EU GDPR Information

1. Purpose and legal basis of processing your personal data 

The processing of your personal data is required to display our website(s), to provide stability and security of our webservers and to improve the usability of our website(s). 

Legal basis for processing your personal data is Art. 6 paragraph 1 sentence 1 f) GDPR. If personal data is processed on the basis of a consent, the legal basis is Art. 6 paragraph 1 sentence 1 a) GDPR.

2. Contact details of our Data Protection Officer

You can reach our Data Protection Officer:

via E-Mail at: avannesluoma@gategroup.com
via Mail at: Evertaste Oy, Tikkurilantie 140A, 01530 Vantaa

3. Collection of personal data when you visit our website(s)

When visiting our website(s) without personally providing information to us, personal data is collected by our webserver collecting the data transmitted in connection with your access.

The data transmitted includes:

  • IP-Address
  • Name of access provider
  • Browser type, version of browser software and language of browser
  • Operating system
  • Date and time of access
  • Content of access
  • Amount of data transferred
  • Access status (successful transmission/error)
  • Website(s) the access was forwarded to
  • Website(s) accessed

In addition to the aforementioned data collection, our website(s) collect data in connection with the usage of cookies (see Section 4. of the Privacy Notice).

9. Data transfer to third parties

In general data transfer to third parties is only conducted in the cases mentioned in the Privacy Notice. In addition, data transfer to third parties may occur if:

  • we have received your explicit consent (Art. 6 paragraph 1 sentence 1 a) GDPR);
  • the processing is necessary in connection with legal claims except if the respective interests are not overridden by the interests or fundamental rights and freedoms of the data subject (Art. 6 paragraph 1 sentence 1 f) GDPR);
  • the processing is necessary for compliance with a legal obligation (Art. 6 paragraph 1 sentence 1 c) GDPR);
  • the processing is necessary for the performance of a contract with the data subject or the performance of steps at the request of the data subject prior to entering into a contract (Art. 6 paragraph 1 sentence 1 b) GDPR) 

10. Data deletion and data storage

Collected personal data will be deleted and/or the access to the data will be restricted if the purpose of the processing activity ceases to be relevant. Extended retention periods may apply in case of statutory legal provisions requiring further data retention. 

11. Rights of the data subject and the right to lodge a complaint with a supervisory authority

With regard to the personal data processed you have the following rights according to Art. 12 – 23 GDPR:

  • Right to information and access,
  • Right to rectification and erasure,
  • Right to restriction of processing
  • Right to objection
  • Right to data portability

In addition, you have the right to lodge a complaint with the competent data protection authority with regard to the processing of your personal data by us.

12. Data security

Personal data processed by us are protected against loss, falsification and unauthorized third-party access by adequate technical and organizational measures.

In order to provide a secure transmission of data between your browser and our systems, we generally use Secure Socket Layer (‘SSL’) encryption technology to encrypt communication between your browser and our webserver. URLs of websites using an SSL-encryption start with https://.

13. Update of the Privacy Notice and contact to our Data Protection Officer

Our Privacy Notice may be updated according to changes of our website(s). You can find the current version of our Privacy Notice on our websites.

For further questions and suggestions in relation to data protection you may contact our Data Protection Officer via the contact details provided under Section 2. of the Privacy Notice.