Skip to content

Legal

Privacy Policy

Privacy notice in accordance with the EU General Data Protection Regulation (GDPR) 2016/679 · Updated 8 May 2026

1. Data Controller

United Tennis Community ry
Business ID: 3076728-8
Email: tennis@midnightsuntennis.com

2. Contact for data protection matters

Kadri-Ann Öunap, Tournament Organiser
tennis@midnightsuntennis.com

3. Name of the register

Midnight Sun Tennis customer and contact information register.

4. Purpose and legal basis for processing

Personal data is processed for the following purposes:

  • Tournament registration and tennis travel booking management
  • Event-related communication and announcements
  • Volunteer coordination
  • Compliance with statutory obligations (accounting, official reporting)
  • Event safety and arrangements

The legal basis for processing is the data subject's consent, performance of a contract (event participation), and the legitimate interest of the controller (organising association activities).

5. Personal data processed

  • Name and contact details (email, phone, address)
  • Date of birth and nationality (for ITF tournament participants)
  • ITF player ID, age category and rating
  • Payment and billing information when applicable
  • Dietary requirements and health information only as voluntarily disclosed

6. Sources of data

Data is primarily collected from the data subject through registration forms and email. For ITF tournaments, data may also be received from the International Tennis Federation (ITF) system.

7. Disclosure of data

Personal data is disclosed to third parties only in the following situations:

  • ITF (International Tennis Federation) — tournament registration processing
  • Payment processors — payment handling
  • Authorities to fulfil statutory obligations
  • Sponsors and partners only with the data subject's explicit consent

Data is not transferred outside the EU/EEA without the safeguards required by the GDPR.

8. Retention period

Personal data is retained only as long as necessary for the purposes of processing:

  • Event registrations: up to 5 years after the event
  • Accounting-related data: 6 years as required by Finnish accounting law
  • Marketing consents: until consent is withdrawn

9. Data security

Personal data is protected by appropriate technical and organisational measures. Electronic data is stored in encrypted systems with access limited to authorised persons.

10. Rights of the data subject

The data subject has the right to:

  • Access the data stored about them
  • Request correction of inaccurate data
  • Request erasure of data (right to be forgotten)
  • Object to or restrict processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with the supervisory authority (Office of the Data Protection Ombudsman of Finland, tietosuoja.fi)

11. Cookies

The site uses essential cookies necessary for site operation and analytics cookies for measuring visitor numbers. No separate consent is needed for essential cookies. You can manage cookie preferences in your browser settings.

12. Changes to this notice

We reserve the right to update this privacy policy. We will inform of any material changes on our site.