Data Protection Notice

Data Controller

City of Jyväskylä, Corporate Group Administration,
Communications, Marketing and Tourism,
Visit Jyväskylä
Kilpisenkatu 1
40100 Jyväskylä

Individual in charge of personal data file

Susanne Rasmus, Tourism and Marketing Manager
susanne.rasmus (at)
Kilpisenkatu 1
40100 Jyväskylä
tel. +358 400 885 786

Name of the data file

Visit Jyväskylä Marketing Data File

Purpose of processing personal data

Personal data may be processed for the following consumer marketing purposes:
To send information requested by visitors and add them to the mailing list of Visit Jyväskylä (& Lakeland – Jyväskylä Region -project). By completing the form on our website, the user gives consent to the controller to store and process their personal data as described in this data protection notice. The marketing data file may also include personal data based on the customer relationship.
The primary purpose of the data file is to enable marketing communication via email. An external email system is used for email marketing and the email data file is stored on their server.
The data files are also used to support internal research and statistical analysis by Visit Jyväskylä (& Lakeland – Jyväskylä Region -project).

When communicating with stakeholders, personal data may be processed as follows:

To manage current contacts and their information, enable provision of information and joint marketing, and manage partnerships.

When communicating with the media, personal data may be processed as follows:
To promote nationwide and international media visibility, provide information, send media invitations, etc.

When communicating with tourism professionals, personal data may be processed as follows:
To provide information, send tour operator invitations and promote sales (to offer tourist products for sale in the Jyväskylä region)

The data files are also used to support internal research and statistical analysis by Visit Jyväskylä (& Lakeland – Jyväskylä Region -project).


Content of the data file

  • Personal data based on consent given by individuals. In the case of individuals, the contents typically include items, such as their name, address, email and telephone number. Individuals added to the data file may also be asked to provide profile information based on their consent.
  • Data disclosed by companies and collected from public sources. In the case of companies, the contents include their business ID, first and last names of contact persons (including any prefix) and title, company/organisation grouping information (e.g. mailing groups), address information, company and contact phone number(s) and email address(es), Website addresses as well as any additional information provided by the customer. Following the introduction of the customer management system, the contents will also include customer history, log data (e.g. contacts with customers) and any mailing bans (email and post).
  • The data file contains information disclosed by the media and collected from public sources. In the case of the media, the contents typically include the name of the media channel/company, name of contact, email and country.
  • The data file contains information provided by tourism professionals and collected from public sources. Typically, the contents include company name, contact name, country and email.


Regular sources of data

Customer-related information is received from sources such as:

  • Forms completed by users on the Visit Jyväskylä website.
  • Through various campaign pages where users complete forms.
  • During various events, trade fairs and sales tours, when users supply their information and give their consent to store their personal data.
  • By email when customers supply their information and ask for their contact data to be added in the customer data file.

Collecting information through cookies

We collect information about users on our website. Such cookie-based information may include website activities, page visits or data about devices used by users. Cookies are user-specific but users cannot be identified based on them unless they provide additional information on a form for example. Users can control the of use cookies by choosing settings in their browser, and they can, for instance, clear the browser’s cookie data.

We use cookie-based information for purposes such as remarketing and choosing which content to display to website visitors. In addition, we collect information for website analytics. The aim of these activities is to provide website visitors with the best possible experience as well as targeted information based on their own interests. We use Google services (Google Advertising and Google Analytics) as well as social media services (e.g. Facebook, Instagram, Twitter, LinkedIn).

Regular data disclosures

Contact information (marketing authorisations) collected with the consent of users in connection with various joint marketing activities may be disclosed to Visit Jyväskylä’s partners. In such a case, however, the individuals concerned will be told, at the time of giving consent, to whom and for what purpose the information will be disclosed.
In cases other than the above, personal or corporate information will not be disclosed outside Visit Jyväskylä.
The owners/administrators of the systems used by Visit Jyväskylä have access to the data content, but they do not have the right to process or use the data for their own purposes.


Transfer of data outside the EU or EEA

The data will not be disclosed or transferred outside the EU or the European Economic Area unless it is technically necessary for Visit Jyväskylä or its partner.

Principles of data file protection

The information contained in data files is only available to Visit Jyväskylä. The system partly relies on external servers belonging to Visit Jyväskylä’s service provider. To use the available systems, network drives and email, users need a personal user ID and password. Users will lose access when they no longer attend to duties for which they have been granted access. Access rights are restricted to specific duties.

Rights of the data subject

The data subject has the right to check their personal information stored in the data file. The data subject has the right to prohibit the controller from processing their personal data and leave the mailing list. For this purpose, there is a link at the end of each email saying “I no longer wish to receive communications from you”. Just click this link to remove your address from our data file. To prohibit communications based on cookies, use the settings of your browser.


This Privacy Policy applies only to the website and the information that is collected while using this website. Privacy Policy is not applicable to any other websites and does not apply to websites of third parties.

Website administration is not responsible for the actions of other websites. Transfer of personal information when You visit third-party websites, including websites of partners, is not covered by this document.