Our privacy notices

  • We care about the privacy of our external and internal stakeholders. In our relationships, we need to collect and process personal data for several purposes and ways. We do it only for specified, explicit and legitimate purposes and only when valid legal grounds exist.

    Gren Group, including its subsidiaries, is committed to respecting privacy and complying with applicable
    data privacy laws. Here you can learn more about how we do it:

     

  • Privacy notice - customers

    This privacy notice describes how Gren processes your personal data. The notice applies when you use our products and services or otherwise interact with us. This notice also applies if you are a business customer.

    We may also provide you with additional product or service specific privacy information in the service or product specific terms, privacy supplement or other notices you may see while using our product or service.

    • Gren collects and processes various types of personal data, where applicable, such as:

      • Personal details – including your contact details (such as your name, address, phone number, and email address), demographic data (such as your gender, age, language, nationality, professional details, and additional details such as your interests or a segment group), and your national identity number when required for verifying your identity.
      • Agreement & transaction data – such as information about your agreements, orders, purchases, payment status, and invoices; recorded and transcribed phone calls; subscriptions and opt-outs; and your other  transactions with us such as service requests and messaging with our customer service.
      • Payment & credit data – such as your payment card information and bank account information that are needed for verifying purchases or returning funds, credit worthiness.
      • Online data & identifiers – data that is collected with cookies or similar technologies about your use of our services, such as your browsing activities and segments, your IP address, cookie ID, mobile device ID, details about browser and device, and location.
      • Security data – data that is used for securing the use of our services and our premises, such as your password and login details, security logs, and camera surveillance recordings.
      • Technical and consumption data – such as data related to the operation of a device or application, including the measurement of consumption and production of heat and other utilities, and data from smart devices, including data from any sensors (e.g. temperature).
    • The personal data which we process about you comes from different sources:

      • You – when you order or use our services, when you fill in a form of interest, participate in a survey or competition, create an account, browse our website, or otherwise interact with us.
      • Third parties – such as public address registers, credit reference agencies, debt collection agencies, installation partners, marketing partners, and other data providers.
      • Gren Group companies – which share information for purposes mentioned below in section 6.
    • We will use your personal data for predefined purposes based on contract, consent, legal obligation and legitimate interest. We will use your personal data for the following purposes:

      3.1. Service delivery & customer service

      We collect and use personal data about you to process orders, deliver products and services, to provide customer service, and to manage payments, contracts and transactions.

      The data needed for delivering services vary depending on the product or service in question. For example, online services may require the user to authenticate, whereas heating contracts require us to measure the consumption. Our customer service handles your requests and messages to serve you. Customer service may also offer you the optimal contract type that we calculate for you. We may communicate with you on contract related matters via phone, mail, email, SMS, chat, automated calls, and other digital channels including social media.

      The basis for processing your data for service delivery and customer service is typically the contract. When
      required by law, we may ask for your consent to deliver certain services, for example, location based services.

    • 3.2. Sales, marketing, and stakeholder communications

      We may contact you through marketing even if you are not our customer. We will ask for your consent to contact you when required by law, otherwise our contact is based on legitimate interest. Without consent, we can send automated electronic marketing messages that relate to your customer or professional
      relationship with us, and use traditional marketing channels (e.g. post, telephone, door-to-door), when
      allowed by local law. We also conduct lotteries and contests.

      3.2.1. Customer marketing
      Customer marketing is electronic automated marketing that is sent without consent to existing
      customers and business customers in those countries where such practice is allowed.

      To our consumer customers, who are currently ordering our products and services, we send regular
      offers and information about products and services that are relevant for the customer relationship.
      We send these communications to the contact address (phone or email) that you have given in
      connection with your relationship.

      To our business customers (employees of our current and prospective client companies and business
      partners, other stakeholders) we send offers and information about products, services, promotional
      events and services that are relevant to their professional role. We send these communications to
      the work contact address which we have received from the customer, their company, or a public
      source.

      3.2.2. Consent based marketing
      We send you automated electronic marketing and newsletters if you have agreed to subscribe to
      them. This marketing can contain information about any Gren group company products and services
      or about partner products and services. We may also collect marketing consent on behalf of our
      partners.

      3.2.3. Traditional marketing channels
      We may use traditional marketing channels (post, telephone, door-to-door) to contact you about our
      products or services and our partners’ products or services, unless you have blocked the use of your contact details.

