Privacy Policy – Amertat Energy Oy

PRIVACY POLICY – WEBSITE AND NEWSLETTER

  1. ABOUT THIS PRIVACY POLICY 

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. 

Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website. 

  1. CONTACT DETAILS OF CONTROLLER 

Amertat Energy Oy 

Business ID: 3333314-3 

Address: Taidemaalarinkatu 5 A 14, 00430 Helsinki, Finland 

Email: info@amertate.com 

Contact person: Javad Hosseininia, CEO 

  1. PERSONAL DATA COLLECTED 

What personal information do we collect from the people that visit our blog or website? 

You may be asked to enter your name, email address or other details to help you with your experience. 

  1. SOURCES OF PERSONAL DATA 

We receive personal data directly from you. 

When do we collect information?

We collect information from you when you subscribe to a newsletter, fill out a form or enter information on our site. 

How do we protect your information? 

We use SSL certificate on our website. We only provide articles and information. We never ask for credit card numbers. We do not use vulnerability scanning and/or scanning to PCI standards. 

We do not use Malware Scanning. 

  1. THE PURPOSE AND LEGITIMATE GROUNDS OF PROCESSING 

We process your personal data to help your experience on our website or to send a newsletter. 

We collect and process the personal data based on our legitimate interests. In some instances, we may also request your consent. 

  1. STORAGE PERIOD 

We retain the personal data for only as long as that data is necessary for the purposes we have collected it, or if we are required to retain that data for longer periods in order to comply with applicable laws. We never retain the personal information longer than five years from our last communication with you. 

  1. INTERNATIONAL DATA TRANSFERS 

Personal data is primarily stored within the European Economic Area or such third country that is considered by the European Commission to have an adequate level of protection. 

However, in certain cases, we may transfer or access personal data outside the European Economic Area to a third country that is not considered by the European Commission to have an adequate level of protection. In such cases, we provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards. 

  1. THE RECIPIENTS OF PERSONAL DATA 

We do not share personal data with third parties outside of our company unless one of the following circumstances apply: 

For legal reasons

We may share personal data with third parties outside our organization if access to the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent or otherwise address crime and/or security issues. 

To authorized service providers 

We may share personal data with authorized service providers who perform services for us and who act as our processors. Such service providers are for example our IT service providers. Our agreements with our service providers include commitments that the service providers agree to limit their use of personal data and to comply with privacy and security standards at least as stringent as the terms of this Privacy Policy. 

With your explicit consent 

We may share personal data with third parties outside of our organization for other reasons than the ones mentioned above when we have your explicit consent to do so. You have a right to withdraw such consent at any time. 

  1. YOUR RIGHTS 

Right to access 

You have a right to access the personal data processed by us. This means that you may contact us and we will inform you what personal data we have collected and processed regarding you and the purposes such data are used for. 

Right to withdraw consent 

In case the processing is based on a consent granted by you, you may withdraw the consent at any time. 

Right to correct 

You have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have stored corrected or completed. You have the right to update for example your contact information or your other personal data. 

Right to deletion 

You may also ask us to delete your personal data from our systems. We will comply with such a request unless we have a legitimate ground to not delete the data.

Right to restriction of processing 

You may request us to restrict the processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data. 

Right to object 

You may have the right to object on grounds relating to your particular situation to the processing of your personal data based on our legitimate interest. We will comply with such objection unless we have a legitimate ground not to. 

Right to data portability 

You have the right to receive the personal data you have provided us in a structured and commonly used format. 

How to use your rights 

If you want to use your rights, please send us a letter or secure e-mail. 

We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded. 10. INFORMATION SECURITY 

We do our best to keep your data safe and secure. We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality and integrity. 

The personal data stored under this Privacy Policy shall only be processed on a need-to-know basis. The use of personal data is protected by appropriate user rights, passwords, and rights of use. Paper documents shall be stored in locked storage. 

  1. LODGING A COMPLAINT 

In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, you have a right to lodge a complaint with the local supervisory authority for data protection. In Finland, the competent authority is the Data Protection Ombudsman (www.tietosuoja.fi).

PRIVACY POLICY – CUSTOMERS, PARTNERS AND STAKEHOLDERS 

  1. ABOUT THIS PRIVACY POLICY 

This Privacy Policy concerns the personal data of Amertat Energy Oy processed in the context of its operations relating to sales, customer relations, and other business partner relationships, where contact information or other personal data concerning those business-to-business relationships may be processed. 

This Privacy Policy may be updated from time to time also without notice so we kindly ask you to review the latest policy from our website Amertate.com. This Privacy Policy version is valid starting from the date stated above. We will not make any substantial changes without prior notice. 

