1. General Provisions

This Privacy Policy governs how Saunaklubi collects, processes, and protects visitors’ personal data in accordance with the General Data Protection Regulation (GDPR) of the European Union.

Data Controller:
[Company Name]
[Registration Code]
[Email Address]
[Phone Number]

2. What Data We Collect

We may collect the following personal data:

First and last name
Phone number
Email address
Booking details
Payment information (processed via a payment service provider)
CCTV recordings for security purposes

3. Purpose of Data Processing

Personal data is processed for the following purposes:

Managing bookings
Providing services
Processing payments
Ensuring security (CCTV surveillance)
Complying with legal obligations

4. Video Surveillance

The club operates a CCTV system to ensure safety and security.
Recordings are used for the protection of property and for investigating potential violations.

5. Data Retention

Personal data is stored only for as long as necessary to provide the service or to comply with legal obligations.

6. Data Subject Rights

You have the right to:

Access your personal data
Request correction of inaccurate data
Request deletion of your data
Restrict processing of your data
File a complaint with the Estonian Data Protection Inspectorate

7. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.

Booking Modification and Cancellation

The advance payment made for a booking is non-refundable.

Bookings cannot be cancelled; however, they may be modified if notice is given at least 3 business days prior to the scheduled booking date.

Changes requested less than 3 business days before the booking date will not be permitted, and the amount paid will not be refunded.

The Club reserves the right to consider exceptions in cases of force majeure.