      3.2.4.     What data is used to optimize sales & marketing (“Profiling”)

      For marketing and advertising, we use data that is collected during the customer relationship and from customer surveys; online behavioral data; and derived data that for example predicts the users’ interests. Based on these data, we are able to make marketing more relevant and effective, and send you more personalized offers. An example of derived data is a segment that tells us that the user is likely to live in a suburban area or a row house. You may also receive a targeted offer, for example because you have moved recently.

      3.2.5. Stakeholder relations
      We manage stakeholder relationships by communicating about relevant topics and promoting events which we arrange. Communications are sent directly by email to the contact addresses received from the stakeholders or their companies.

    • 3.3. Product and service development

      We process personal data to improve and develop better services for our customers, to support our business decision-making, and consider our customers’ feedback and needs. The basis for processing data for product and service development is a legitimate interest. This is done, for example, by collecting feedback directly from users using surveys, test panels, interviews, questionnaires, and other forms of market research; by utilizing the data generated from the use of our services in analytics; by using recorded or transcribed phone calls for training and service quality improvement; and by testing system functionality with temporary sample data that is collected during normal service use. Data processing for our product and service development generally happens with de-identified data to the
      extent possible. In the case that the customer’s real contact details are collected in connection to the survey, or if we conduct interviews personally with the customer, we may inform you specifically about the use of the contact details in connection to the survey or interview. We may occasionally use samples of real data, for example, to test the functioning of our systems.

      3.4. Legal obligations

      We process personal data to comply with our legal requirements, for example, accounting and tax laws,
      and anti-money laundering laws.

      3.5. Defense of legal rights & ensuring the security of our services and customers

      We use personal data to defend and secure our own rights and our customers’ rights. The basis for processing data for the defense of legal claims, debt collection, credit checking, information security, and prevention of fraud and misconduct is typically legitimate interest. Personal data is used for ensuring the security of our products and services, for example, by keeping access logs and system backups, authenticating users, and preventing attacks.

    • If we use automated decision-making with legal or similarly significant effects on you, we will inform you in advance. If such automated decision-making is not authorized by legislation, not necessary for the performance or entering into a contract with us, we will ask for your consent.

      You can always express your opinion or contest a decision based solely on automated processing, as well as to request a manual decision-making process by contacting us.

    • Gren deletes or de-identifies personal data when it is no longer necessary for the purposes it was collected
      for. For information on how long we hold your personal data for, please contact us.

    • Where applicable, we may share your personal data with:

      • Gren Group companies – our Group companies may use your personal data for the purposes defined in this notice, based on legitimate interest to the extent permitted by applicable law, including for marketing their products and services to you.
      • Commercial partners

      We disclose personal data to our commercial partners based on legitimate interest to the extent permitted by applicable law. Examples of such situations include:

      • Where you have purchased our products and services from a commercial partner, we often need to exchange data about you as part of managing that relationship and your purchase – for example to identify your order and for us be able to pay them.
      • Where you buy our commercial partner’s product or service through us, you make a contract for it with the commercial partner selling that product or service. Gren is only charging the amount directly to your bill as part of the arrangement with the seller. Gren may pass your personal data to such a commercial partner to complete your purchase and for us to be able to pay them.

      Our commercial partners include, for example substation maintenance vendor, debt recovery agencies, insurance companies, consumer electronics retailers, and online advertising partners.

      • Consent, contract or request. We may share your personal data if we have your consent to do so. Some of our products and services allow you to share your personal data with others. We may also share your personal data with a third party when this is required to fulfill our obligations under contract with you or to fulfill a request by you. As an example, we will disclose your address to the postal, courier or installation service to be able to deliver a product or service which you have ordered.
      • Our subcontractors – we use subcontractors to provide services. Such subcontractors may have access to your personal information and are processing it on our behalf but they are not allowed to use the personal data for any other purpose than to provide the service agreed with us. We ensure through appropriate contractual arrangements that the processing of personal data is in accordance with this notice. Typical
        service providers that process personal data include for example network construction partners, payment and invoicing partners, and IT software & service providers.
      • Acquisitions and divestments – if we decide to acquire, sell, merge or otherwise reorganize its businesses, this may involve disclosing personal data to prospective or actual purchasers and their advisers.
      • Authorities, legal proceedings and law – we will disclose your data to competent authorities, such as the police, to the extent required by law. We may also disclose your personal data in relation to legal proceedings
        or at the request of an authority on the basis of applicable law, or court order or in connection with a trial or authority process, or as otherwise required or permitted by law.
    • Some of our service providers and group companies operate internationally, which means that data
      occasionally could be located or transferred to the other country, including outside of the European
      Economic Area. When personal data is transferred outside the EU or the EEA, Gren uses appropriate
      safeguards, such as the standard contractual clauses provided by the European Commission.