  1. CONTACT DETAILS OF CONTROLLER 

Amertat Energy Oy 

Business ID: 3333314-3 

Address: Taidemaalarinkatu 5 A 14, 00430 Helsinki, Finland 

Email: info@amertate.com 

Contact person: Javad Hosseininia, CEO 

  1. PERSONAL DATA COLLECTED 

The types of personal data we collect and process consist of information about individuals who are employed by or are otherwise connected to the companies we engage with. Those companies could be our customers, potential customers, or other business partners. 

In detail, the information includes basic identifying details such as the individual’s name, email address as well as the title and position in the related company. 

  1. SOURCES OF PERSONAL DATA 

We receive personal data directly from you or through your employer or the company to which you are otherwise related to, or through available sources such as social media channels or internet otherwise.

With your consent or when otherwise legally allowed, we may also acquire certain information from relevant authorities or public registers. 

  1. THE PURPOSE AND LEGITIMATE GROUNDS OF PROCESSING 

Our primary purpose is to collect information about our customers who are business entities and not individual data subjects. As part of our sales activities, we will however collect and use personal data for the purposes of being able to provide our products and services to our customers and manage our customer relations. Similarly, we also engage with other business partners and to manage those engagements we may need some personal data. 

We collect and process the personal data based on our legitimate interests. In some instances, we may also request your consent. 

  1. STORAGE PERIOD 

We retain the personal data for only as long as that data is necessary for the purposes we have collected it, or if we are required to retain that data for longer periods in order to comply with applicable laws. We never retain the personal information longer than five years from our last communication with you or your organization. 

  1. INTERNATIONAL DATA TRANSFERS 

Personal data is primarily stored within the European Economic Area or such third country that is considered by the European Commission to have an adequate level of protection. 

However, in certain cases, we may transfer or access personal data outside the European Economic Area to a third country that is not considered by the European Commission to have an adequate level of protection. In such cases, we provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards. 

  1. THE RECIPIENTS OF PERSONAL DATA 

We do not share personal data with third parties outside of our company unless one of the following circumstances apply: 

For legal reasons 

We may share personal data with third parties outside our organization if access to the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent or otherwise address crime and/or security issues. 

To authorized service providers

We may share personal data with authorized service providers who perform services for us and who act as our processors. Such service providers are for example our IT service providers. Our agreements with our service providers include commitments that the service providers agree to limit their use of personal data and to comply with privacy and security standards at least as stringent as the terms of this Privacy Policy. 

With your explicit consent 

We may share personal data with third parties outside of our organization for other reasons than the ones mentioned above when we have your explicit consent to do so. You have a right to withdraw such consent at any time. 

  1. YOUR RIGHTS 

Right to access 

You have a right to access the personal data processed by us. This means that you may contact us and we will inform you what personal data we have collected and processed regarding you and the purposes such data are used for. 

Right to withdraw consent 

In case the processing is based on a consent granted by you, you may withdraw the consent at any time. 

Right to correct 

You have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have stored corrected or completed. You have the right to update for example your contact information or your other personal data. 

Right to deletion 

You may also ask us to delete your personal data from our systems. We will comply with such a request unless we have a legitimate ground to not delete the data. 

Right to restriction of processing 

You may request us to restrict the processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data.

Right to object 

You may have the right to object on grounds relating to your particular situation to the processing of your personal data based on our legitimate interest. We will comply with such objection unless we have a legitimate ground not to. 

Right to data portability 

You have the right to receive the personal data you have provided us in a structured and commonly used format. 

How to use your rights 

If you want to use your rights, please send us a letter or secure e-mail. 

We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded. 10. INFORMATION SECURITY 

We do our best to keep your data safe and secure. We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality and integrity. 

The personal data stored under this Privacy Policy shall only be processed on a need-to-know basis. The use of personal data is protected by appropriate user rights, passwords, and rights of use. Paper documents shall be stored in locked storage. 

  1. LODGING A COMPLAINT 

In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, you have a right to lodge a complaint with the local supervisory authority for data protection. In Finland, the competent authority is the Data Protection Ombudsman (www.tietosuoja.fi).

PRIVACY POLICY – RECRUITMENT DATA 

  1. ABOUT THIS PRIVACY POLICY 

This Privacy Policy concerns the personal data of Amertat Energy Oy’s job applicants processed by us for recruitment purposes. 

Please note that this Privacy Policy only applies to the processing of personal data carried out by Amertat Energy as a data controller and only in the recruitment context. 

This Privacy Policy may be updated from time to time also without notice so we kindly ask you to review the latest policy from our web site. This Privacy Policy version is valid starting from the date stated above. We will not make any substantial changes without prior notice. 

