AArviloqecho.cloud
+358 9 4245 100 Concierge
Home Hotels VIP Wellness Exclusive Services Dining About Contact
VIP Concierge+358 9 4245 100
Legal

Privacy Policy

Last updated: 1 January 2026

Arviloqecho ("we", "us", "our") is committed to protecting the privacy of every guest, visitor, and prospective client of arviloqecho.cloud. This Privacy Policy explains, in clear terms, what personal information we collect, how it is used, the legal basis for processing, who we share it with, and the rights you hold under the General Data Protection Regulation (GDPR) and applicable Finnish privacy laws.

1. Data Controller

The data controller responsible for the processing of personal data on this website is Arviloqecho, headquartered in Helsinki, Finland. For any privacy-related inquiries, please contact our Data Protection Officer at [email protected].

2. Information We Collect

We collect only the minimum information required to deliver a refined concierge experience. Categories of data include:

  • Identification details — full name, salutation, nationality (where relevant for international bookings).
  • Contact details — email address, phone number, and preferred method of communication.
  • Travel preferences — preferred hotel, dates of travel, party size, dietary requirements, accessibility needs, and special requests.
  • Inquiry content — any free-text messages submitted through our concierge forms.
  • Technical data — IP address, browser type, device information, referring URLs, and session timestamps collected via standard server logs.
  • Cookie data — analytics identifiers and functional preferences (see Section 6).

3. How We Use Your Information

Personal data is processed for the following purposes only:

  • To respond to inquiries and arrange tailored stays with our partner properties.
  • To coordinate concierge services such as transfers, dining reservations, and wellness bookings.
  • To communicate booking confirmations, updates, or follow-up service details.
  • To improve our website performance and editorial content through aggregated analytics.
  • To comply with legal obligations under Finnish and EU law.

We do not use personal data for automated decision-making or profiling, and we never sell personal data to third parties.

4. Legal Basis for Processing

We rely on the following lawful bases under GDPR Article 6:

  • Consent — when you submit a concierge inquiry or opt into communications.
  • Contractual necessity — to coordinate the booking and stay you have requested.
  • Legitimate interest — to maintain site security, prevent fraud, and improve our services.
  • Legal obligation — to comply with tax, accounting, and hospitality regulations.

5. Data Sharing & Transfers

Your information may be shared, on a strict need-to-know basis, with:

  • Partner hotels within the Arviloqecho collection, solely to fulfil your reservation.
  • Trusted service providers (chauffeur, yacht, excursion partners) under written confidentiality agreements.
  • IT and hosting providers who maintain our website infrastructure under GDPR-compliant terms.
  • Public authorities, where legally required.

If a transfer outside the European Economic Area becomes necessary, we ensure adequate safeguards through Standard Contractual Clauses or equivalent legal instruments.

6. Cookies & Tracking Technologies

Our site uses a minimal selection of cookies to function correctly and to understand how visitors interact with editorial content. A full description is provided in our Cookies Policy. You may adjust your preferences at any time through your browser or our cookie banner.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Concierge inquiries: up to 24 months from last contact.
  • Confirmed booking records: up to 6 years for accounting and legal compliance.
  • Server and analytics logs: up to 12 months.

Once retention periods expire, data is securely deleted or fully anonymised.

8. Security Measures

We employ appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted transmission (TLS), restricted internal access, secure backups, and regular security reviews of our hosting environment.

9. Your Rights Under GDPR

As a data subject, you may exercise the following rights at any time:

  • Right of access — to obtain a copy of the personal data we hold about you.
  • Right to rectification — to correct inaccurate or incomplete data.
  • Right to erasure — to request deletion of your data ("right to be forgotten").
  • Right to restriction — to limit how we process your data.
  • Right to data portability — to receive your data in a structured, commonly used format.
  • Right to object — to processing based on legitimate interest or for direct marketing.
  • Right to withdraw consent — at any time, without affecting prior lawful processing.
  • Right to lodge a complaint — with the Finnish Data Protection Ombudsman (tietosuoja.fi).

Requests may be sent to [email protected] and will be answered within 30 days.

10. Children's Privacy

Our services are intended for adults aged 18 and over. We do not knowingly collect personal information from minors without parental consent. If you believe a child has provided data to us, please contact our concierge for prompt deletion.

11. Updates to This Policy

This Privacy Policy may be updated periodically to reflect changes in legislation, technology, or our service offering. The "Last updated" date at the top of this page indicates the most recent revision. Material changes will be communicated through our website.

12. Contact Us

For any privacy questions, requests, or complaints, please reach out to:

Arviloqecho — Data Protection Office
Email: [email protected]
Concierge: [email protected]
Phone: +358 9 4245 100
Headquarters: Helsinki, Finland