your consent to direct marketing.

  • Right to control and rectification

You have the right to control what data we have collected on you or to obtain confirmation that we do not have any personal data on you in our register. If your data are inaccurate or incomplete, you can send us a request for rectification or completion.

  • Restriction or objection of processing

If your data are inaccurate in some part, you have the right to demand the temporary restriction of processing until we have confirmed the correctness of the data. Whenever the processing of your data is based on the controller’s legitimate interest, you have the right to object to the processing of your data. This means that we are no longer allowed to process your personal data, unless we can reasonably demonstrate compelling legitimate grounds which override the interests, rights and freedoms of the data subject. In addition, if we need the data to establish, exercise or defence legal claims, we are allowed to continue processing the personal data.

  • Right to refuse direct marketing

Moreover, you can refuse direct marketing at any time (including profiling for direct marketing purposes).

  • Right to be forgotten

In specific instances, you have the right to be forgotten, which means we will erase all personal data concerning you, if the personal data are no longer necessary for the purposes they were originally collected for (for example, to investigate and prevent misconduct based on the customer’s previous unwanted behavior). We will also erase the data if the processing has been based on consent and you withdraw your consent, or if you object to the processing of your personal data, unless there is another basis for the processing. Please note that we may have legal obligations to store your personal data, such as the Act on Accommodation and Food Service Operations that obliges us to store the data on your passenger card for a certain period of time.

  • Right to transmit data from one system to another

You may request the transmission of your personal data, whereby we will provide you with your personal data in a machine-readable format so that you may store it yourself or transmit them to another controller (for example, another service provider). If technically possible, we will transmit your data directly to another controller at your request. This is only possible in situations where we process your personal data based on your consent or a contract, and applies only to data you have supplied to us yourself.

  • Right to lodge a complaint

In addition to the rights mentioned herein-above, you have the right to lodge a complaint on the processing of your personal data to supervisory authorities.

How can I request access to my personal data?

You can request access to your personal data by sending e-mail to

We store your personal data for the duration that is necessary for the purpose of the processing, as long as the law requires us to store such data or until we receive a request for erasure. The storage period of the data starts when we receive the data.

We store your data for as long as it is necessary to fulfil the purposes as defined in section 1, always within the limits of the applicable law. After this, the data will be erased or made unidentifiable by changing the data irreversibly so that no individual is identifiable.

Processed personal data/category of personal data

Storage period

Customer register

- 36 months after the last contact with the customer, if they have not given us marketing permission

- corporate customers details for 36 months after the last contact with the customer

Marketing communications register

Data are stored for as long as the customer’s consent for marketing is in force.

Passenger cards on paper

12 months

Deviation reports

5 years

We may collect data concerning your computer with the help of cookies and other similar techniques. A cookie is a small text file that the browser stores on your computer. Cookies include an individual identifier and are used so that we can identify and count the browsers visiting our website. You have the right to refuse cookies, but this might affect the functionality of our services. You can delete cookies via your browser. 

We continuously develop our privacy policy, which is why we make an effort to update this privacy policy regularly. Changes can be based on changes in the legislation. We recommend that you visit this privacy policy website from time to time to note any new changes.

Hotel Hyppeis värdshus Oy is the controller of your personal data. 

Hotel Hyppeis Värdshus Oy


Hyppeistentie 540

21760 Houtskari, Suomi


Contact person

Outi Fagerlund
Puh. 040 175 9880


Webpage by Ubuntu Productions (Korpo) | Images by Abo CreativesEat Turku, Suvi Elo and Ubuntu Productions