Privacy policy & cookies

Baron's Food Oy's General Privacy Policy

According to the General Data Protection Regulation (hereinafter "GDPR")

Updated 19.1.2021

This Privacy Policy and our company policy on personal data applies to all Baron's Food Ltd (also referred to as "we" or "Baron's Food") (professional kitchens, retail and consumers), our suppliers and others who use our services.

Our Privacy Policy & About Cookies

The controller, Baron's Food Oy, is responsible for processing the personal data it collects about you. Our head office is located in Kerava, Finland, and we are the main contact point for any communication regarding the personal data mentioned in this Policy.

Please note, that we may continue making updates to this Policy as we develop our operations and systems, so please check this page regularly for up-to-date information. If we make significant changes to the Privacy Policy, we will notify you in the news section of our website and/or by email. The current Privacy Policy is always available on all our websites or in pdf format upon request (see contact details at the end of the document).

Our Privacy Policy governs the way we process your data, and our Privacy Notice explains, among other things, what kind of personal data we collect and for what purpose, where and how long your personal data will be stored, information about the transfer of personal data both within our group and to third parties – and of course what your rights are. We assure that Baron's Food Ltd will protect your privacy in accordance with applicable data security laws.

About Cookies

The Cookie Policy applies to Baron's Food's online store for professional kitchens and all websites we own: www.baronsfood.fi, www.stadin.co and any other websites and/or digital services that may be launched in the future, which will be announced separately in this notice.

Cookies are used on our websites to, among other things, ensure that the website works in the best possible way for the user, to create statistics on visitors and to display any advertisements after a visit.

Cookies are small files that inform the website about the computer or other device you use to access the website. Your identity cannot be identified through cookies alone, and we will not associate any personal data (e.g. information you provide to us when filling in the contact form) with cookies, unless required by law. Cookies can be used, for example, to collect statistics on visitors and their behaviour (navigation) on the website, and to use this information to improve the website.

Our website may also use cookies from third parties (including Google and Facebook) to help us improve our services to serve you better and, for example, to show you advertisements later on based on the pages you have visited and what we think you might be interested in.

The retention period of cookie data varies: it may be deleted as soon as you close your browser (e.g. unsaved shopping cart contents in online shops) or it may be retained for a longer period. You can block cookies from your browser, but please note that digital services may not always work well.

Links to Other Websites & Social Media

There may also be links to other online services from our website (or, in the future, from any other digital services such as mobile apps or social media accounts). Some of our sites may also use social media community plugins (e.g. Like or Share buttons), with content coming from a social media service. These other online services (websites, social media channels, etc.) may collect information in accordance with their privacy policies, which are independent of us. Please read the terms and conditions of these services or websites separately, both with regard to cookies and data protection – especially if they require you to log in.

General information: Controller & Contact Details

Controller, processor of personal data
Baron’s Food Oy, Jäspilänkatu 29, 04250 Kerava

Contact Details and Procedure for Personal Data and Data Protection related matters

Please contact us by email:
tietosuoja@baronsfood.fi

Or by letter:
Data Protection Officer / Baron's Food Oy
Jäspilänkatu 29, 04250 Kerava

Telephone contacts only via the switchboard:
020 773 8300, business days: 7:00 to 16:00 / Data Protection Officer

A valid Privacy Policy is always available on all our websites. You can also request it in pdf format (tietosuoja@baronsfood.fi).

Purpose of Processing Personal Data

We collect information about our customers and partners to provide you the best possible service – but also to fulfil our own legal obligations and rights (e.g., in case of complaints).

How We Use Your Personal Data

We may use your personal data to

• register you as a customer/contact person (for consumers: when you make a complaint or otherwise contact us, for example via our website form),
• create login details for e-commerce and other digital services (currently only for professional customers – in the future also for potential consumer services),
• handle your orders, deliveries, customer service issues and complaints,
• contact you about any order and/or delivery problem,
• answer your questions,
• tell you about new or changed services/products/procedures,
• process registrations for events or training courses and subscriptions to customer magazines,
• send marketing offers or communications (newsletters, promotional leaflets, system notices or other communication),
• implement and process your participation in a competition or prize draw,
• carry out credit checks on companies that register as customers or to whom our services are opened,
• be able to meet the legal obligations of the company,
• carry out analyses to provide you offers and information that are right for you,
• send you questionnaires or market research, giving you the opportunity to influence our services,
• test and improve our service software,
• prevent misuse of our services or investigate crimes against the company.

