Business Meeting Park Ltd's

Privacy policy

The new EU data protection regulation (GDPR), which entered into force on May 25, 2018, is designed to improve the protection of customers' personal data and to promote transparency in the use of personal data. We have updated the content of this page, but the entry into force of the law has not changed our data protection practices, as the starting point of our business has already been the confidentiality and security of customer relationships.

Electronic communication

The Internet service (on our website) has electronic forms that the customer can use to make space and service reservations, send messages to our customer service e-mail, and a chat service for real-time conversation. Customer service is also available by phone and in person on site.

Attention: The aforementioned entity is always responsible for the privacy practices of the processing of personal data for reservations made through the internet services of possible third parties (brokers, etc.).

Transactions in the internet service

Our internet service is open to everyone, and browsing the website, making reservations or orders does not require registration. We only collect information using forms and cookies.

What do we use online forms for?
  • For processing reservations for facilities and services (orders / reservations management)
  • For communication with our customer service via e-mail or chat
  • For registering on our website and managing this customer data (addition, change, deletion)
How is the data processed?
  • Information about reservations / orders is stored in our own reservation system
  • Emails and chats related to communication are stored in the customer management system when they concern, for example, reservations and orders already made or planned by the customer
  • Website registrations are stored in the user data of the publication system.
What information is processed?
  1. In reservations
    • personal name, telephone and e-mail of the booker
    • organization name
    • date of reservation, status, services, etc. information related to the reservation
    • information related to payment method and invoicing
  2. Communication
    • the person's name, email address and phone number
    • basic information related to the message (subject, content, date, and channel)
  3. Registered user of the website
    • the person's name, username, password and email address
    • newsletter subscription status
    • access level
    • dates of registration and data change
Data protection

Transactions via the Internet service are always protected and encrypted (https). Information systems and the information contained in them are also protected and partially encrypted. All information is located either in Finland or on backed-up servers located in the EU. This information is processed only by our own staff, and the information is not disclosed to external third parties. Some of our data systems are outsourced or acquired from third parties (system suppliers), but in this case we have ensured through contractual arrangements that this personal data is processed and managed securely and confidentially in accordance with the Finnish Personal Data Act and the EU Data Protection Regulation.

In the protection of personal data, we use both technical and organizational data security measures against unauthorized access, disclosure, disposal or other processing. Such means are e.g. the use of firewalls, encryption technologies, secure locked equipment spaces, appropriate access control and management and control of user rights, instructing personnel involved in the processing of personal data and careful selection of subcontractors.

At Meeting Park, all reservations and orders are completely confidential, and no information is disclosed to outsiders, and customers can choose whether their freely chosen reservation information is displayed on the control screens of our facilities. At Business Meeting Park Oy, all tenants, monthly customers and staff are also covered by the same non-disclosure agreement (NDA) - reportedly still the only operator in the Nordic countries.

Legal basis for processing personal data

Personal data is processed on the following legal basis according to the EU General Data Protection Regulation (GDPR):

  1. The processing is necessary for the execution of a contract to which the user / customer is a party, or for the implementation of pre-contractual measures at the request of the user or customer (GDPR 6 art. 1.b):
    • delivery of services to the customer
    • registration of internet services and use according to registration
    • installation of possible mobile applications and use according to the installation
    • use on sites by unregistered users
  2. Consent given and revocable by the data subject (GDPR 6 art. 1.a):
    • The processing is necessary to comply with the legal obligation of the controller (GDPR 6 art. 1.c).
    • The processing is necessary for the fulfillment of the legitimate interests of the data controller, except when the interests of the data subject requiring the protection of personal data or fundamental rights and freedoms supersede such interests (GDPR 6 art. 1.f).
Personal data retention period
  • Order, delivery, purchase and payment information is stored for the time required by the applicable legislation.
  • The customer's basic data is kept for the duration of the customer relationship and after that as long as it is necessary to fulfill the rights and obligations of the parties.
  • Service-specific information is stored according to service-specific principles.

In addition to the aforementioned storage period principles, we generally store personal data for a maximum of three (3) years, unless there is a factual basis for a longer storage period. We evaluate the necessity of storing personal data every year, and we delete data that there is no reason to keep or that are incorrect or out of date in relation to the purposes of the processing.


A cookie is a small text file that the browser saves on the user's terminal device. The publication system of our Internet service uses cookies to facilitate transactions and to generate statistics on usage. Cookies are not mandatory, although some functions and features may stop working, and you cannot log into the internet service. We use the Google Analytics service to produce statistics on the use of Internet services, and the chat service is produced by Freshdesk. Information collected by cookies is not shared with other organizations.

You can disable cookies in your browser settings as follows:

  • Chrome
  • Microsoft Edge
  • Firefox
  • Safari
  • Opera
What information do we collect with cookies?
  • IP address
  • Location: country, region, city, approximate latitude and longitude
  • Date and time of visit
  • The title of the page to be viewed
  • The web address of the page to be viewed
  • The web address of the previously viewed page
  • The screen resolution of the user's device
  • The time in the visitor's time zone
  • Clicked and downloaded files
  • Links to the clicked external domain
  • Page generation time (time starting from when the pages are generated on the server and ending when the visitor downloads them)
  • The main language of the browser you are using
  • Browser version, browser extensions (PDF, Flash, Java, etc.), operating system version, device ID
Social extensions

Our Internet service may have social media feeds such as Facebook and Twitter, as well as buttons with which the content on the page can be shared on social media (Facebook, Twitter, LinkedIn, Google+). Our internet service does not collect user information with these social plugins. The functions opened from the share buttons are downloaded from the social media services' own servers.

Your data protection rights related to the processing of personal data

What are personal data?

The processing of personal data means, for example, the collection, storage, use, transfer and disclosure of personal data. Personal data is all information related to an identified or identifiable natural person. Personal information includes, for example, name, phone number, email address and location information.

The right to receive information about the processing of personal data

Users and customers have the right to know for what purposes and in what ways we process personal data. With this description, we aim to give a comprehensive picture of the processing of personal data in our operations, but if something about the processing of personal data remains unclear, you can ask more detailed questions by sending a question to our customer support by email.

The right to access information

The user / customer has the right to know whether we are processing personal data concerning him, and if so, he has the right to receive a copy of this data, unless we have a legal basis to refuse to exercise the right.

The right to correct information

If the user/customer's personal data that we process is incorrect, you can ask us to correct the above data. The management of registered personal data of the Internet service takes place directly through the service. If we correct the information based on the request, we are obliged, as far as possible, to notify all those to whom the information was previously disclosed of the correction.

The right to limit data processing

if the user/customer personal data we process is incorrect, is processed unlawfully or has been objected to. data processing, the user / customer can ask us to limit the data processing

  • in this case, we can only process your personal data;
    • co. with the customer's consent
    • if the information is needed for invoicing and accounting.
    • if the information is needed to prepare, present or defend a legal claim
    • in the public interest
    • to protect someone else's rights
  • if we restrict the processing of data based on a request, we are obliged to notify all those to whom the data has previously been disclosed of the restriction as far as possible

You can submit a request regarding data protection rights by email (support (a) or by post (Business Meeting Park Oy, Tekninen tuki, Kluuvikatu 7, 00100 HELSINKI).


Business Meeting Park Oy
Kluuvikatu 7

Company ID: FI23721417

support (a)

Responsible person

Kare Casals
managing director

More information about data protection in Finland