Register and privacy policy
This is the register and privacy policy for santashotels.fi, published as required by EU’s General Data Protection Regulation (GDPR).
Last updated 27.6.2026.
1. Register keeper
Santa’s Hotels -organization consists of:
Hotel Santa Claus Oy, 1614402-5
- Santa’s Hotel Santa Claus
Korkalonkatu 29
96200 Rovaniemi
tel. +358 400 102 220 - Santa’s Igloos Arctic Circle
Joulumaankuja 8
96930 Rovaniemi
tel. +358 400 102 180 - Santa’s Hotel Rudolf
Koskikatu 41-43
96100 Rovaniemi
tel. +358 400 102 220
Saariselän Tunturihotellit Oy, 0942022-0
- Santa’s Hotel Tunturi
Lutontie 3
99830 Saariselkä
tel. +358 400 102 191
Hotel Aurora Oy, 1871193-5
- Santa’s Hotel Aurora
Luppokeino 1
99555 LUOSTO
tel. +358 400 102 141
Kalajoen kylpylähotelli Sani Oy, 1996583-0
- Santa’s Resort & Spa Hotel Sani
Jukupolku 5
85100 Kalajoki
tel. +358 400 102 121
Hotel Rakka Oy, 2109345-3
- Santa’s Hotel Rakka
Urpiaisenkuja 4
99490 Kilpisjärvi
tel. +358 400 102 161
2. Person in charge of the register
Hannu Wärme
tel. +358 400 986 945
3. Name of the register
Customer database
4. Purpose of Personal Data Processing
Personal data are collected for specified, explicit and legitimate purposes. The data are collected telemetrically and with the consent of the customers and stakeholders. Consent has been obtained from the customers and stakeholders with a separate form stating their truthful and genuine consent. The data are gathered for the purposes of customer relations.
The customers have been notified of profiling and it has been made clear that they have the right to withdraw their consent, in which case profiling will cease without delay. The personal data are gathered in accordance with this privacy statement and they will not be used, altered or transferred in ways not mentioned in this privacy statement. The personal data are collected only with means agreed to in advance, which have been communicated to customers and stakeholder prior to collecting the data and their proven consent for the collection and processing of the data has been obtained.
5. Content of the Data File
The data file contains personal data on the customers of Santa’s Hotels: first name, last name, email address, telephone number, language, personal id-code, indicator data related to profiling and the use of commodities, and data provided by customers and stakeholders directly to Santa’s Hotels.
The information collected through the website consists of tracking information through cookies and information submitted through the contact form. See sections 6 and 13 for more information.
The data collected with the monitoring tools of the website is demographic, and cannot be used to personalize the user.
6. Regular sources of information
The personal data is collected from the customer and obtained from hotel partners.
Information about the customer is primarily obtained from the customer himself. In addition, we may receive information from the following sources:
- From the visitor when visiting the site (see section 13. for a more detailed description)
- The Site contains third party cookies that are for measurement and tracking services. Third parties may place cookies on your device when you visit the site. Cookies mainly collect technical information. The use of cookies on the site is indicated in a separate notice, which is subject to user acceptance.
- Information submitted via the website form.
For more information about cookies, please see our Cookie Policy.
7. Regular disclosures and transfers of data outside the EU or EEA
Santa’s Hotels has decided not to transfer data in our possession to third parties or automatically to other Santa’s Hotels partners. Data can be transferred to marketing register of Santa´s Hotels. In individual cases, Santa’s Hotels discloses data of a customer or stakeholder to the designated party if the data subject so requests or if a competent authority requires Santa’s Hotels on legal grounds to disclose specified data in the database in our possession.
Data is not regularly transferred or handed over outside the EU or ETA, excluding data collected by possible outside services mentioned in section 6.
8. Right of Access
Data subjects have the right to inspect what data on them have been stored in the file. In addition, after a sufficiently detailed and accurate request, data subjects have the right of access to the data on them stored in the data files. The request for access must be delivered in written form and with the subject’s signature and attached with a copy of personal id-card to the Data Protection Officer.
9. Right to Rectification and Erasure
The controller must rectify inaccurate data in the personal data file indicated by the data subject. The controller is also obligated to independently verify that the data in the data file are accurate and up to date. Data subjects may also request that the controller erases data on them from the file. This procedure is managed by the data protection officer.
10. Other Rights Pertaining to Personal Data Processing
Data subjects have the right to request a restriction of processing data on them. Data subjects also have the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller. In addition, data subjects have the right to object to processing of personal data, automated decision-making and profiling.
11. Erasure of Data and Time of Storage
Santa’s Hotels removes data on a customer from the data file, when there no longer are operational grounds for their processing or if data subjects exercise their legal right to request from Santa’s Hotels the erasure of data on them. The data are erased by overwriting, when their processing or keeping is no longer justified. The data are not erased, however, if specific provisions have been issued by laws or regulations or if a competent authority has initiated a process that requires Santa’s Hotels to keep the data or if a Finnish court of law has been requested to decide on safeguarding the data.
Form entries may also be stored in the website’s database for up to 90 days, after which it is automatically deleted.
12. Principles of register security
Access rights to the various systems containing personal data are restricted to only those individuals who, by virtue of their work, are authorized to process the data. Each user has their own username and password for the systems.
Messages submitted via the forms on this website are sent over a secure connection. Messages are sent on a form-by-form basis only to those recipients who process the information in question.
13. Visitor tracking
We track the number of visitors to our website using Google Analytics.
Google Analytics
Google’s tracking service uses cookies to work. No tracking takes place until the visitor allows the use of third-party cookies.
For more information on the use of Analytics, please see our Cookie Policy.




















