Privacy Policy

Personal Data Protection Act (Articles 10 and 24) and the Register and Privacy Statement in accordance with the EU’s General Data Protection Regulation (GDPR). Created on May 20, 2018.


Winter Warrior Finland
Business ID 2034231-5
Laulunmaankatu 10 B 8, 33800 Tampere

Contact person for the register
Maria Christensen


The register covers the personal information of participants, volunteers and other partners of the company’s customers and company competitions.

Purpose and reason for processing personal data

The controller uses the collected personal data for various actions necessary to deal with the customer relationship, such as the proper organization of competitions and the delivery of the ordered products or services. The collected information can also be used for communication, customer relationship maintenance and marketing. Information is not used for automated decision making or profiling.

The processing of personal data is based on Registered’s own consent, agreement on the delivery of a product or service (such as subscription or newsletter subscription) or a legitimate interest in handling information as a result of a customer or other relationship-forming measure (such as registering for an event).

The processing of any health data that may be provided during the registration of the competition and the publication of the attendance lists, pictures and results shall be based on the consent of the Registrar. The controller may also use collected personal data for marketing and advertising and other commercial activities. The processing of personal data for commercial purposes is based on the consent of the Registrar of electronic direct marketing.

Data content of the register

The controller processes personal data only insofar as it is necessary for the purposes described in this Privacy Statement. The personal data collected and the extent to which they are processed vary depending on the relationship between the Registrar and the Registrar and the permissions granted.

Customer and participant information

Information is collected from the Registrar when registering for the event as a competitor, volunteer or as a partner, or later. Collecting information can be done electronically by means of a registration form, via e-mail or telephone, or at the event with a paper form. In certain situations, information may also be provided by a person authorized by him, such as a contact person for a group. In this case, the contact person is responsible for ensuring that the Registrant has issued the necessary permissions to store the data.

The information below is collected from the aforementioned categories of personal data. Some of the information may be voluntary.

  • Basic information such as name
  • Contact information such as address, email address, phone number
  • More detailed personal information, such as date of birth, gender, nationality
  • Participation information, such as series, nickname, team name
  • Additional safety related information, such as emergency contact information and health information
  • Permission and approval information, such as approval of the rules, marketing authorization

Any additional information voluntarily provided by the Registrant

Ordering information

Subscription information is collected when registering, purchasing, booking or enrolling on a web service or by e-mail, telephone or personally.

  • Information how the order is made
  • Payment and delivery information
  • Subscription Content and Any Changes

Participation information

For example, the following information will be collected when participating in the event:

  • Details of attendance and dates of attendance for the event and the accompanying activities organized in connection with the event.
  • Details and performance of the competition
  • Images and videos that can be taken during the event and participants, which can be combined with information about the participant


Network service usage data

The use of online services is collected when Registered is using an online service. The information you collect is, for example:

  • data to be collected from the device or application you are using, such as browser version, device type, screen size and IP address
  • information about using online services, such as information on page loads, time spent on the service, and how to use the service

Users of online services can be identified by, for example, a community connector, an email tag, or when they report, based on information provided by the user.

Sharing and handing over personal information

The participation information and results of the competitions are public. The names of the participants in the public are the name and nationality. Personal information provided during registration may also be used for marketing purposes of the event and partners. However, without the permission of the controller, the controller will disclose personal information to third parties, unless required by applicable law, or unless it is necessary to enforce the rights of the Registry or the Registrar.

The rights of the pictures and videos taken during the event and participants during the event belong to Winter Warrior Finland. They can be used without notice, without compensation, also for marketing purposes.

The registrar may use other third party services to process personal data. In such cases, the Controller shall ensure the legal processing of personal data by contractual arrangements and by instructions given to a third party.

Regular sources of information

The information to be stored in the register can be obtained through messages sent via web forms, via e-mail, telephone, social media services, contracts, customer meetings and other situations where the customer delivers information.

Transferring personal data outside the EU / EEA

As a rule, the data controller does not transfer personal data outside the EU / EEA territory, and personal data are not processed outside the EU / EEA area. If the data is exceptionally transmitted outside the EU / EEA, the information is processed in accordance with this privacy statement and legislation.


A visitor’s computer can be transferred from time to time to a so-called ” cookies. Cookies can be used to collect information about what page you have moved to, what web site you are browsing and when, what browser you are using, what is your screen resolution and operating system, and what is the IP address of your computer or what information you send from the Internet address to and from where .

By using cookie information, the number of visitors to the Service can be monitored by the Registry, and analyzed and developed to serve the visitors better.

Visitors can block cookies by changing their browser settings so that the browser does not allow cookies to be saved. The visitor agrees that, for some services, blocking the use of cookies may however affect the functionality of the service.

Collection and use of location data

As a rule, the registrar does not collect or use the Registered Location Information. However, when using network services, a user’s IP address is stored, which can be associated with a geographic location. In addition, for example, events that are associated with a particular location are stored in connection with events.

Retention of Personal Information

The controller keeps personal data as long as it is necessary for the purpose of the data to be used. Existing accounting or other mandatory legislation may, however, oblige the Controller to keep this information longer. In such situations, the storage times determined by the law are respected.

Protection of the registry

The controller shall ensure the secure processing of personal data with the most appropriate physical and technical security measures to protect against loss, destruction, misuse and unauthorized access and disclosure. The registrar seeks to secure personal data processing, for example by limiting access to personal data and ensuring that personal information is used in accordance with the instructions, agreements and legislation provided.

Only those who are identified by the controller and on behalf of and on behalf of employees of the registry have access to the information contained in the register with the license granted by the controller.

The right of inspection and the right to demand correction

The data subject has the right to access his / her personal data and the right to revise and correct personal information about himself. In addition, the Registrar has the right to request the removal of personal data concerning himself as far as it is possible under other legislation. The registrar is also entitled to transfer personal data about himself to another Data Controller.

The registrar has the right to deny direct marketing and to object to the processing of his / her personal data for direct marketing purposes.

Requests for the use of these rights must be submitted to the Registrar in accordance with the contact information provided in this Privacy Statement. When the data is disclosed, the identity must be proved.