Privacy policy

 SOLAR FOODS’ PRIVACY POLICIES

Last updated on 19 Aug 2024

PRIVACY POLICY – WEBSITE AND NEWSLETTER

1. ABOUT THIS PRIVACY POLICY

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

2. CONTACT DETAILS OF CONTROLLER

Solar Foods Oyj
Business ID: 2872116-8
Correspondence address: Härkälenkki 11, 01730 Vantaa, Finland
E-mail address: pasi@solarfoods.com
Contact person: Pasi Vainikka, CEO, +358 10 579 3286

3. PERSONAL DATA COLLECTED

What personal information do we collect from the people that visit our blog or website?

You may be asked to enter your name, email address or other details to help you with your experience.

4. SOURCES OF PERSONAL DATA

We receive personal data directly from you.

When do we collect information?

We collect information from you when you subscribe to a newsletter, fill out a form or enter information on our site.

How do we protect your information?

We use SSL certificate on our website. We only provide articles and information. We never ask for credit card numbers. We do not use vulnerability scanning and/or scanning to PCI standards.

We do not use Malware Scanning.

5. THE PURPOSE AND LEGITIMATE GROUNDS OF PROCESSING

We process your personal data to help your experience on our website or to send a newsletter.

We collect and process the personal data based on our legitimate interests. In some instances, we may also request your consent.

6. STORAGE PERIOD
   
   We retain the personal data for only as long as that data is necessary for the purposes we have collected it, or if we are required to retain that data for longer periods in order to comply with applicable laws. We never retain the personal information longer than five years from our last communication with you.
7. INTERNATIONAL DATA TRANSFERS
   
   Personal data is primarily stored within the European Economic Area or such third country that is considered by the European Commission to have an adequate level of protection.

However, in certain cases, we may transfer or access personal data outside the European Economic Area to a third country that is not considered by the European Commission to have an adequate level of protection. In such cases, we provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards.

8. THE RECIPIENTS OF PERSONAL DATA
   
   We do not share personal data with third parties outside of our company unless one of the following circumstances apply:

For legal reasons

We may share personal data with third parties outside our organization if access to the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent or otherwise address crime and/or security issues.

To authorized service providers

We may share personal data with authorized service providers who perform services for us and who act as our processors. Such service providers are for example our IT service providers. Our agreements with our service providers include commitments that the service providers agree to limit their use of personal data and to comply with privacy and security standards at least as stringent as the terms of this Privacy Policy.

With your explicit consent

We may share personal data with third parties outside of our organization for other reasons than the ones mentioned above when we have your explicit consent to do so. You have a right to withdraw such consent at any time.

9. YOUR RIGHTS
   
   Right to access

You have a right to access the personal data processed by us. This means that you may contact us and we will inform you what personal data we have collected and processed regarding you and the purposes such data are used for.

Right to withdraw consent

In case the processing is based on a consent granted by you, you may withdraw the consent at any time.

Right to correct

You have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have stored corrected or completed. You have the right to update for example your contact information or your other personal data.

Right to deletion

You may also ask us to delete your personal data from our systems. We will comply with such a request unless we have a legitimate ground to not delete the data.

Right to restriction of processing

You may request us to restrict the processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data.

Right to object

You may have the right to object on grounds relating to your particular situation to the processing of your personal data based on our legitimate interest. We will comply with such objection unless we have a legitimate ground not to.

Right to data portability

You have the right to receive the personal data you have provided us in a structured and commonly used format.

How to use your rights

If you want to use your rights, please send us a letter or secure e-mail.

We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded.

10. INFORMATION SECURITY

We do our best to keep your data safe and secure. We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality and integrity.

The personal data stored under this Privacy Policy shall only be processed on a need-to-know basis. The use of personal data is protected by appropriate user rights, passwords, and rights of use. Paper documents shall be stored in locked storage.

11. LODGING A COMPLAINT

In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, you have a right to lodge a complaint with the local supervisory authority for data protection. In Finland, the competent authority is the Data Protection Ombudsman (www.tietosuoja.fi).

12. OTHER PROVISIONS

Do we use ‘cookies’?

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. Cookies are used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services.

We use cookies to:

• Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future
• We may also use trusted third-party services that track this information on our behalf

 

If you turn cookies off, some of the features of the site that make your user experience more efficient may not function properly.

Third-party disclosure:

We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.

Third-party links:

We do not include or offer third-party products or services on our website.

How does our site handle Do Not Track signals?

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioral tracking?

It’s also important to note that we allow third-party behavioral tracking.

Fair Information Practices:

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

• We will notify you via email
• Within 7 business days
• We will notify the users via in-site notification
• Within 1 business day
• We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors

We collect your email address in order to:

Send information, respond to inquiries, and/or other requests or questions.