      You can obtain more information about the transfers by contacting us.

    • When you use our services or visit our websites, Gren can collect data about your devices using cookies and
      other similar technologies. You can get more information about how to manage cookies and online data use by reading our cookie policy.

    • Below, you can see your rights regarding personal data that Gren processes about you. If you have any question about your rights or want to exercise them, please contact us. Please note that some of the rights may not be applicable, for example, if the data cannot be connected to you.

      • Right to access personal data – you have the right to be informed about the processing that we do and to request a copy of your personal data.
      • Right to correct personal data – you can ask for the information about you to be corrected, if it is not accurate or if it needs to be updated.
      • Right to data portability – you are able to obtain and reuse the personal data you have provided us. We can provide a selected set of the data delivered in a machine-readable format, where the basis of processing has been either contract or consent.
      • Right to deletion – we will delete the data at your request if it is no longer legitimately needed.
      • Right to withdraw your consent – if you have given consent for data processing, you are always entitled to withdraw your consent.
      • Right to object to the processing – you have the right to object to the processing of your personal data on Gren legitimate interests, such as developing our products and services, and other purposes explained above in sections 3 and 6 above. Gren may reject your request if there is a compelling reason for continuing the processing.
      • Right to restrict the processing – in certain circumstances, you have the right to have the processing restricted.
      • To opt out from electronic marketing communications and customer surveys – if you no longer want to receive marketing messages from Gren, you can choose to opt out at any time. The easiest way is to click the link at the end of the marketing message.
      • To opt out from telephone and postal marketing – if you no longer want to receive marketing calls or postal marketing from Gren, you can  inform the customer service representatives.
      • To manage cookies and to opt out from targeted online advertising: If you want to manage cookies on our websites or to opt-out from targeted online advertising, use the controls set out in our cookie policy.

      Please note that you may still receive marketing messages for a short period after opting out while we update our systems. Also, we sometimes use marketing partners, who may display our products and services to you, but who have not received any personal data about you from us. To opt out from such marketing or to exercise your other rights, you will need to contact the specific marketing partner directly.

      How to lodge a complaint: If we do not take action in accordance with your requests, we will inform you of the reasons. If you are not satisfied with our response, or with the way we handle personal data, please contact us.

    • Gren reserves the right to amend this Privacy Notice. Possible amendments to the Privacy Notice will be
      notified about on our website, or by communicating directly to you.

    • Gren Group and its subsidiaries are the controllers of your personal data. If you want to exercise your rights or have any queries about the processing of your personal data, contact us by using our privacy request form.

      Further questions and comments regarding your privacy can be addressed to:

      • Gren Eesti
        Niidu 24
        80047 Pärnu
        Estonia
      • Gren Tartu
        Sõrba 54/1
        50106 Tartu
        Estonia
      • Gren Latvija
        Pasta 47
        Jelgava, LV-3001
        Latvia
      • Gren Lietuva
        J. Jasinskio g. 16B,
        LT-03163
        Lithuania
  • Privacy notice - consultants and vendors

    This privacy notice describes how Gren Group and its subsidiaries processes your personal data. This notice applies to the processing of your personal data in the context of consultant or vendor relationship.

    We may also provide additional privacy information in supplements or other notices regarding particular system, product or service.

    • Gren collects and processes various types of personal data, where applicable, such as:

      • Personal details – including your contact details (such as your name, address, phone number, and email address), demographic data (such as your gender, age, language, nationality, professional details) and your identification-related information where needed (e.g. national ID number, passport number).
      • Administrative information – such as your resumé and competencies, information about previous assignments or projects where you have been involved, where applicable, the results of background checks, credit information, photographs, accident records, project time and attendance management and information about work-related equipment and services that you use in connection with working with us, including, e.g. recorded and transcribed phone calls, recordings of trainings, messaging, and information you publish about yourself in internal and external channels.
      • Financial data – such as your bank account information, travel and other expenses, insurance information, tax numbers.
      • Online data & identifiers – data that is collected with cookies or similar technologies about your use of our internal services, your IP address, cookie ID, mobile device ID, details about browser and device, and location.
      • Security data – data that is used for securing the use of our services and our premises, such as your password and login details, employee ID, security logs, facility entry logs, and CCTV camera recordings.
    • The personal data which we process about you comes from different sources:

      • You and your employer – we receive information directly from you and the company with which you are working.
      • Third parties – we may receive information from third parties, such as national authorities (e.g. police and other enforcement agencies).
      • Gren Group companies – which share information for purposes mentioned below in section 6.
    • We will use your personal data for predefined purposes based on contract, consent, legal obligation and legitimate interest. Typically, the legal basis for data processing in the supplier relationship context is our legitimate interest to administer our contact persons’, project workers’ or consultants’ information for work-related matters. In addition, we have certain legal and contractual obligations that require us to process personal data. Consent may be used in certain specific situations.

