Scandi Standard Privacy Notification

In this privacy notification you can read about how Scandi Standard Group (“Scandi Standard”, “we,” “us” or “our”) may process your personal data when you e.g. purchase goods from us, receive services from us, are a business partner or supplier, a visitor at one of our sites or offices, an applicant for a job, participate in our promotions or otherwise interact with us, including by using any of our websites or if you communicate with us via social media or other platforms.

Scandinavian Standard Nordic AB or the relevant group company is the data controller for the processing of your personal data.

Processing of your personal data

We normally use your personal data for the following purposes and legal bases: 

• Supplier, customer and business partners relations 
  
  In connection with your cooperation with us, we will process the personal data which we receive in connection with any orders and deliveries to control the payment and services (name, contact details, title, company name, etc.). Further we will use the data to maintain the business relationship with the company that you represent, or to administer any activities that you engage in.
  The basis of our processing of your personal data is our legitimate interest in holding your data in order to perform any contracts with the company that you represent, and to build the business relations with that company (GDPR article 6(1)(f)).
  
• Handling job applications
  
  We will process the personal data that we receive from you in connection with your job application. The basis of our processing of your personal data is our legitimate interest in recruiting talents with the relevant competence needed for the job role (GDPR article 6(1)(f)). For more information on how we use your personal data when you apply for a job in Scandi Standard, please click here. 
  
• Managing site visits
  When you enter your personal data in connection with your site visit the purpose is to know who our visitors are and who is currently present on our sites. 
  
  The purpose is further to reduce the risk of infections and diseases and to secure our food production. Therefore, we also request information about your travel history, health and wellbeing, in accordance with relevant regulations for food safety.  
  For safety reasons there may be camera surveillance at some places on our sites. At those places there are signs showing that camera surveillance is in operation. 
  
  The use of your personal data is necessary for us to pursue our legitimate interest in managing visitors at our sites and to ensure the security by among other installing camera surveillance, see Article 6(1)(f) in the General Data Protection Regulation (GDPR 2016/679). Further, the use of your personal data is necessary for us to act in compliance with legal requirements for food safety, see Article 6(1)(c) of the GDPR. 
  
• Handling subscriptions 
  
  When you create a user account to subscribe for financial reports, press releases and/or calendar reminders we will process your personal data to provide the services as requested by you. The processing of your personal data is necessary for our legitimate interests to maintain good relations with investors, the general public and potential employees (GDPR article 6(1)(f)).
• Handling competitions
  
  If you participate in competitions arranged by one of Scandi Standard´s group companies, we will process the personal data you provide (name, email address, competition input, including answers to questions, etc.) in order to manage the competition, chose and contact the winner (GDPR article 6(1)(b)).
  
  Depending on the specific competition and prize, we may share your name, contact details and prize details with our competition prize vendors and carriers (GDPR article 6(1)(b). If required under the legislation, we will share your name and prize details with the tax authorities (GDPR article 6(1)(c)).
  
• Handling claims and complaints 
  
  When you contact us to file a complaint, we will process your personal data (i.e. name, contact details and/or other information you provide) to be able to assist you with the relevant matter. The processing is necessary for our legitimate interests to maintain good customer relations (GDPR article 6(1)(f)). 

Storage period

We store your personal data for as long as necessary to fulfil the purposes above and to comply with legal obligations, including bookkeeping legislation in the countries where we operate.

Who do we share your personal data with?

Only the people who need to process personal data for the purposes mentioned above have access to your personal data.

We may need to share your personal data with our group companies. Further, we may need to allow our suppliers and sub-suppliers access to your personal data when they perform services on our behalf. 

We always strive to process your personal data within the EU/EEA area. However, some of our service providers process your personal data outside of the EU/EEA. We also use suppliers whose parent company, or whose subcontractor’s parent company, is based outside the EU/EEA. In these cases, we have taken into account the risk that the personal data may be disclosed to countries outside the EU/EEA, for example because of an authority request.

