Skip to content


Your privacy is important to us. At Nanoform, we have a few fundamental principles we abide by:

  • We do not ask you for personal data unless we need it.
  • We do not share your personal data with anyone except for purposes further specified below, for example to comply with the law or to protect your or our rights.
  • We do not store your personal data for longer than required for the purposes of the business relation between you and us.
  • We aim to make it as simple as possible for you to control the use of your personal data collected by us.

This Privacy Notice explains when and why Nanoform Finland Oyj (“Nanoform”, “we”, “us”, or “our”) collect personal data about our website visitors, customers, suppliers and other business partners, and people who contact or interact with us, how we use such personal data, the conditions under which we may disclose it to others and how we keep it secure.

About Nanoform

Nanoform is a registered company with registered office at Cultivator II, Viikinkaari 4, FI-00790 Helsinki, Finland. In case you have questions related to this Privacy Notice or the processing of your personal data by us, you can email us at

How do we collect personal data about you?

We primarily obtain your personal data directly from you. You may provide us personal data for instance through our website, emails, phone conversations, meetings and documents. If you are a representative of our customer, supplier, or a business partner, we may obtain personal data relating to you also from other representatives of your organization.

We also obtain personal data relating to you through automated technical means when you visit our website.

We may collect and update personal data from publicly available sources, or registers of authorities and companies providing services related to personal data.

What type of personal data do we collect?

The personal data collected and processed by us may include (but is not limited to) your name, address, email address, phone number, details related to any meetings or communications between us, and any other information you choose to provide to us.

If you are a representative of our customer, supplier or a business partner, the data may include also information related to the business relation between us and the organization you represent, such as, the name of the organization, information related to the contract between us and the organization and your association with the contract, invoicing and payment details, as well as your title.

The data we collect through our website using automated technical means includes: the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and device identification number. We also collect information about your website visit including which website pages are accessed, page response times, and length of visits to pages.

How long do we retain your personal data?

We review our retention periods for personal data on a regular basis. We are legally required to hold some types of data for certain prescribed periods to fulfil our statutory obligations.

Outside of specific statutory obligations, we will hold your personal data for as long as it is necessary for the relevant purposes for which we use it, or in accordance with any retention periods set out in any relevant contract you hold with us. If you are a representative of our customer, supplier or a business partner, the retention period of your personal data is ultimately tied to the term of the business relation between us and the organization you represent. We may continue to store your personal data after the end of the business relation to the extent necessary for certain legitimate business interests or if the data is necessary for purposes of protecting our rights.

How do we use your personal data?

We use your personal data in the following ways:

  • If you are a representative of a customer, supplier, or a business partner, we mainly use your personal data for the purposes directly arising from the contractual or business relation between us and the organization you represent. These purposes include, but are not limited to, entering into a contract, and performing our obligations based on the contract we have concluded with the organization you represent; taking care of, managing, and developing our relation with the organization; and invoicing and keeping track of the accuracy of invoicing. The legal basis for this processing is our legitimate interest to conduct our business and your relation to the organization with whom we conduct our business.
  • We may use your personal data to comply with a legal obligation based on e.g., tax or accounting related legislation to which we are subject.
  • We may use your name, contact information and other relevant data to provide you with information you have requested from us, to respond to enquiries or requests from you and to communicate with you in relation to those enquiries or requests. Our legal basis for this use is our legitimate interest, namely carrying out activities in the course of Nanoform business in response to enquiries or requests from representatives of potential or existing customers, supplier and business partners.
  • We may use your name, email address, and postal address to send you marketing communications e.g., to provide you with information regarding goods and services. Our legal basis for this use is our legitimate interest, namely the ongoing marketing of our goods and services to individuals or organizations.
  • In addition, we may use your data for a limited number of other legitimate business interests, such as for ensuring and improving data security or the security of our premises and data network; protecting our property; preventing and investigating suspected malpractices; analyzing and compiling statistics for business purposes and to develop our business.

You may provide us data also based on your consent, for example, when you contact us to request information about us, our products, or services.

If you are a representative of our customer, supplier or business partner, the provision of personal data in the manner described in this Privacy Notice is partially based on the contract between us and the organization you represent. The non-delivery of personal data may prevent us from performing our contractual or other obligations or commitments towards the organization you represent, which may lead to impediments to our business relation with the organization.

We may use the data that we automatically collect using technical means through our website to:

  • Administer our site and for troubleshooting, testing, research, and statistical purposes. We use Google Analytics, a third-party website monitoring tool. For more information, see our Cookies Notice. Our legal basis for this is our legitimate interest, namely monitoring the use of and improving our website.
  • Measure or understand the effectiveness of our own advertising activity as well as our marketing emails. We use marketing software to track when individuals open emails and click on email links and to analyze subsequent behavior on our website. Our legal basis for this use is our legitimate interest, namely improving the relevancy of our advertising.

