Privacy statement for Valio’s website

This privacy statement describes how Valio Ltd (“Valio”) processes your personal data when you visit its websites. This privacy statement applies only to information obtained through cookies and other similar technologies that are deemed to be personal data.

Valio may update this privacy statement from time to time, for example, due to possible amendments in legislation. Valio notifies you of any material changes herein as it deems necessary.

1. Controller

Valio Ltd (Business ID: 0116297-6)

Meijeritie 6

00370 Helsinki, Finland

2. Contact person

Privacy Officer of Valio: privacy.office@valio.fi, +358 10 381 2185, address: Valio Ltd/Privacy Officer, Meijeritie 6, 00370 Helsinki, Finland.

You may contact Valio’s Privacy Officer in all matters regarding processing of your personal data and fulfilling your rights.

3. Purpose and Grounds for Processing of Personal Data

Valio processes your personal data for the following purposes:

­
  • for the analysis, development and statistics of Valio.com website; and
  • ­
  • to produce targeted advertising, communication and content and to optimize marketing measures.

In addition, Valio may combine your cookie data to your other personal data included in Valio’s registers.

The legal ground for processing your personal data is your consent. You accept the usage of cookies when you browse our websites. You can prohibit the use of cookies as described in our Cookie Policy.

4. Personal Data to be Processed

Valio processes the following personal data:

  • personalised anonymous occasional identifier; and
  • your visit at the website as well as the information related thereto (e.g. language chosen by you, visits at the websites with Valio’s advertisements)

5. Data Sources

Valio collects personal data through, among others, analytics tools (such as Google Analytics).

6. Recipients of Personal Data

Valio collects personal data through third party cookies and similar technologies. Valio is using the following applications whose providers receive the data collected:

  • DoubleClick: Advertisement targeting and optimization
  • Facebook: Advertisement targeting and Facebook login
  • Google Analytics: Web analytics
  • Google Tag Manager: Tag management
  • Hotjar: User analytics
  • Typekit: Font library
  • Linkedin: Advertisement targeting

In addition, Valio may disclose your data to Valio’s advertising and media agencies who provide their services to Valio.

Valio transfers personal data to its service providers only to the extent they are involved in the implementation of the uses described in this privacy statement. Service providers may not use personal data for any purpose other than those described herein and the purposes described in the terms and conditions applicable in the contractual relation between Valio and the service provider. Valio may change the service providers specified in this privacy statement or add new ones in which case Valio updates this statement as necessary.

7. Transfer of Personal Data Outside the EU or EEA

The service providers described above may process personal data outside the EU/EEA. In such case, the transfers are carried out in accordance with the applicable legislation and with the requirements laid down therein.

8. Retention Period of Personal Data

Personal data obtained through cookies are stored as follows:

­
  • Session cookies in general for the duration of each session (no longer than 30 minutes) or until you close the browser.
  • ­
  • Persistent cookies in general for as long as you delete the cookie or no longer than two years.

9. Protection of Personal Data

Valio looks after the data security of your personal data with appropriate administrative and technical protection measures. Only such persons to whom processing of personal data is necessary in order to perform their work tasks may process the personal data. The systems containing personal data can be accessed only with separately granted personal usernames and passwords.

The systems and databases containing personal data processed by Valio are located in servers in locked facilities. Only named persons authorized to have access in order to perform their work assignments can access these facilities. Valio has secured the servers and the data network with appropriate firewall and other technical protection. The server platforms are protected by access control systems.

10. Your Rights

According to the applicable data protection legislation, you have at any time the right to:

  • access your personal data (right to review)
  • obtain rectification or completion of personal data that are inaccurate;
  • obtain erasure of personal data; and
  • obtain restriction of processing of personal data (e.g. for the time during which you await a response for the request to rectify personal data).

You must present the request regarding the exercise of your rights to the contact person mentioned in Section 2 above. Valio may ask you to verify your identity or specify the request before the implementation thereof. Valio may also refuse to fulfill your request, on the basis of a ground prescribed in the data protection legislation. In such case, Valio notifies you of such grounds.

11. Right to Lodge a Complaint with Supervisory Authority

You have a right to lodge a complaint with the competent supervisory authority in case you consider that Valio has not processed your personal data in accordance with the applicable data protection legislation. You can lodge the complaint with a supervisory authority of the EU member state where you habitually reside or work, or where the alleged breach of data protection legislation has taken place.

Date: August 12th 2019