      We will use your personal data for the following purposes:

      • Supplier & consultant relationship management – we process personal data to manage a professional relationship with our business partners. This involves contacting our stakeholders and arranging events.
      • Managing work orders and assignments, evaluation, and general administration – we process personal data of consultants in order to administer their work and assignments. We provide consultants with work-related tools, training and services, manage travel and expense claims and project hours, conduct contract performance evaluation, and manage insurances and payments. Personal data is also processed in supplier contract management, for example when signing non-disclosure agreements.
      • Service development & reporting – we process personal data to improve and develop our internal services. Service development is done, for example, by collecting feedback directly from you in surveys and questionnaires; by utilizing the data generated from the use of our services in analytics; and by using recorded or transcribed phone calls in certain operations for training and service quality improvement. We also have internal reporting processes that utilize personal data.
      • Legal obligations – we process personal data to comply with our legal obligations, for example, to comply with tax, accounting, securities, anti-bribery, anti-money laundering, health and safety rules and other legal obligation placed on Gren.
      • Ensuring security, safety and legal rights – we use personal data to ensure the security and safety of our information, facilities, products, services, and personnel. This is done subject to local law, for example by keeping access logs and system backups, preventing attacks, monitoring system use, identifying and authenticating individuals, and monitoring access and facilities (including CCTV) and locating individuals in emergency situations. We also process personal data for defending legal rights, including preventing and investigating fraud, industrial espionage and other crime.
    • If we use automated decision-making with legal or similarly significant effects on you, we will inform you
      about it in advance. If such automated decision-making is not authorized by legislation, not necessary for the
      performance or entering into a contract with us, we will ask for your consent.

    • Gren deletes or de-identifies personal data when it is no longer necessary for the purposes it was collected
      for. For information on how long we hold your personal data for, please contact us.

    • Where applicable, we may share your personal data with:

      • Gren Group companies – our Group companies may use your personal data for the purposes defined in this notice, based on legitimate interest to the extent permitted by applicable law.
      • Your employer – we may share your personal data for the purposes defined in this notice with the company with which you are legally employed by, based on our legitimate interest, to the extent permitted by applicable law.
      • Authorized third parties – we may share your personal data with authorized third parties, based on our legitimate interest, to the extent permitted by applicable law. In such cases, Gren will ensure there is a genuine need to share your personal data. Authorized third parties include, for example, Gren’s customers, travel agencies, banks, telecom operators, insurance scheme providers, auditors, professional advisors, external legal counsels, actuaries, medical practitioners, trustees or other third-party suppliers.
      • Our subcontractors – we use subcontractors to provide services to us. Such subcontractors may have access to your personal information and process it on our behalf, but they are not allowed to use the personal data for any other purpose than to provide the service agreed with us. We ensure that the processing of personal data by our subcontractors is done in accordance with this notice through appropriate contractual arrangements. Typical service providers that process personal data include for example IT software and service providers.
      • Acquisitions and divestments – if we decide to acquire, sell, merge or otherwise reorganize its businesses, this may involve disclosing personal data to prospective or actual purchasers and their advisers.
      • Authorities, legal proceedings and law – we will disclose your data to certain competent authorities, such as government agencies responsible for tax collection, statistical information or to the police, other law enforcement agencies, to the extent required under mandatory law. We may also disclose your personal data in relation to legal proceedings or at the request of an authority on the basis of applicable law, or court order or in connection with a trial or authority process, or as otherwise required or permitted by law.
    • Some of our service providers and group companies operate internationally, which means that data
      occasionally could be located or transferred to the other country, including outside of the European
      Economic Area. When personal data is transferred outside the EU or the EEA, Gren uses appropriate
      safeguards, such as the standard contractual clauses provided by the European Commission. You can obtain
      more information about the transfers by contacting us.