For example, the data obtained from the website contact form is used for website maintenance, development and usage statistics, as well as for market and other research and reporting on products and services. On the professional kitchen e-commerce site, other uses include customer identification and user management, customer identification, authentication and authorization (authorization) for Baron's Food services, security of services, right of use, and access control.

How Long do We Store Your Personal Data?

The data will be stored for as long as is relevant to the subject of the contact, from a few weeks to years, or as long as we are required to do so by law. Your data will be erased in accordance with the information you receive when your data is registered (this Privacy Notice or the information provided in previous versions of this Privacy Notice)

Registry Data Content:

What kind of personal data do we collect?

We collect personal data when your company/you register as a customer, when you place an order, contact our customer service, participate in competitions or prize draws we organise, subscribe to our newsletter or other marketing materials (electronic and printed) or attend events or training courses, etc. The register may contain contact information, organisational or personal identifiers and payment information. The register may also contain various electronic identities (e.g. IP number), images or audio recordings that are processed by computer – even if no names are mentioned; these are also personal data if they can be linked to an individual.

When we collect personal data, we specify what data we will collect, for what purpose and for how long we will store it. For example, we may collect different information for different purposes on different websites, as not all Baron's Food online services require registration or include a contact form.

For example, on www.baronsfood.fi, personal data is collected from the information provided by the user when contacting the company via the form. This information includes general contact information such as name, address, telecommunications (telephone, cellphone, fax numbers), email address and any direct marketing authorisation and IP address.

For customers of professional kitchens who shop online, the data also includes the unique identifiers of the online shop (user ID, company ID and password for the online shop).

Please note that our register only contains information that is relevant to our relationship – it does not contain so-called special personal data (race, religious or political beliefs, health information, etc.)

Combining Different Registers

Sometimes we may transfer data from one register to another (e.g. newsletter subscriptions, long-term monitoring of product defects, participation in competitions or sweepstakes, and in the case of professional kitchens/retailers, customer and e-commerce registers) that may be considered relevant to the customer relationship between Baron's Food and the data subject. The merging will also apply to registers created in the future.

Example: We do not specifically require any information other than your email address to send you the newsletter. However, we may also store other information in connection with the customer information system, such as information about which of our products and services you have previously been interested in.

Registers of Participants in Prize Draws & Competitions & Other Short-Term, Specific Registers

The content of the register of participants may vary in the case of sweepstakes/contests, but usually includes basic personal data such as first and last name, e-mail address, telephone number and information relevant to the establishment of a potential customer relationship, such as job/title/decision-making position in the company, company name and interest in product categories, customer relationship with Baron's Food. Read more ›› and see also the "Other things to note" section of this document.

Regular Data Sources & Disclosure

The register mainly contains information provided by the individuals and Baron's Food's records on processing the subject. For our business customers, we may also record information from other sources or information we collect ourselves, where this is essential to provide you a smooth service.

Personal Data Other Than Yours

When you provide us information about other people, for example, as a representative of our client company or our partner (e.g. email addresses of chain restaurants with names, such as maija.meikalainen@company.fi), you must have each person's consent and right to pass the information on to us. Please note that you cannot ask us to delete data if we have a legal right to retain it, or to review other data we have stored about an individual, for example in our customer information system, but that requests for amendment and review must come directly from the data subjects*.

*exceptions include, for example, marketing bans on our client company as a whole, as defined in any separate customer agreements, in which case we may remove or correct all addresses from our marketing register at the request of an individually agreed person

Disclosure of Information

Within the limits of the Personal Data Act, data may be disclosed to Baron's Food's partners, subcontractors or parent or subsidiary companies if it is essential for e.g. customer service, product development or website operation. However, we will never sell or exchange your personal data to a third party for marketing purposes.

Personal data may be transferred to a third party who will process the personal data on Baron's Food's account and in accordance with the company's instructions. These sub-processors have signed a contract with Baron's Food and have been assessed for data security.

Data may also be disclosed to third parties without a sub-processing agreement if there is a legitimate basis or legal obligation for the transfer. In this case, the transfer must be documented and only the necessary data will be transferred.

