Privacy Notice
This privacy notice explains how we collect, use, and protect personal data when you engage with our services as a business customer.
Effective date: 6.9.2025
1. Controller Information
Sunset Wonders Oy (“we”, “our”, “us”, “the company”) is the controller of your personal data.
Contact details:
Address: Viikinportti 2 D 49, 00790 Helsinki
Email: info@sunsetwondersafrica.com
Phone: +35845 125 2365
2. Personal Data We Collect
We may collect the following personal data about you or your company representatives:
Contact information: Name, email address, phone number
Organization information: Company name, address, industry
Service-related data: Booking details, preferences, or other information necessary to provide the requested services
3. Purpose and Legal Basis for Processing
We process your personal data for the following purposes:
The processing of personal data is necessary for the performance of the contract between the Company and the Partner/Customer, in accordance with Article 6(1)(b) of the GDPR. This includes processing personal data to provide the agreed services, manage bookings or orders, communicate about the services, and fulfill contractual obligations.
The processing of personal data is necessary for the Company to comply with its legal obligations under applicable law, in accordance with Article 6(1)(c) of the GDPR. This includes obligations related to accounting, tax reporting, record-keeping, contractual compliance, and other statutory requirements.
The Company relies on its legitimate interests under Article 6(1)(f) of the GDPR to contact potential business partners for marketing purposes. The Company has a legitimate interest in contacting potential business partners to inform them about its services, promote business opportunities, and maintain commercial relationships. This interest is balanced against the rights and expectations of the recipients. The processing is necessary for the Company to develop its business and offer relevant services, and it is reasonable to assume that recipients in a professional B2B context could expect to receive such communications. The Company documents the assessment of this legitimate interest and ensures that all communications respect data subject rights, including the possibility to object to further marketing contact.
4. Data Recipients
Your personal data may be shared with:
Our employees and authorized personnel who need the data to perform their duties (e.g. Regional Market Consultant)
Subprocessors in connection with providing our services, including those located outside the European Economic Area (EEA)
5. International Data Transfers
Where personal data is transferred to countries outside the EEA (e.g., Zimbabwe), we ensure appropriate safeguards using EU Standard Contractual Clauses (SCCs). Transfers are only made in compliance with GDPR requirements, ensuring that your personal data is adequately protected. International data transfers are only conducted to Sunset Wonder’s partners who have signed a partnership agreement as well as a Data Processing Agreement which complies to GDPR.
6. Data Retention
We retain your personal data only for as long as necessary to:
Provide our services
Comply with legal obligations
Enforce agreements
After this period, personal data is securely deleted.
7. Your Rights
Under GDPR, you have the following rights:
Access: Obtain confirmation whether we process your data and receive a copy
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of personal data where applicable
Restriction: Request limitation of processing under certain circumstances
Data portability: Receive your data in a structured, commonly used, machine-readable format
Withdraw consent: Where processing is based on consent
Complaint: Lodge a complaint with a supervisory authority (in Finland: the Data Protection Authority)
To exercise your rights, contact us at info@sunsetwondersafrica.com
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
Restricted access to authorized personnel only
Data encryption in transit and at rest (TLS/SSL in transit and AES-256 at rest).
Regular backups and procedures for data recovery
We ensure that any third-party service providers (subprocessors) we use to process your personal data comply with data protection requirements. This is ensured by signing a Data Processing Agreement (DPA) with all of our partners. The DPA complies with the GDPR. We also ensure compliance with EU Standard Contractual Clauses (SCCs) for any international data transfers as well as conduct regular compliance checks/audits to our partners/third-party service providers (subprocessors).
9. Updates to This Privacy Notice
We may update this privacy notice from time to time. Changes will be posted on our website with an updated “effective date”.
10. Contact for Data Protection Matters
Email: info@sunsetwondersafrica.com
You also have the right to lodge a complaint with a supervisory authority, such as the Finnish Data Protection Authority (https://tietosuoja.fi/en, tietosuoja@om.fi) or EU-level authority (European Data Protection Board, EDPB, https://edpb.europa.eu, edpb@edpb.europa.eu).
Sunset Wonders Oy
Sunset Wonders is a Finnish-based company with a regional market consultant in Zimbabwe.
Contact
info@sunsetwondersafrica.com
CEO, Sahara Chivhanga, +358 45 125 2365
COO, Grace Hoffrén, +358 45 699 7879
Regional Market Consultant, Dr Batsirai Chivhanga, +263 78 367 7333
Email addresses firstnamelastname@sunsetwondersafrica.com
© 2025. All rights reserved.