    • Gren employs appropriate organizational and technical security measures to protect your data from loss or misuse. We have a cybersecurity governance model which describes roles and responsibilities on the group level, and our instructions give detailed information on how personal data must be handled within Gren. By conducting awareness programs, we engage Gren employees in privacy and security considerations. Where we contract with third-party suppliers to provide services that may enable them to access your personal data, we require them by contract to have similar security controls in place.

    • When you use our services or visit our websites, Gren can collect data about your devices using cookies and
      other similar technologies. Our website may also include cookies and other similar technologies used by third parties. You can get more information about how to manage cookies and online data use by reading our cookie policy.

    • Below, you can see your rights regarding personal data that Gren processes about you. Please note that
      some of the rights may not be applicable, for example, if the data cannot be connected to you.

      • Right to access personal data – you have the right to be informed about the processing that we do and to request a copy of your personal data.
      • Right to correct personal data – you can ask for the information about you to be corrected, if it is not accurate or if it needs to be updated.
      • Right to data portability – you are able to obtain and reuse the personal data you have provided us. We can provide a selected set of the data delivered in a machine-readable format, where the basis of processing has been either contract or consent.
      • Right to deletion – we will delete the data at your request if it is no longer legitimately needed.
      • Right to withdraw your consent – if you have given a consent for data processing, you are always entitled to withdraw your consent.
      • Right to object to the processing – you have the right to object to the processing of your personal data on Gren legitimate interests, such as developing our products and services, and other purposes explained above in sections 3 and 6 above. Gren may reject your request if there is a compelling reason for continuing the processing.
      • Right to restrict the processing – in certain circumstances you have the right to have the processing restricted.

      How to lodge a complaint: If we do not take action in accordance with your requests, we will inform you of the reasons. If you are not satisfied with our response, or with the way we handle personal data, please contact us.

    • Gren reserves the right to amend this Privacy Notice. Possible amendments to the Privacy Notice will be
      notified about on our website, or by communicating directly to you.

    • Gren Group and its subsidiaries are the controllers of your personal data. If you want to exercise your rights or have any queries about the processing of your personal data, contact us by using our privacy request form.

      Further questions and comments regarding your privacy can be addressed to:

      • Gren Eesti
        Niidu 24
        80047 Pärnu
        Estonia
      • Gren Tartu
        Sõrba 54/1
        50106 Tartu
        Estonia
      • Gren Latvija
        Pasta 47
        Jelgava, LV-3001
        Latvia
      • Gren Lietuva
        J. Jasinskio g. 16B,
        LT-03163
        Lithuania
  • Privacy notice - job applicants

    This privacy notice informs you about how we process our job applicants’ personal data. This notice applies to the
    processing of personal data in the context of recruitment and resourcing activities.

    We may also provide additional privacy information in supplements or other notices regarding particular system, product or service.

    • Gren collects and processes various types of personal data, including:

      • Personal details – including your contact details (such as your name, address, phone number, and email address), demographic data (such as your gender, age, language and nationality).
      • Recruitment information – such as your application and resume, interview information, video interviews, references from previous employers and other third-party references, information about your competencies, qualifications, skills, work experience, and education. As we take steps prior to entering into a possible employment contract, we may also collect results of the necessary health, drug, background (including security check), psychometric, and aptitude tests and depending on the position for which you are applying, and where necessary for the recruitment activities.
      • Identification information – such as proof of identity and your national identity number.
      • Online data & identifiers – data that is collected with cookies or similar technologies about your use of services, including your IP address, cookie ID and mobile device ID.
    • The personal data which we process about you comes from different sources:

      • You – when you submit us your data including application or resume or when you otherwise interact with us.
      • Third parties – such as recruitment agencies, your references and previous employers, medical or health check providers and authorities or other parties providing background checks. We will obtain your consent for such collection when required by applicable law.
      • Gren Group companies – which share information for purposes mentioned below in section 6.
    • We will use your personal data for predefined purposes based on legitimate interest and legal obligation. Also, we may use your personal data based on your consent in addition to reliance on legitimate interest (this especially if additional consents are needed under applicable law).

