Privacy Policy

Scandic Technologies OÜ

(applicable as per January 1, 2024)

1. INTRODUCTION

1.1. This Privacy Policy (the „Policy“) describes what kind of personal data Scandic Technologies OÜ, an Estonian corporation with its registered address at Pikk 37-7, EE-10133 Tallinn, Estonia ("ST“, "we", "us", "our") collects from you, how we collect it, why we collect it, how we may use and share it, and what your rights are.
1.2 Personal data (the “Personal Data”) means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data.
1.3 Whenever handling Personal Data, we are committed to complying with the General Data Protection Regulation (“GDPR”, Regulation (EU) 2016/679) and with other applicable data protection laws in the countries that we operate in. In that framework ST is known as the Data Controller and you as the Data Subject.
1.4 As Data Subject, you have a number of rights under the GDPR as listed in Clause 7 of this Policy.
1.5 Our Cookie Policy is an integral part of this Policy.

2. COLLECTING PERSONAL DATA

2.1 We collect Personal Data from you mainly via and due to various interactions with you or your employer. These interactions may involve you in various roles, among others:
(a) Website (www.scandictechnologies.com) visitor;
(b) Marketing content recipient;
(c) Potential or actual customer;
(d) Potential or actual supplier;
(e) Potential or actual partner.
2.2 In addition to the above, we may also collect or receive personal data from third parties, such as social media platforms, websites, and business partners of ST, or from publicly available sources.
2.3 Regardless of the source, Personal Data is only collected to the extent relevant for your relationship and your interactions with ST.
2.4 The Personal Data collected, depending on your role, may include, among others:
(a) Details about how you arrived at our website;
(b) Usage and interaction information, such as your IP address, details about your interactions with our website’s performance and diagnostics data and statistics, your device’s operating system and other specifications, etc.;
(c) Location details, such as your current location, country, etc.;
(d) Activity on relevant third party platforms, such as social media activity, in accordance with your consents/settings on such social media, and platforms of our business partners;
(e) Personal details, such as your name and surname, signature, language preferences, video/audio recordings and photos of you (in case of remote support), etc.;
(f) Contact details, such as your work address, country of residence/geographic region, telephone number, email address, etc.;
(g) Work-related information, such as your industry, role, employer, relationship with other parties, educational background and courses/certifications completed, areas of interest, etc.;
(h) Information about online interactions with you, such as your consent to receive marketing materials, effectiveness of marketing efforts, marketing preferences, product searches and interests, etc.;
(i) Survey data, such as responses to surveys, feedback provided to ST or ST employees, etc.;
(j) Sales related information, to the extent that this contains personal data, such as email correspondence, information about sales visits, event or trade fair participation, webinar participation, pending orders or active subscriptions, purchase/order history, subscription history, quotation history, delivery addresses, rebates and incentives, etc.;
(k) Customer, supplier or partner related information, such as details entered in self-service or contact forms, logs of chat sessions with our customer support personnel, caller ID, audio or video recording of calls or call notes, time of calls, correspondence with ST, etc.;
(l) Product, warranty and service related information, to the extent that this contains personal data, such as installed base, installation dates, warranty status, extended warranties, repair and service information including maintenance status and service visits, etc.;
(m) Product usage and product status information, to the extent that this contains personal data and that it may be linked with you as a customer.;
(n) Details concerning visits or work at ST or elsewhere, to the extent that we host a visit by you or otherwise facilitate visits and travel by you in a ST context, or if you perform work at ST’s locations or on behalf of ST at other locations, such as your reason for visit, job task details), accommodation, travel itinerary, passport copy (if required), home address (if required), emergency contacts, photos and group photos, etc.;
(o) Details concerning participation in network or communities facilitated by ST, such as details of your interactions with ST or other participants in such contexts and data necessary for facilitation of the network/community in question.