When we, or one of our suppliers, transfer your personal data outside the EU/EEA, we will ensure that a safeguard recognized by the GDPR is used to enable the transfer. We use the following safeguards:

• A decision by the EU Commission that the country outside of the EU/EEA to which your personal data is transferred has an adequate level of protection, which corresponds to the level of protection afforded by the GDPR. In particular, we rely on the EU Commission’s adequacy decision for the US via the so-called EU-US Data Privacy Framework, and the adequacy decision for the UK.
• Entering into the EU Commission’s standard clauses with the recipient of the personal data outside the EU/EEA. This means that the recipient guarantees that the level of protection for your personal data afforded by the GDPR still applies, and that your rights are still protected.

When your personal data is transferred outside the EU/EEA, we also implement appropriate technical and organizational safeguards, to protect the personal data in case of a disclosure. Exactly which protective measures we implement depends on what is technically feasible, and sufficiently effective, for the particular transfer.

Your rights in connection to your personal data

You have several rights in connection to our processing of your personal data according to applicable data protection legislation. 

• Right to be informed: You have the right to receive information about how we process your personal data. We do so through this privacy notification or through information provided in our specific agreement or terms with you (such information takes precedence over this policy) 
• Right of access: You have the right to know whether we process any of your personal data and to gain access to such data, for example in a register transcript 
• Right to rectification: You have the right to have your personal data corrected or completed if it’s inaccurate or incomplete
• Right to erasure (‘right to be forgotten’): In some cases, you have the right to have personal data processed about you deleted/anonymized, for example if your personal data is no longer necessary to fulfill the purpose for which it is being processed or if you withdraw your consent, where such applies, to the processing of your personal data. Note that we, under certain circumstances, will not be able to fully delete or anonymize your personal data. Such circumstances include, for example, where the data is still necessary to fulfill the purpose for which it is being processed, where our interest in processing the data outbalances your interest in having it erased or where we are obliged, by law, to retain the data. 
• Right to restriction of processing: If you think that the personal data we process about you is not correct, that our processing is in violation with applicable law or that we do not need the personal data to fulfill our specified purposes, you have the right to request us to limit the processing of your personal data. You may also request that we do not process your data during the time we investigate your request to exercise this right or if you have requested to exercise your right to object to our processing (read more about that right below). 
• Right to data portability: In cases where we process your personal data for the performance of our contract with you, or based on your consent, you have the right to gain access to your personal data in a simple and transferrable format in order for you to be able to move your personal data to another data controller, where technically feasible.
• Right to object to the processing: You may object to our processing of your personal data when such processing is based on our legitimate interest (in accordance with GDPR Article 6.1f). You always have the right to object to our use of your personal data for direct marketing purposes. We will stop sending you marketing as soon as you opt-out from such.
• Right to withdraw your consent: In cases where we process your personal data based on your consent, you always have the right to withdraw such consent. When you withdraw your consent, we will stop processing your personal data for purposes based on the consent.

Finally, you also have the right to lodge a complaint with the supervisory authority, in the country where you are based. You will find the relevant supervisory authority here. 

Cookies

As part of our approach to providing personalized services on our websites, we use cookies to store and sometimes track information about you. A cookie is a small data file sent to your browser from a web server and stored on your hard drive that allows easier access the next time the same page is visited. For example, a cookie is sent when you create a user account. There are two types of cookies used on our websites: 1) Strictly necessary cookies, that are necessary to make the site work properly and 2) Analytics cookies, that are used to collect information that help us understand how the websites are being used.

You can find information about the cookies used on the relevant group company website. 

Data security

We employ appropriate technical and organizational security measures to help protect your personal data against loss and to guard against access by unauthorized persons. Appropriate security measures we have taken include implementing secure private connections, traceability, disaster recovery and access limitations. We regularly review our security policies and procedures to ensure our systems are secure and protected.

Contact information

If you have any questions relating to our handling of your personal data or our use of cookies or if you would like to invoke any of your rights under applicable privacy legislation, please contact us at: gdpr@scandistandard.com

Changes to this Privacy notification

If we change how we handle your personal data or how we use cookies, we will promptly update this Privacy notification and publish it on our websites.

This Privacy notification was last updated in March 2025.