Data Transfer Outside the European Union (EU) or the European Economic Area (EEA)

Personal data will not be transferred outside the EU or EEA, except in rare cases where technical processing necessitates it. Any such transfer of personal data will be made in accordance with the applicable law.

For example, some of our information system partners (sub-processors of personal data) may continue to use sub-processors (e.g. our website server room) that may also have staff outside the EU or may be owned by companies outside the EU. However, these companies are widely known and trusted, have very strict data security self-monitoring and have ensured their GDPR compliance.

Register Security

Our registers are protected by generally accepted and proven secure technical methods (access control, password protection, firewalls, etc.). Access requires a personal username and password, which are only issued to a member of Baron's Food's staff whose duties involve processing the data in the register or, in some cases, to a trusted external service provider (sub-processor).

Right of Inspection, Prohibition and Amendments

Please note that you cannot request to inspect anyone's personal data other than yours. See above "Personal Data Other Than Yours". As a designated representative of our business customer, you can request a minor change to your data (e.g. company email address change) on behalf of another person, if this is agreed in our customer agreement. In this case, the request for a change has to be presented to your contact person.

Anyone whose personal data is stored in our register has the right to

• be informed about the processing of personal data when we collect it (example: before you send us information via our website form, we will tell you in the same context what your data will be used for or when you enter our prize draw, a privacy notice will be available).
• receive information about the personal data that we have stored free of charge.
• get incorrect personal data corrected or completed.
• withdraw your previous consent to use your personal data or have your own data deleted (except for data required by law).
• opt-out of targeted marketing (Please note that in internet advertising, "targeted advertising" can also mean that you see ads based on the fact that our cookies have been stored on your device. In this case, you must prevent your device from storing cookies. Read more in the section "About cookies").
• request that the data you provide is transferred to another data controller (data portability).
• get information about personal data breaches, such as hacking.

To check your data, please contact us. Contact details can be found at the end of this policy document.

Electronic or Other Marketing Communications

Email marketing / newsletters

• Our newsletter subscribers always have the possibility to unsubscribe from our newsletter via the link at the end of the newsletter.
• We can also create new marketing lists of our business customers, for example around different topics or based on geographical location. If you do not wish to receive any marketing mail from us, you must opt-out of all lists (opt-out-all). Please note that even in this situation, we may still have your email address, in which case it will be used, for example, to identify your opt-out. This way we will avoid adding you to our lists again.
• The marketing letters we send to our business customers are based on what we call "legitimate interest" based on our relationship with our customers. We may also sometimes send letters with contact information from somewhere other than our customer information system, for example, from information providers. We will mention this at the end of the newsletter with the text "Address source".

Email marketing / targeted advertising

• In some cases, we may target advertisements to our customers based on our existing customer lists, for example on social media channels. For example, Facebook calls this feature "Custom audiences", and you can find out more about it in the Facebook Help Center.

Other marketing

• We may also send you non-electronic marketing, and target it based on the interests we have in you. You can opt out of marketing messages at any time.
• In accordance with the law, we do not send any direct marketing to consumers without their consent. In the future, any e-newsletter for our consumer customers will always have to be subscribed wittingly. We will also update this document when it is available.

Please Notice Cookies

To prevent internet advertising altogether, you should prevent storing cookies on the device you use to visit our websites, social media channels or other digital services we may offer. In these services, we may use cookies and "pixels" to store anonymous information about you in our tracking systems (e.g. Facebook or Google advertising and analytics tools). These tools are only accessible to us and our knowledgeable partner, who does not have access to our other customer data.

Anything Else to Note?

Sweepstakes & competitions, general

• In sweepstakes/competitions, personal data is used for communication between Baron's Food and the participant. By entering the sweepstake/contest, you agree to the communication (e.g. prize notification and prize arrangements).
• In addition, participants in our sweepstakes or competitions agree that we may publish the name of the winner in our marketing communications without any further consent or compensation, and that other material (e.g. pictures, press releases) about the prize, its collection and use may also be published on the organiser's website and social media.
• In the event of a potential customer relationship between the participant and Baron's Food, the information about the participation/win may be recorded in the company's customer information system if it is deemed relevant to the customer relationship.