This automated collection of information may involve the use of cookies. Please see our Cookies Notice for further detail about these.

Who has access to personal data?

We may transfer your personal data to our service providers, including but not limited to:

  • Business partners, suppliers and sub-contractors working on our behalf for the purposes of completing tasks and providing services to us or to you.
  • Advertisers and advertising networks (including social media) in order to select and serve relevant adverts to you. See our Cookies Notice for more information.

When we use third party service providers, we have a contract in place that requires them to keep your data secure and otherwise process your data only for the limited purposes for which the data was transferred to such service providers in the first place.

We may disclose your personal data within the limits permitted or required by the applicable laws, for example where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person, or for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative out-of-court procedure. In addition, we may disclose your personal data to a debt collection agency for purposes of debt collection, or to other service providers, but only to the extent that the fulfilment of their tasks require the disclosure of personal data.

Where you are a representative of a supplier or another business partner, we may disclose your personal data to our customers for purposes of carrying out our business.

In case of the sale of some or all of our business and assets, or in case any other business restructuring or reorganization, we may disclose personal data to the potential buyers and their advisors in accordance with the then current applicable laws.

Your rights

In this section, we have summarized the rights that you have under data protection laws. Some of the rights are complex, applying only in certain circumstances and subject to certain exceptions, and in the interests of keeping this Notice concise, all details have not been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

You have the right:

  • To object to us processing your personal data for marketing purposes. If you object, we will stop processing your personal data for this purpose. When we collect your data, you may be provided the possibility to choose whether or not you wish to receive marketing communications from us. If you wish to stop receiving marketing communications, you can opt out at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails or by contacting us by other means.
  • To access the data we hold about you and certain information about our processing of it and your rights in relation to it.
  • To obtain erasure of the personal data we hold about you in certain circumstances, subject to certain exceptions.
  • To rectification of any inaccurate personal data we hold about you.
  • To obtain the restriction of our processing of your personal data or to object to us processing your personal data in certain circumstances. If you object, we will stop processing your personal data unless certain exceptions apply.
  • To be provided with the personal data we hold about you in structured, commonly used, and machine-readable format and to transmit the data to another controller in situations where our legal basis for processing your personal data is your consent and we process your data by automated means.
  • To withdraw that consent at any time in situations where our processing of your personal data is based on your consent. If you withdraw your consent, we will stop the relevant processing, but it will not affect the lawfulness of our processing before the withdrawal.

To exercise any of these rights, email us at or write to us at Cultivator II, Viikinkaari 4, FI-00790 Helsinki, Finland. In addition, you can exercise your right to object to electronic direct marketing at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails.

In addition to the rights described above you are entitled to make a complaint to the data protection authority, especially in the European Union country where you have your domicile or permanent workplace or where the claimed breach of data protection regulation occurred. In Finland, this authority is the Data Protection Ombudsman. Further information can be found on the ombudsman’s website:

Security precautions in place to protect your personal data

We take appropriate technical and organizational precautions to secure your personal data and prevent its loss, misuse or alteration. Nanoform is ISO27001 certified. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

The transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and for this reason we cannot fully guarantee the security of data sent between us over the internet.

Use of Cookies

Like many other websites, our website uses cookies. ‘Cookies’ are small pieces of information sent by an organization to your computer and stored on your hard drive to allow that website to recognize you when you visit. They collect statistical data about your browsing actions and patterns.

Cookies allow us to provide important site functionality, so you do not have to re-enter lots of information. They also allow us to remember what links and pages you have been on or viewed during a session. This helps us deliver a better, more personalized service to you.

It is possible to switch off cookies by setting your browser preferences. For more information on the cookies we use, visit our Cookies Notice.

Links to other websites

Our website may contain links to other websites run by other organizations. We are not responsible for the privacy practices of those organizations or the content of their websites. You should read the privacy policies of these organizations before providing them with any personal data.

Transferring your personal data outside of European Economic Area (“EEA”)

In this section, we provide information about the circumstances in which your personal information might be transferred to countries outside the EEA, e.g. The United States and New Zealand.

Some of our service providers to whom we transfer personal data are located or may store personal data outside the EEA area. To the extent we transfer personal data to such service providers, we will ensure that the country to which the personal data is transferred is approved as having a sufficient level of data protection by the European Commission, or we ensure that the transfer is governed by appropriate safeguards, such as the standard contractual clauses approved by the European Commission, binding corporate rules or other lawful transfer mechanisms.

For more information on cross-border transfers of personal data carried out by us and on the appropriate safeguards applied thereto from time to time, email us at or write to us at Cultivator II, Viikinkaari 4, FI-00790 Helsinki, Finland.

Review of this Privacy Notice

We keep this Privacy Notice under regular review. This Privacy Notice was last updated on 20 October 2022.

If we change this Privacy Notice, we will post the updated Privacy Notice on this page and may place notices on other sections of the website and/or notify you by email.