3. REASONS FOR COLLECTING AND PROCESSING PERSONAL DATA

3.1 We collect and process Personal data for various purposes, including for:
(a) Ensuring a stable, secure and user-friendly experience on our website;
(b) Learning more about the behaviour of our website visitors and keeping statistics for market research purposes;
(c) Carrying out surveys and providing feedback;
(d) Subscribing to newsletters and other communication purposes;
(e) Improving, optimising and tailoring our marketing, advertising and sales operations as a whole;
(f) Improving our offerings, products, services and support to you during full lifecycle customer relationship;
(g) Planning, performing and managing on-going contractual relationships with customers, including administration and bookkeeping;
(h) Technical operations and maintaining security;
(i) Research and development;
(j) Training of ST employees;
(k) Fraud and abuse prevention;
(l) Complying with applicable laws and regulations;
(m) Solving disputes, enforcing contractual agreements, and establishing, exercising or defending legal claims;
(n) Other purposes provided for or permitted by law.
3.2 When we process personal data based on legitimate interests, we make sure to consider and balance any potential impact on you and your rights under data protection laws. Our legitimate business interests do not automatically override your interests. We will not use Personal Data for activities where our interests are overridden by the impact on you.

4. STORING AND PROCESSING PERSONAL DATA

4.1 ST and any of its affiliates store personal data and operate the ST web page at its hosting provider’s facilities located in the European Union.
4.2 ST and its affiliates may process personal data in and access it from any other country and ST may delegate the processing of such information to third parties.
4.3 If data is processed in countries that do not guarantee adequate protection, ST will provide adequate protection of the data in accordance with applicable data privacy laws and by way of putting adequate contractual guarantees in place on the basis of EU standard contractual clauses, binding corporate rules or in other adequate manners.

5. TRANSFER OF PERSONAL DATA

5.1. We share your personal data only when needed to realise legitimate business purposes. The main categories of recipients are:
(a) Other companies affiliated with ST.
(b) Business partners of ST (e.g. suppliers, sales and marketing partners, including social media platforms, partners for digital offerings, logistics partners, event organisers, customers of ST in respect of specific offerings, etc.
(c) IT service providers and data processors on behalf of ST, e.g. hosting services, IT support, cloud services, user administration services, etc.
(d) Other recipients supporting ST’s business operations, e.g. consultants and advisers of ST, sanctions-screening partners, etc.
(e) Other authorised third parties who may need to access or store personal data if required or permitted by applicable law (e.g. governmental authorities or other competent public bodies, courts, arbitral tribunals, attorneys, etc.).
5.2 We do not sell personal data to or otherwise share it with irrelevant third parties.

6. DURATION OF STORING PERSONAL DATA

6.1 Personal data is stored for varying lengths depending on the nature and purpose for which it was collected.
6.2 We store personal data in line with any applicable statutory minimum periods, and then review it periodically to ensure it is still necessary to be retained for the purpose for which it was collected.
6.3 Where there is a statutory maximum for which data can be retained we will delete accordingly on expiration.
6.4 When personal data is deleted, the data may be kept in an anonymised form that does not allow you to be identified.

7. YOUR RIGHTS

7.1 Where you have given your consent for our processing of your personal data, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us, see below under "Contact Information". If you withdraw your consent, the withdrawal will not affect the lawfulness of processing that has already been carried out based on your consent.
7.2 You have the right to have confirmed whether we collect or process your personal data, and, if so, you have the right to request a copy of your personal data in a digital format.
7.3 You have the right to require that we correct any inaccurate personal data concerning you, and that we complete incomplete personal data.
7.4 In certain circumstances, you have the right to request that we erase personal data concerning you; for example, if it is no longer necessary for the purposes for which it was originally collected.
7.5 In certain circumstances, you have the right to request that we restrict the processing of your personal data, e.g. if you believe that the personal data is not accurate or lawfully processed.
7.6 In certain circumstances, you have the right to request that we stop processing your personal data.
7.7 In certain circumstances, you have the right to receive the personal data you have provided us with in a structured, commonly used, machine readable format, and the right to have us transmit the data to another entity, where technically feasible.
7.8 If you are of the opinion that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the EU or EEA member state in which you reside, work, or where the alleged infringement has taken place. A right to lodge a complaint with your local supervisory authority may also apply outside the EU/EEA, depending on your location.

8. CONTACT INFORMATION

8.1 To contact us about anything to do with your personal data and data protection, including to exercise your rights, please use the following details:

Scandic Technologies OÜ
Pikk 37-7
EE-10133 Tallinn
dpo@scandictechnologies.com

9. CHANGES TO THIS POLICY

9.1 We reserve the right to amend, adjust or suspend this Privacy Policy at any time.
9.2 The amended, adjusted or suspended Privacy Policy will be posted on this page.