Privacy Policy

This privacy policy describes how NGR Group Ltd processes personal data in accordance with the EU General Data Protection Regulation (GDPR). The policy explains in which situations personal data may be collected, how it is used, and what rights you have as a data subject.

  1. CONTROLLER AND CONTACT INFORMATION
    NGR Group Ltd
    Larvvägen 18 B
    66540 KUNI
    Finland
    E-mail: info@ngr.fi
  2. PURPOSE AND LEGAL BASIS FOR PROCESSING PERSONAL DATA
    NGR Group Ltd is a company in the recycling and circular economy business focusing on recycling, logistics and trading with waste materials. We process personal data in order to operate our business, develop projects, maintain stakeholder relations, and comply with legal obligations.

    Personal data may be processed for the following purposes:

    Project development and business operations
    We process personal data in connection with the planning, development, financing, and implementation of business projects. This may include communication with customers, authorities, partners, investors, contractors, and other stakeholders. Processing is based on legitimate interest or contractual obligations.

    Website functionality and communication
    We may process technical information to ensure that our website works properly and to improve usability. This may include cookies, IP address, browser type, and similar information. Processing is based on legitimate interest.

    Customer, partner, and supplier relations
    Personal data is processed to manage agreements, cooperation, invoicing, and other matters related to business relationships. Processing may be based on contract, legal obligation, or legitimate interest.

    Job applications
    If you apply for a position at NGR Group Ltd, we process the personal data you provide, such as name, contact information, CV, and other relevant material. Processing is based on consent or legitimate interest.

    Events and meetings
    Personal data may be processed in connection with invitations, meetings, seminars, or other events related to our projects or business operations. Processing is based on legitimate interest.

    Where processing is based on consent, you have the right to withdraw your consent at any time.
  3. CATEGORIES OF PERSONAL DATA
    Depending on the situation, we may process the following types of personal data:

    – Name and contact details (e-mail, phone number, address)
    – Company, organisation, or employer information
    – Job title or role
    – Communication history
    – Technical data related to website use (IP address, cookies, browser data)
    – Contract and invoicing information
    – Information provided in job applications
    – Other information necessary for project development, agreements, or legal compliance

    We only collect personal data that is necessary for the specific purpose.
  4. SOURCES OF PERSONAL DATA
    Personal data is primarily collected directly from you, for example when you contact us, participate in meetings, sign agreements, visit our website, or send a job application.

    In some cases, data may also be obtained from public sources such as company websites, authorities, or other parties involved in a project.
  5. RECIPIENTS OF PERSONAL DATA
    Personal data is processed within NGR Group Ltd.
    Data may also be shared with trusted service providers such as IT providers, consultants, legal advisors, auditors, or project partners when necessary for business operations.

    Personal data may also be disclosed to authorities when required by law.
  6. RETENTION OF PERSONAL DATA
    Personal data is stored only as long as necessary for the purpose for which it was collected, or as long as required by law.

    Examples:
    – Contact and stakeholder information is stored as long as the business relationship exists or is expected to continue.
    – Job application data is normally stored for a limited period after recruitment has ended.
    – Website-related data may be stored for a shorter period depending on technical needs.
    – Accounting and contractual data is stored for the period required by law.
  7. TRANSFER OF DATA OUTSIDE THE EU / EEA
    We primarily store personal data within the EU / EEA.

    If personal data is processed outside the EU / EEA, we ensure appropriate safeguards in accordance with GDPR, such as the use of Standard Contractual Clauses approved by the European Commission.
  8. DATA SECURITY
    Personal data is protected by appropriate technical and organisational measures.

    Access to personal data is limited to persons who need the information for their work.
    Systems are protected by passwords, user permissions, firewalls, and other security measures.
    All persons processing personal data are bound by confidentiality.
  9. RIGHTS OF THE DATA SUBJECT
    Under GDPR, you have the right to:

    – Access your personal data
    – Request correction of incorrect data
    – Request deletion of data when legally possible
    – Restrict or object to processing
    – Request transfer of your data
    – Withdraw consent when processing is based on consent
    – File a complaint with the data protection authority

    Requests should be sent by e-mail to info@ngr.fi
    NGR Group Ltd will respond within the time limits required by GDPR.