Data Protection Notice

Data Controller

City of Jyväskylä, Corporate Group Administration,
Visit Jyväskylä
Kilpisenkatu 1
40100 Jyväskylä

Individual in charge of personal data file

Susanne Rasmus, Tourism Director
susanne.rasmus (at)
Kilpisenkatu 1
40100 Jyväskylä
tel. +358 400 885 786

Name of the data file

Visit Jyväskylä Marketing Data File

Purpose of processing personal data

Personal data may be processed for the following consumer marketing purposes

To send information requested by visitors and add them to the mailing list of Visit Jyväskylä. By completing the form on our website, the user gives consent to the controller to store and process their personal data as described in this data protection notice. The marketing data file may also include personal data based on the customer relationship.

The primary purpose of the data file is to enable marketing communication via email. An external email system is used for email marketing and the email data file is stored on their server. Visit Jyväskylä uses the Campaign Monitor system in its e-mail marketing.

The data files are also used to support internal research and statistical analysis by Visit Jyväskylä.

When communicating with stakeholders, personal data may be processed as follows

To manage current contacts and their information, enable provision of information and joint marketing, and manage partnerships.


When communicating with the media, personal data may be processed as follows

To promote nationwide and international media visibility, provide information, send media invitations, etc.


When communicating with tourism professionals, personal data may be processed as follows

To provide information, send tour operator invitations and promote sales (to offer tourist products for sale in the Jyväskylä region)

The data files are also used to support internal research and statistical analysis by Visit Jyväskylä.


Other use

Office 365

As part of the processing of personal data, the data can also be processed in the Jyväskylä Office 365 environment (Office 365 Privacy Statement). In principle, the processing of customer data always takes place in the customer system.

The Office 365 environment may handle operational support material and, for a short period of time, temporary materials for internal use, which may also contain personal information about staff and customers. In the case of Visit Jyväskylä, this means e.g. the storage of documents related to procurement (photographs, videos, influencer collaboration, and other goods and services) and visits (blogger and media visits), Campaign Monitor Privacy Statement.

Content of the data file

  • Personal data based on consent given by individuals. In the case of individuals, the contents typically include items, such as their name, address, email and telephone number. Individuals added to the data file may also be asked to provide profile information based on their consent.
  • Data disclosed by companies and collected from public sources. In the case of companies, the contents include their business ID, first and last names of contact persons (including any prefix) and title, company/organisation grouping information (e.g. mailing groups), address information, company and contact phone number(s) and email address(es), Website addresses as well as any additional information provided by the customer. Following the introduction of the customer management system, the contents will also include customer history, log data (e.g. contacts with customers) and any mailing bans (email and post).
  • The data file contains information disclosed by the media and collected from public sources. In the case of the media, the contents typically include the name of the media channel/company, name of contact, email and country.
  • The data file contains information provided by tourism professionals and collected from public sources. Typically, the contents include company name, contact name, country and email.

Regular sources of data

Customer-related information is received from sources such as:

  • Forms completed by users on the Visit Jyväskylä website.
  • Through various campaign pages where users complete forms.
  • During various events, trade fairs and sales tours, when users supply their information and give their consent to store their personal data.
  • By email when customers supply their information and ask for their contact data to be added in the customer data file.


Our website uses cookies to ensure a good user experience. A cookie is a short text file temporarily saved on the user’s hard disk drive. Cookie data may include e.g. website functions you have used, page visits or data about the visiting users’ devices. Cookies are user-specific, but the user cannot be identified based on the cookies, unless they have voluntarily given additional information, e.g. through a web form. Almost all websites use cookies, and the correct functioning of the web is not guaranteed without cookies. Please note that if you block cookies, all functionality on our website may not be at your disposal as intended.

The user can select their cookie preferences through the settings of their web browser, as well as e.g. clear their browser cookies. If you prevent cookies from being saved or block them altogether, some of our website functionality may not be available. Deactivating a cookie or a class of cookies will not delete the cookie from your browser; you must use your own browser to do this. If you want your browser to block cookies, adjust your settings as directed by your browser provider.

For more information about cookie practices in Finland, please see the website of the Finnish Transport and Communications Agency’s National Cyber Security Centre.

Analytics and social media services

We use cookie data in e.g. remarketing as well as displaying content to website visitors. In addition, we collect data for website analytics. Our objective is to ensure our website visitors have the best possible experience of the website and its functionality and content, as well as that content is targeted to the visitors’ own preferences. Services we use include Google services (Google advertising and Google Analytics) as well as social media services (e.g. Facebook, Instagram, Twitter, LinkedIn). Our website also incorporates widgets designed to ease sharing our content in different online environments and social media. Interacting with these widgets may result in a cookie being issued to your device by the service you have chosen. These cookies are not under our control. You can learn more about third-party cookies by visiting the respective websites of those third parties. Our website also contains embedded content from social media channels. These services may also push cookies to your browser.

Regular data disclosures

Contact information (marketing authorisations) collected with the consent of users in connection with various joint marketing activities may be disclosed to Visit Jyväskylä’s partners. In such a case, however, the individuals concerned will be told, at the time of giving consent, to whom and for what purpose the information will be disclosed.

In cases other than the above, personal or corporate information will not be disclosed outside Visit Jyväskylä.
The owners/administrators of the systems used by Visit Jyväskylä have access to the data content, but they do not have the right to process or use the data for their own purposes.

Transfer of data outside the EU or EEA

he data will not be disclosed or transferred outside the EU or the European Economic Area unless it is technically necessary for Visit Jyväskylä or its partner.

Principles of data file protection

The information contained in data files is only available to Visit Jyväskylä. The system partly relies on external servers belonging to Visit Jyväskylä’s service provider. To use the available systems, network drives and email, users need a personal user ID and password. Users will lose access when they no longer attend to duties for which they have been granted access. Access rights are restricted to specific duties.

Rights of the data subject

The data subject has the right to check their personal information stored in the data file. The data subject has the right to prohibit the controller from processing their personal data and leave the mailing list. For this purpose, there is a link at the end of each email saying “I no longer wish to receive communications from you”. Just click this link to remove your address from our data file. To prohibit communications based on cookies, use the settings of your browser.