top of page
Baltic Sustainability Awards

Privacy Policy

Baltic Sustainability Awards is fully GDPR compliant and will treaBaltic Sustainability Awards is fully GDPR compliant and will treat your personal data with the utmost care and respect. It's important for us that you understand what data we collect about you, how we use it, and what your rights related to your data are.t your personal data with the utmost care and respect. It's important for us that you understand what data we collect about you, how we use it, and what your rights related to your data are.

1.  General issues.

1.1. These rules lay down a procedure by which Helve provides processing, security and protection of applicants’ (hereinafter collectively referred to as Applicants) personal data at the Baltic Sustainability Awards and the application evaluation process (September 15 - December 7, 2023) (hereinafter - the Event).


This Privacy Policy may be updated if required in order to reflect the changes in data processing practices or otherwise. These Policies may be modified by Baltic Sustainability Awards from time to time, such modifications to be effective upon posting by Helve on the It is the Applicant's responsibility to periodically check-up these Policies for changes. Continued participation in the Event and/or continued use of the website by Applicant following the posting of changes will imply that Applicant accepts and agrees to the changes. The current version of this Privacy Policy can always be found on Additionally, you may be reading these Policies on a service provided by a third party, in this case the version of Policies may be outdated, to make sure, the latest version can always be found on

1.2.Terms used in the Rules:

Processing - any operation or set of operations performed with personal data or sets of personal data, which is carried out with or without automated means, such as collecting, registering, organizing, structuring, storing, adapting or modifying, recovering, viewing, using, disclosing, transmitting, distributing or otherwise making them available, matching or combining, limiting, erasing or destroying;


Processor - SIA Helve (online event platform provider and Awards registration process provider), Airtable (company survey platform provider), Discord SL (company communication platform provider);


Controller - SIA Helve;


Personal data - Applicant's name, surname, e-mail address, Email, Phone number 

organization, country, professional information, photo and video from which a Person is identifiable;


A third party - a natural or legal person, public entity, agency or entity other than the data subject.


The purpose of these rules is to provide the Applicant with complete information about the purposes and legal basis for the processing of its personal data.

2. Purpose of personal data processing.

2.1. To ensure participation in the applicant’s evaluation process for the Baltic Sustainability Awards event (name, surname, e-mail address, phone, organization, country);

2.2. To ensure provision of organizational and operational information exchange of the event (name, surname, e-mail);

2.3. To ensure the publicity, promotion of the Event and public information (photo recording and filming during the Event)


The purpose of collecting and further processing these personal data is to be able to offer the Services to the Applicants, to organize the Events as well as for Applicant verification and evaluation purposes. We process personal data for the evaluation and selection of potential applicants and organisations for the Events. We also process personal data for the purpose of maintaining our customer relationships with the Applicants, for instance by contacting the Applicants regarding the Services and Events. We also process personal data of the Applicants in order to inform the Applicants of changes relating to the Services and the Events. We process the address of the Applicants to send them the materials necessary for the participation in the Event.

3.  Personal data registration at the Event. 

3.1. Initial collection of Applicants' personal data is carried out by the Processor through registration for the Event, accompanied by these Rules and a statement of consent for the processing of data.

3.2. Upon registration the Applicant familiarizes themselves with these Rules and upon their approval confirms consent to personal data being processed in accordance with the Rules.

​4. Terms of collection, storage and deletion of personal data.

4.1.Personal data collection is carried out until the end date of the Applicant registration process or until October 8th, 2023.

4.2. Personal data is stored, processed only to the extent and within the time limit necessary for the fulfillment of the objectives specified in these Rules and these are as follows:

Name and surname – until March 7, 2024;

E-mail - until March 7, 2024;

Phone - until March 7, 2024;

Organisation - until March 7, 2024;

Country - until March 7, 2024;

Video - permanently (creating a Controller's event archive);

Photo recording materials (photos) - permanently (creating a Controller's event archive).


4.3. The Controller may transfer Personal data (name, surname) to the Central Finance and Contracting Agency for supervisory purposes.

