On this page we inform about changes in our Privacy Statement.

July 2020

Information has been updated to correspond to the changes made in our cookie policy, according to which setting of cookies in most cases requires user’s consent. We have also clarified the section regarding ”Analysis, compilation of statistics, and the development of business, products and services.” We have also clarified the passage regarding retention times of the data.  

We have added information regarding new webshops into Section 7. “Do we transfer your data beyond the borders of the EU or EEA (“third countries”)?”

Information regarding the up-and-coming merger of the three Kaslink companies into Fazer Finland Oy has been added to the listing of data controllers.

We have added information regarding Gateau mobile application.

The section about the MyFazer loyalty programme has been updated to refer to cookies and other similar technologies.

February 2020 

In the Controllers section, we have removed the five companies divested by Fazer Group in June 2019, namely Fazer Food Services Oy, Fazer Food Services AB, Fazer Food Services AS, Fazer Food Services A/S and Fazer Food OÜ after their ownership has changed.

Information about data transfers beyond the borders of the EU or EEA has been updated to reflect the implementation of a user interface development tool whose service provider and a subcontractor it uses are in the United States. 

December 2019

We have added information in the section “From where we collect data?” concerning signing up for events organized by Fazer.

We have added details to the description of how long we store your data regarding the added sections on video surveillance systems and access control systems.

The service-specific information has been updated

  • Fazer Candy Store has changed its name to Fazer Store. Fazer Store Online store section has been updated with the information regarding processing of personal data in connection with the Online store reminding the customer of the so-called abandoned shopping cart.
  • Section on processing of personal data received from Fazer Facebook pages and related joint controllership with Facebook Ireland Limited.
  • Descriptions of video surveillance systems and access control systems at Fazer’s facilities.

In the Controllers section, we have added the three companies acquired by Fazer Group in June 2019, namely Kaslink Oy, Kaslink Aito Oy and Kaslink Foods Oy. Oy Karl Fazer Ab acts as a joint controller of personal data together with the above-mentioned three new subsidiaries belonging to the Fazer Group which are controllers regarding their own operations.

June 2019

Information about data transfers beyond the borders of the EU or EEA (“third countries”) has been updated to reflect the implementation of an inventory and shipping management service provider located in the United States which uses subcontractors located in third countries.  

May 2019

The service-specific information has been updated

  • Old MyFazer service section has been removed, as the new My Fazer customer loyalty programme replaces the previous service.
  • My Fazer customer loyalty programme has been added to the service-specific information.

May 2018


Fazer Group has continued and accelerated its preparations for the EU General Data Protection Regulation that will enter into force in May 2018. At the same time, we have revised our Privacy Statement. As a result, we are more accurately and clearly able to describe how we process your personal data. In addition, we have improved the layout of the Privacy Statement so that it is easier to read.

The central changes are the following:

Currently, our Privacy Statement also describes how we process your personal data when you contact us as a representative of a company or another organisation.

We have specified the From where do we collect data? section.

In Service-specific details, we describe what personal data we collect in each service and for what purposes we use this data. From now on, you can easily check all matters related to the processing of your data in each service.

In the What kind of data do we collect? section, we have specified the examples of the type of personal data we collect about you. For example, we have specified the description of how we process personal data related to your health.

In the Cookies section, we have specified how the Fazer Group uses cookies.

We have specified the description of what your data is used for. Our aim is to tell you as clearly as possible for what purposes we use your personal data and why.

We have added details to the description of how long we store your data. We only store your data for as long as is required for the purpose for which your data was collected. We have added a table for you to check the service-specific purposes of use and criteria for data storage periods.

Furthermore, we have specified the description of who can process your data. For example, we use third parties in some services to which we disclose your data so that we can fulfil our contractual obligations. These parties include providers of payment transfer and transportation services.

We have specified the description of how we transfer your data outside the EU/EEA, i.e. third countries.

In addition, we have specified the description of who you can turn to if you have any questions concerning the processing of your data.

In the Controllers section, we have listed all controllers within the Fazer Group. Oy Karl Fazer Ab acts as a controller of personal data, together with subsidiaries belonging to the Fazer Group which are controllers regarding their own operations.

 

February 2018 

Fazer Group is preparing for the EU’s General Data Protection Regulation that will enter into force in May 2018. We have harmonised and centralised the processing of personal data in companies belonging to Fazer Group to be able to protect your personal data in the best way possible. 

The most significant change is that in the future, Oy Karl Fazer Ab will be the controller of personal data together with subsidiaries belonging to the same Group, which are controllers for their own operations. In the updated Privacy Statement, we will describe in more detail how your personal data is processed in Fazer companies and how you can exercise your rights as easily and effectively as possible.  

The central changes are the following:

We have refined the From where do we collect data? section.  

In the What kind of data do we collect? section, we have refined the examples of the types of personal data we collect about you. Our goal is that in the future, you will be more aware of what kinds of data we record concerning you.  

We have refined the description of what your data is used for. Our goal has been to be increasingly clear on the basis for using your data.  

We have added details to the description of how long we store your data.  

We have refined the description of who can process your data.   

We have included a section where we describe how you can exercise your rights and affect the processing of your personal data.  

We have also included a section where we describe how you can follow the changes in our Privacy Statement