We agree to the following:

• Not use false or misleading subjects or email addresses
• Identify the message as an advertisement in some reasonable way
• Include the physical address of our business or site headquarters
• Monitor third-party email marketing services for compliance, if one is used
• Honor opt-out/unsubscribe requests quickly
• Allow users to unsubscribe by using the link at the bottom of each email

If at any time you would like to unsubscribe from receiving future emails, you can email us at

• Follow the instructions at the bottom of each email
• And we will promptly remove you from ALL correspondence

 

PRIVACY POLICY – CUSTOMERS, PARTNERS AND STAKEHOLDERS

1. ABOUT THIS PRIVACY POLICY
   
   This Privacy Policy concerns the personal data of Solar Foods Oyj processed in the context of its operations relating to sales, customer relations, and other business partner relationships, where contact information or other personal data concerning those business-to-business relationships may be processed.

This Privacy Policy may be updated from time to time also without notice so we kindly ask you to review the latest policy from our website solarfoods.com. This Privacy Policy version is valid starting from the date stated above. We will not make any substantial changes without prior notice.

2. CONTACT DETAILS OF CONTROLLER

Solar Foods Oyj
Business ID: 2872116-8
Correspondence address: Härkälenkki 11, 01730 Vantaa, Finland
E-mail address: pasi@solarfoods.com
Contact person: Pasi Vainikka, CEO, +358 10 579 3286

3. PERSONAL DATA COLLECTED
   
   The types of personal data we collect and process consist of information about individuals who are employed by or are otherwise connected to the companies we engage with. Those companies could be our customers, potential customers, or other business partners.

In detail, the information includes basic identifying details such as the individual’s name, email address as well as the title and position in the related company.

4. SOURCES OF PERSONAL DATA
   
   We receive personal data directly from you or through your employer or the company to which you are otherwise related to, or through available sources such as social media channels or internet otherwise.

With your consent or when otherwise legally allowed, we may also acquire certain information from relevant authorities or public registers.

5. THE PURPOSE AND LEGITIMATE GROUNDS OF PROCESSING
   
   Our primary purpose is to collect information about our customers who are business entities and not individual data subjects. As part of our sales activities, we will however collect and use personal data for the purposes of being able to provide our products and services to our customers and manage our customer relations. Similarly, we also engage with other business partners and to manage those engagements we may need some personal data.

We collect and process the personal data based on our legitimate interests. In some instances, we may also request your consent.

6. STORAGE PERIOD
   
   We retain the personal data for only as long as that data is necessary for the purposes we have collected it, or if we are required to retain that data for longer periods in order to comply with applicable laws. We never retain the personal information longer than five years from our last communication with you or your organization.
7. INTERNATIONAL DATA TRANSFERS
   
   Personal data is primarily stored within the European Economic Area or such third country that is considered by the European Commission to have an adequate level of protection.

However, in certain cases, we may transfer or access personal data outside the European Economic Area to a third country that is not considered by the European Commission to have an adequate level of protection. In such cases, we provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards.

8. THE RECIPIENTS OF PERSONAL DATA
   
   We do not share personal data with third parties outside of our company unless one of the following circumstances apply:

For legal reasons

We may share personal data with third parties outside our organization if access to the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent or otherwise address crime and/or security issues.

To authorized service providers

We may share personal data with authorized service providers who perform services for us and who act as our processors. Such service providers are for example our IT service providers. Our agreements with our service providers include commitments that the service providers agree to limit their use of personal data and to comply with privacy and security standards at least as stringent as the terms of this Privacy Policy.

With your explicit consent

We may share personal data with third parties outside of our organization for other reasons than the ones mentioned above when we have your explicit consent to do so. You have a right to withdraw such consent at any time.

9. YOUR RIGHTS
   
   Right to access

You have a right to access the personal data processed by us. This means that you may contact us and we will inform you what personal data we have collected and processed regarding you and the purposes such data are used for.

Right to withdraw consent

In case the processing is based on a consent granted by you, you may withdraw the consent at any time.

Right to correct

You have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have stored corrected or completed. You have the right to update for example your contact information or your other personal data.

Right to deletion

You may also ask us to delete your personal data from our systems. We will comply with such a request unless we have a legitimate ground to not delete the data.

Right to restriction of processing

You may request us to restrict the processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data.

Right to object

You may have the right to object on grounds relating to your particular situation to the processing of your personal data based on our legitimate interest. We will comply with such objection unless we have a legitimate ground not to.

Right to data portability

You have the right to receive the personal data you have provided us in a structured and commonly used format.

How to use your rights

If you want to use your rights, please send us a letter or secure e-mail.

We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded.

10. INFORMATION SECURITY

We do our best to keep your data safe and secure. We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality and integrity.

The personal data stored under this Privacy Policy shall only be processed on a need-to-know basis. The use of personal data is protected by appropriate user rights, passwords, and rights of use. Paper documents shall be stored in locked storage.

11. LODGING A COMPLAINT
    In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, you have a right to lodge a complaint with the local supervisory authority for data protection. In Finland, the competent authority is the Data Protection Ombudsman (www.tietosuoja.fi).

 

 

 

PRIVACY POLICY – RECRUITMENT DATA

1. ABOUT THIS PRIVACY POLICY

This Privacy Policy concerns the personal data of Solar Foods Oyj’s job applicants processed by us for recruitment purposes.

