Muonion Matkailu ry Privacy Policy

The registration controller has an obligation to clearly report information regarding their Data Protection Regulation practices to those registered. This privacy policy complies with the requirements of the GDPR


1.Register Controller

Muonion Matkailu ry
Puthaanrannantie 15 B
99300 Muonio


Laura Hokajärvi
Chairman of the Muonio Tourism Association
+358 (0)44 235 0421


2. Why, and for what purpose, is data collected?

Customer information is only used in pre-defined cases, which include the following:

  • Reporting of services
  • In handling of cooperative relations, such as project
  • implementation, research, and organization of events
  • Membership operations
  • Customer experience and communications, including marketing, newsletters, and surveys, as well as invoicing and keeping customer information up to date
  • Photogallery maintenance
  • Collecting of information required by public authorities

The handling of personal data is based on the subject’s consent, contractual execution, or for purposes in accordance with the rights of the controller. Personal data will only be handled and processed to the extent necessary, and in a way that those registered can reasonably expect when providing information.

Photos used by Muonion Matkailu are for media purposes, such as marketing, promotions, and communication. In the case of photographing an individual, recognizable person, we will always ask for consent before using any photographs.

Along with the organization’s contact and background information, the register maintains and holds information on those working within the organization, including contact details, allocated tasks, and position in the organization.


3. Information Included in the Registry

Muonion Matkailu ry:n rekisteriin kuuluvat yhdistyksen työntekijät, Visit Muonio 2025-uutiskirjeen tilaajat, hankkeissa mukana olevat yritykset ja muut tahot, yhdistyksen jäsenet, yhteistyökumppanit sekä Muonion Makailu ry:n (Discover Muonio) asiakkaat ja potentiaaliset asiakkaat.

The following customer information is stored:

  • First and Last Name
  • Title
  • Company Name/ Name of the Corporate Body
  • Company Business ID
  • Profiling Information (ie. classification, field of work)
  • Grouping Information (ie. mailing groups)
  • Address
  • Phone number (landline and mobile)
  • Email
  • Website
  • Social Media Platforms
  • Information obtained from the use of, as well as information regarding the devices used, such as the IP address, operating system, pages visited, and time of the visit
  • Customer history, log files (ie. customer contact information)
  • Possible mailing restrictions (email and post)
  • Information on publicly funded projects implemented to improve the business (ie. financier information)
  • Employment-related statutory information


4. From where is data collected?

Data is collected based on the information provided by those registered. Website visitor/ user data is collected when users access or use the website, in order to maintain, track, and/ or fix issues technically or otherwise, to keep the website running. In addition, data is collected from our collaborative partners and from our customers themselves, when filling out surveys, and when registering for events, as well as during consumer sales events, trade fairs, and competitions. Information may also be collected, for example, selectively from public registers to the extent permitted by law. Behavioral data can also be collected though the use of cookies and other similar technology. In the case of the latter, Google Analytics is part of the service.


5. Who has access to the data collected?

The data in the register can be accessed by the controller (Muonion Matkailu ry) personnel, as well as the association’s accounting firm Tunturi-Lapin Yrityspalvelu ky. Personal data may be transferred to financiers of publicly funded projects. In such cases, the processors are bound by professional secrecy. If physical material is printed from the register, it is locked up securely and safely, and is only accessible by the controller and the accounting firm that has been authorized access to the material.

We guarantee that all contractual agreements made with service providers are processed in a legitimate manner, in accordance with the existing Data Protection Regulations, and as otherwise appropriate.


6. Transfer of personal data outside the EU or the EEA

Data is not transferred outside the EU or the EEA, unless it is seen fit for processing information for technical purposes. In this case, the transfer process complies with personal data legislation requirements.

In these situations, sufficient security and register information handling will be provided by the E.U.- U.S. -Privacy Shield arrangement, or based upon a contractual agreement.


7. Retention period for personal data

As a general rule, personal data will only be kept for as long as the customer membership is active and valid. Customers can freely remove themselves from marketing and newsletter email lists via the link at the end of the email.


8. Rights of the data subject

The following rights pertain to the registered customer:

  • Obtain information on the handing of their personal data
  • Access and review personal data (right to inspect personal data contained in the register)
  • Correct and update personal data
  • Remove personal data from the register
  • Restrict the handling/ processing of data
  • Transfer personal data from one system to another
  • Oppose the processing/ handling of personal data
  • Right to not be subject to automatic decision-making without a legal basis

The registered customer has the right to withdraw their information from being processed/ handled at any point in time.

If/ when you wish to use your right as a registered customer, we request a written email to muonio(at) with the issue in question.

If you feel that we are breaching the current Data Protection Regulations, you have the right to lodge a complaint with the national data protection authority via


9. Principles of protecting personal data (ie. data security)

Customer data is processed and handled only by those who, as stated in their job description, have the right to handle and process this information. These employers have a personal username and password that grants access to the register system, in which information is handled and processed in a safe manner. The databases where information is stored are protected by the appropriate technical means and are not accessible to outsiders (ie. those without rights/ a username or password into the system).


Share This