      The main purposes for which we process personal data are listed below:

      • Recruitment and resourcing – we use your personal data to contact you, for instance, to inform you about the status of your application or to obtain additional information. We also use your personal data to set up and conduct interviews and assessments, evaluations, references, background checks as permitted by applicable law.
      • Creating an employee record – if Gren hires you, the personal data you have given during the application process may become part of your employee record and be used to manage your career at Gren.
      • Service development and analytics – we may use your personal data to improve and develop our recruitment processes and other related services, and to create analytics. We endeavor to use de-identified data when possible.
      • Security of our services and others – personal data is used for ensuring the information security of our services and systems.
      • Legal obligations – we process personal data to comply with our legal obligations.
    • If we use automated decision-making with legal or similarly significant effects on you, we will inform you in advance. If such automated decision-making is not authorized by legislation, not necessary for performance or entering into a contract, we will ask for your consent.

    • Gren deletes or de-identifies personal data when it is no longer necessary for the purposes it was collected
      for. If Gren hires you, your personal data may become part of your employee record. For information on how
      long we hold your personal data, please contact us.

    • Where applicable, we may share your personal data with:

      • Gren Group companies – our Group companies may use your personal data for the purposes defined in this notice based on legitimate interest to the extent permitted by applicable law.
      • Third parties – Gren may share your personal data with authorized third parties who process personal data for Gren for the purposes described in this Statement. These may include recruitment consultants or agencies, test providers, IT software & service providers, and others who help us fill vacancies and assess the suitability of job applicants. These authorized third parties are not  permitted to use your personal data for any other purposes. We require them to act consistently with this Statement and to use appropriate measures to protect your personal data.
      • Acquisitions and divestments – if we decide to acquire, sell, merge or otherwise reorganize its businesses, this may involve disclosing personal data to prospective or actual  purchasers and their advisers.
      • Authorities, legal proceedings and law – we will disclose your data to competent authorities, such as the police, to the extent required by law. We may also disclose your personal data in relation legal proceedings or at the request of an authority on the basis of applicable law or court order or in connection with a trial or authority process or as otherwise required or permitted by law.
    • Some of our service providers and group companies operate internationally, which means that data occasionally could be located or transferred to the other country, including outside of the European Economic Area. When personal data is transferred outside the EU or the EEA, Gren uses appropriate safeguards, such as the standard contractual clauses provided by the European Commission. You can obtain more information about the transfers by contacting us.

    • Gren employs appropriate organizational and technical security measures to protect your data from loss or misuse. We have a cybersecurity governance model which describes roles and responsibilities on the group level, and our instructions give detailed information on how personal data must be handled within Gren. By conducting awareness programs, we engage Gren employees in privacy and security considerations. Where we contract with third-party suppliers to provide services that may enable them to access your personal data, we require them by contract to have similar security controls in place.

    • When you use our services or visit our websites, Gren can collect data about your devices using cookies and
      other similar techniques. You can get more information about how to manage cookies and online data use by reading our
      cookie policy.

    • Below you can see the list of your rights regarding personal data that Gren process about you. If you have any questions about your rights or want to exercise them, please contact us. Please note that some of the rights may not be applicable, for example, if the data cannot be connected to you.

      • Right to access personal data – you have the right to be informed about the processing that we do and to request a copy of your personal data.
      • Right to correct personal data – you can ask information about you to be corrected if it is not accurate or needs to be updated.
      • Right to data portability – you are able to obtain and reuse the personal data you provided to us. We can provide a selected set of the data delivered in a machine-readable format, where the basis of processing has been consent.
      • Right to deletion – we will delete the data at your request if it is no longer legitimately needed.
      • Right to withdraw your consent – if you have given a consent for data processing, you are always entitled to withdraw your consent.
      • Right to object to the processing – you have the right to object to the processing of your personal data on Gren legitimate interests such as developing of our recruitment process.
      • Right to restrict the processing – in certain circumstances you have the right to have the processing restricted.

      How to lodge a complaint. If we do not take action in accordance with your requests, we will inform you of the reasons. If you are not satisfied with our response, or with the way we handle personal data, please contact us. If you still not pleased with the handling, you can contact the national data protection authority.

    • Gren reserves the right to amend this Privacy Notice. Possible amendments to the Privacy Notice will be
      notified about on our website, or by communicating directly to you.

    • Gren Group and its subsidiaries are the controllers of your personal data. If you want to exercise your rights or have any queries about the processing of your personal data, contact us.

      Further questions and comments regarding your privacy can be addressed to:

      • Gren Eesti
        Niidu 24
        80047 Pärnu
        Estonia
      • Gren Tartu
        Sõrba 54/1
        50106 Tartu
        Estonia
      • Gren Latvija
        Pasta 47
        Jelgava, LV-3001
        Latvia
      • Gren Lietuva
        J. Jasinskio g. 16B,
        LT-03163
        Lithuania