  1. CONTACT DETAILS OF CONTROLLER 

Amertat Energy Oy 

Business ID: 3333314-3 

Address: Taidemaalarinkatu 5 A 14, 00430 Helsinki, Finland 

Email: info@amertate.com 

Contact person: Javad Hosseininia, CEO 

  1. PERSONAL DATA COLLECTED 

We may process the following information relating to job applicants: 

We only collect and store information that is either relevant for filling in the position in question or necessary for the rights and obligations of either party in the context of establishing an employment relationship. 

We may collect and process some or all of the following information from you: 

  • Contact information, such as name, email, address, telephone number, and social media profiles. 
  • Information you upload as a part of the recruitment process, such as CV, cover letters, qualifications, images, videos, and employment history. 
  • Information you provide during an interview. 
  • Results from tests performed by you in relation to a recruitment process.
  • Technical data, such as the URL you are accessing the career site from, your IP address, unique device ID, language and operating system etc. 
  • Your emails and communication with us. 
  • Your answers to surveys and reviews of the recruitment process. 

In certain cases, we may also engage in candidate sourcing and headhunting to fill certain positions (“Headhunting”). In this context, we may collect and process personal data available from public sources, such as the information available on a potential candidate’s LinkedIn profile. 

  1. SOURCES OF PERSONAL DATA 

We primarily receive personal data directly from you. 

With your consent or when otherwise legally allowed, we may also acquire certain information from relevant authorities or public registers. 

During a recruitment process we may, with your consent, contact a reference you have provided us with, such as your former employer. In this case, we may get some information from such a reference. 

When engaging in Headhunting, we may collect personal data relating to the professional profile of potential candidates from Linkedin and other similar public sources. 

  1. THE PURPOSE AND LEGITIMATE GROUNDS OF PROCESSING 

Personal data processed under this Privacy Policy is processed to carry out recruitment processes. 

Applicant data is processed based on a pre-contractual relationship at your request in order for us to assess the potential grounds for entering into an employment contract with you. 

When engaging in Headhunting we process personal data based on our legitimate interests. 

We also store personal data under this Privacy Policy for a certain period based on our legitimate interest for the purpose of possible litigation, claims, or regulatory investigations. 

  1. STORAGE PERIOD 

Personal data processed under this Privacy Policy is primarily stored for two (2) years. 

With your consent, we may store personal data for future recruitment purposes for a longer period. You may at any time withdraw your consent for such processing.

  1. INTERNATIONAL DATA TRANSFERS 

Personal data is primarily stored within the European Economic Area or such third country that is considered by the European Commission to have an adequate level of protection. 

However, in certain cases we may transfer or access personal data outside the European Economic Area to a third country that is not considered by the European Commission to have an adequate level of protection. In such cases we provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards. 

  1. THE RECIPIENTS OF PERSONAL DATA 

We do not share personal data with third parties outside of our company unless one of the following circumstances apply: 

For legal reasons 

We may share personal data with third parties outside our organization if access to the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent or otherwise address crime and/or security issues. 

To authorized service providers 

We may share personal data with authorized service providers who perform services for us and who act as our processors. Such service providers are for example our IT service providers. Our agreements with our service providers include commitments that the service providers agree to limit their use of personal data and to comply with privacy and security standards at least as stringent as the terms of this Privacy Policy. 

With your explicit consent 

We may share personal data with third parties outside of our organization for other reasons than the ones mentioned before, when we have your explicit consent to do so. You have a right to withdraw such consent at any time. 

  1. YOUR RIGHTS 

Right to access

You have a right to access the personal data processed by us. This means that you may contact us and we will inform you what personal data we have collected and processed regarding you and the purposes such data are used for. 

Right to withdraw consent 

In case the processing is based on a consent granted by you, you may withdraw the consent at any time. 

Right to correct 

You have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have stored corrected or completed. You have the right to update for example your contact information or your other personal data. 

Right to deletion 

You may also ask us to delete your personal data from our systems. We will comply with such a request unless we have a legitimate ground to not delete the data. 

Right to restriction of processing 

You may request us to restrict the processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data. 

Right to object 

You may have the right to object on grounds relating to your particular situation to the processing of your personal data based on our legitimate interest. We will comply with such objection unless we have a legitimate ground not to. 

Right to data portability 

You have the right to receive the personal data you have provided us with in a structured and commonly used format. 

How to use your rights 

If you want to use your rights, please send us a letter or secure e-mail.

We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded. 10. INFORMATION SECURITY 

We do our best to keep your data safe and secure. We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality and integrity. 

The personal data stored under this Privacy Policy shall only be processed on a need-to-know basis. The use of personal data is protected by appropriate user rights, passwords, and rights of use. Paper documents shall be stored in locked storage. 

  1. LODGING A COMPLAINT 

In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, you have the right to lodge a complaint with the local supervisory authority for data protection. In Finland, the competent authority is the Data Protection Ombudsman (www.tietosuoja.fi).