5. Applicant's acknowledgement for the processing of personal data.

5.1. An Applicant, acknowledging to have read the Rules, consents to his or her Personal data being processed in accordance with the terms of these Rules.

5.2. Transfer of the Applicant's personal data is a must for the Controller to pursue the legitimate interests of the Controller and ensure Applicant's participation in the Event.

5.3. If the Applicant withdraws its consent to the processing of personal data, the Controller and Processor will erase all personal data submitted, except where erasure is  impossible for technical reasons or where it causes disproportionate effort (for example, in case of already printed materials).

6. Audio and audio-visual recording.

6.1. A Applicant, acknowledging to have read the Rules, confirms that he or she has been informed of the Event being photographed and filmed. 

6.2. The Controller may use the materials produced as a result of a photo recording, in whole or in part, for publicity purposes and to inform about the course of the Event. The Applicant is hereby informed that the Controller will use this right freely at its discretion, including the right to transfer them to third parties. The Applicant has the right to request information from the Controller about third parties who have been given the right to use video and photo-recording material.

6.3. The Applicant may object to the actions specified above in this section and request the Controller to discontinue them provided that the person in question is directly identifiable in the particular video or photograph and it is technically possible for the Controller to erase and/or discontinue the use of the particular photograph.

7. Applicant's rights.

7.1. Applicant may:

- At any time request the Controller information about the person specified in Article 13 of the General Data Protection Regulation;


- Access the relevant data and receive the information specified in Article 15 of the General Data Protection Regulation by contacting SIA Helve;


- Request the Controller to rectify, delete or limit personal data processing or to object to such processing in accordance with Articles 17 and 21 of the General Data Protection Regulation.

8. SIA Helve’s duties in the processing of personal data. 

8.1. While processing personal data, SIA Helve ensures:


- Access to information in accordance with Article 13 of the General Data Protection Regulation;


- Implementation of technical and organizational measures for the security and protection of Personal data;


-Upon request from the Applicant, correction or erasure of his or her personal data.


8.2. The Controller undertakes to inform the Applicant without delay about personal data security breach in case the personal data breach could create a high risk for the rights and freedoms of natural persons.

9. Communication and procedures for the exercise of the rights of the Applicant.

9.1. The Applicant may exercise its rights, including the right to object or to ask questions to the Controller in writing via the email:;

9.2. If the personal data provided by the person changes, the person is entitled to request to rectify (align) his/her personal data by contacting the Controller by email:

10. Processor who processes personal data on behalf of the SIA Helve.

10.1. The Processor carries out the processing of the Applicant's personal data in accordance with these regulations (personal data collected in a survey during the registration process is processed in accordance with Typeform Privacy Policy).


10.2. In the course of the administrative organization of the Event the Processor may, if necessary, engage other processors (identification card makers, photographers, etc.) by concluding contracts with them that will include a condition for compliance with these rules.

10.3. If the processor involves other processors for processing of the personal data in the administrative organization of the event, the processor may transfer the following personal data to them: name, surname. The processor gives the Controller access to personal data transferred to another processor.

10.4. If another processor is engaged, then the Processor ensures that this processor complies with these rules.

11. Processing security requirements

11.1. Taking into account the state of the art, the implementation costs and the nature, extent, context and purposes of the processing, as well as the various risks and risks of probability and severity with respect to the Applicant's rights and freedoms, SIA Helve and the processor shall implement appropriate technical and organizational measures to ensure an adequate level of security.

11.2. The mandatory technical protection of personal data shall be implemented by

- SIA Helve and the processor with physical and logical safeguarding means ensuring:


- Protection against the threat of personal data generated by physical effects;


- Protection through software tools, passwords, encryption, cryptography and other logical safeguarding means.


11.3. When processing personal data, SIA Helve and the Processor shall ensure:


- Access of authorized persons to the technical resources used for the processing and protection of personal data (including access to personal data);


- That data carriers containing personal data are processed by authorized persons;


- That the resources used in the processing of personal data are transferred to authorized persons.



Place and date: Riga, September 9, 2023

bottom of page