Add dates
2 Travelers
Choose a hotel
Wilderness Hotels
information
ARCTIC EXPERIENCES

Designed for you
Our destinations

Privacy policy and Data Protection Statement

This is the GDPR-compliant privacy policy and data protection statement of Nellim Wilderness Hotels & Safaris Oy. Prepared on December 1st, 2018. Last updated on February 10th, 2025. Under the EU General Data Protection Regulation (GDPR), organizations must provide a written description of their data processing activities. This description is called a record of processing activities. The record of processing activities is an internal document of the organization. It serves as a tool for understanding data processing and aims to demonstrate that personal data is processed in accordance with data protection legislation. This obligation largely corresponds to the requirement under the Personal Data Act to prepare a data protection statement. Unlike the Personal Data Act, the GDPR does not require the preparation of a register or data protection statement. However, data subjects must be informed about the processing of their personal data. This document has been prepared to inform data subjects. Nellim Wilderness Hotels & Safaris Oy processes personal data to manage customer relationships, enable customer communication, and fulfill agreements. Nellim Wilderness Hotels & Safaris Oy also has partners whose representatives' personal data may be used as part of the register.
Data Controller
Nellim Wilderness Hotels & Safaris Oy
Kirkkokuja 17, 99800 Ivalo
Business ID: 1873718-2
info@wildernesshotels.fi
+358 50 430 7600
Locations
  • Wilderness Hotel Inari; Inarintie 2, 99870 Inari
  • Wilderness Hotel Juutua; Saarikoskentie 2, 99870 Inari
  • Wilderness Hotel Muotka; Muotkantie 204, 99830
  • Wilderness Hotel Nangu; Veskoniementie 1320, 99800 Ivalo
  • Wilderness Hotel Nellim; Nellimintie 4230, 9860 Nellim
  • Wilderness Hotel Saariselkä; Laanilantie 5, 99830 Saariselkä
  • Wilderness Hotel Kieppi; Raitopolku 1, 99830 Saariselkä
Joint Controllers
Nellim Wilderness Hotels & Safaris Oy may act as a joint controller with other organizations when jointly determining the purposes and means of processing personal data. In such cases, we ensure that there is a transparent arrangement that sets out the agreed roles and responsibilities for complying with data protection regulations. The main points of this arrangement are made available to individuals upon request. This ensures that personal data is processed in accordance with data protection legislation and that data subjects can exercise their rights effectively. Purposes of Processing Maintaining and managing customer relationships. This document only addresses the collection of customer data.
Collected Customer Data
  • Name
  • Home address
  • Email
  • Phone number
  • Nationality
  • Date of birth
  • Credit or debit card information
  • Special dietary requirements
  • Passport number
  • Approximate IP address
Description of Data Subject Groups and Personal Data Groups
Personal and customer data are mainly obtained as booking information through reservation systems. Information is supplemented as the booking progresses and when the customer registers for the purchased service.
Groups of Recipients to Whom Personal Data Has Been or Will Be Disclosed
Customer data is confidential. Personal data is disclosed only based on a specific data request to authorized authorities under data protection legislation. Individuals who process data are bound by confidentiality, which continues after the customer relationship ends. The company's CEO or another designated person is responsible for the company's personal data and its disclosure in accordance with the law.
Information on Data Transfers Outside the EU
Customer data may be transferred outside the EEA to enable services. We guarantee that the security of customer data remains at the same level as within the EEA if we transfer data outside the EEA.
Measures for Different Data Groups and Data Subject Rights
We retain personal data only as long as required by law or as long as necessary. Data subjects have the right to:
  • Access their personal data processed by Nellim Wilderness Hotels & Safaris Oy. Customers can contact us to find out what personal data we process and for what purpose.
  • Request correction of data.
  • Request deletion of data.
  • Request the transfer of data from one system to another.
  • Receive their personal data from us in a structured, commonly used format and independently transfer the data to a third party.
If a data subject wishes to exercise any of the above rights, please send the following information to Nellim Wilderness Hotels & Safaris Oy by mail or email: name, address, phone number, and a copy of a valid ID. To verify identity, we may request additional information. If the information is sent by email, it should be sent via secure mail. Secure mail can be ordered from the Data Protection Officer.
Security of Personal Data Processing
The data controller and data processor must implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk associated with personal data processing. The use of personal data is protected with appropriate user-specific identifiers, passwords, and access rights. It is important to ensure data protection at all stages of processing, from data collection to destruction. Only individuals who need the data for their job duties can process personal data. Locations have detailed operating instructions to ensure data protection. All employees, including students, sign a confidentiality agreement. The data protection statement is one way to demonstrate compliance with data protection regulations and is provided to supervisory authorities upon request.