Please note that this Privacy Policy only applies to the processing of personal data carried out by Solar Foods as a data controller and only in the recruitment context.

This Privacy Policy may be updated from time to time also without notice so we kindly ask you to review the latest policy from our web site. This Privacy Policy version is valid starting from the date stated above.  We will not make any substantial changes without prior notice.

2. CONTACT DETAILS OF CONTROLLER

Solar Foods Oyj
Business ID: 2872116-8
Correspondence address: Härkälenkki 11, 01730 Vantaa, Finland
E-mail address: pasi@solarfoods.com
Contact person: Pasi Vainikka, CEO, +358 10 579 3286

3. PERSONAL DATA COLLECTED

We may process the following information relating to job applicants:

We only collect and store information that is either relevant for filling in the position in question or necessary for the rights and obligations of either party in the context of establishing an employment relationship.

We may collect and process some or all of the following information from you:

• Contact information, such as name, email, address, telephone number, and social media profiles.
• Information you upload as a part of the recruitment process, such as CV, cover letters, qualifications, images, videos, and employment history.
• Information you provide during an interview.
• Results from tests performed by you in relation to a recruitment process.
• Technical data, such as the URL you are accessing the career site from, your IP address, unique device ID, language and operating system etc.
• Your emails and communication with us.
• Your answers to surveys and reviews of the recruitment process.

In certain cases, we may also engage in candidate sourcing and headhunting to fill certain positions (“Headhunting”). In this context, we may collect and process personal data available from public sources, such as the information available on a potential candidate’s LinkedIn profile.

4. SOURCES OF PERSONAL DATA

We primarily receive personal data directly from you.

With your consent or when otherwise legally allowed, we may also acquire certain information from relevant authorities or public registers.

During a recruitment process we may, with your consent, contact a reference you have provided us with, such as your former employer. In this case, we may get some information from such a reference.

When engaging in Headhunting, we may collect personal data relating to the professional profile of potential candidates from Linkedin and other similar public sources.

5. THE PURPOSE AND LEGITIMATE GROUNDS OF PROCESSING

Personal data processed under this Privacy Policy is processed to carry out recruitment processes.

Applicant data is processed based on a pre-contractual relationship at your request in order for us to assess the potential grounds for entering into an employment contract with you.

When engaging in Headhunting we process personal data based on our legitimate interests.

We also store personal data under this Privacy Policy for a certain period based on our legitimate interest for the purpose of possible litigation, claims, or regulatory investigations.

6. STORAGE PERIOD

Personal data processed under this Privacy Policy is primarily stored for two (2) years.

With your consent, we may store personal data for future recruitment purposes for a longer period. You may at any time withdraw your consent for such processing.

7. INTERNATIONAL DATA TRANSFERS

Personal data is primarily stored within the European Economic Area or such third country that is considered by the European Commission to have an adequate level of protection.

However, in certain cases we may transfer or access personal data outside the European Economic Area to a third country that is not considered by the European Commission to have an adequate level of protection. In such cases we provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards.

8. THE RECIPIENTS OF PERSONAL DATA

We do not share personal data with third parties outside of our company unless one of the following circumstances apply:

For legal reasons

We may share personal data with third parties outside our organization if access to the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent or otherwise address crime and/or security issues.

To authorized service providers

We may share personal data with authorized service providers who perform services for us and who act as our processors. Such service providers are for example our IT service providers. Our agreements with our service providers include commitments that the service providers agree to limit their use of personal data and to comply with privacy and security standards at least as stringent as the terms of this Privacy Policy.

With your explicit consent

We may share personal data with third parties outside of our organization for other reasons than the ones mentioned before, when we have your explicit consent to do so. You have a right to withdraw such consent at any time.

9. YOUR RIGHTS

Right to access

You have a right to access the personal data processed by us. This means that you may contact us and we will inform you what personal data we have collected and processed regarding you and the purposes such data are used for.

Right to withdraw consent

In case the processing is based on a consent granted by you, you may withdraw the consent at any time.

Right to correct

You have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have stored corrected or completed. You have the right to update for example your contact information or your other personal data.

Right to deletion

You may also ask us to delete your personal data from our systems. We will comply with such a request unless we have a legitimate ground to not delete the data.

Right to restriction of processing

You may request us to restrict the processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data.

Right to object

You may have the right to object on grounds relating to your particular situation to the processing of your personal data based on our legitimate interest. We will comply with such objection unless we have a legitimate ground not to.

Right to data portability

You have the right to receive the personal data you have provided us with in a structured and commonly used format.

How to use your rights

If you want to use your rights, please send us a letter or secure e-mail.

We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded.

10. INFORMATION SECURITY

We do our best to keep your data safe and secure. We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality and integrity.

The personal data stored under this Privacy Policy shall only be processed on a need-to-know basis. The use of personal data is protected by appropriate user rights, passwords, and rights of use. Paper documents shall be stored in locked storage.

11. LODGING A COMPLAINT

In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, you have the right to lodge a complaint with the local supervisory authority for data protection. In Finland, the competent authority is the Data Protection Ombudsman (www.tietosuoja.fi).