PRIVACY POLICY

General

The Cutrin.fi website is owned by Cutrin Oy.

Cutrin Oy is committed to protecting the privacy of its customers and offers its customers the possibility to influence how their data is processed.

The purpose of this privacy policy is to provide information about how we process our customers’ personal data. The customer must accept the terms of this privacy policy in order to use the services available through cutrin.fi. For the purposes of this privacy policy, when we say ‘you’, we refer to any person who allows our website to use the information they provide about themselves. By ‘site’ we refer to all the pages under cutrin.fi.

The information we collect can be divided into data provided by the user, data collected through the use of the online services and data collected by analytics tools.

We use data:

  • to process and ship orders;
  • to provide a user-friendly and secure service;
  • to provide a good customer experience;
  • to improve product recommendations and marketing; and
  • to improve our customer service and online shop.

Register details

Name of register

Customer register of the Cutrin.fi online shop. The register consists of several sub-registers.

Company information

Cutrin Oy
Business ID 2443709-8
Lasikuja 2
FI-02780 Espoo, Finland
Customer service: +358 (0)800 122 211
Switchboard: +358 (0)20 4877 100
Email: firstname.lastname@cutrin.com

E-invoicing

E-invoicing address: 003724437098
EDI number: 003724437098
Operator ID: 003723609900
Operator: Pagero
Invoices may be submitted via email to mf-lumene-80@medius.cloud

The controller of the personal data we process is:

Cutrin Oy (Business ID 2443709-8)
Lasikuja 2
FI-02780 Espoo, Finland

Person in charge of matters related to the register

Nina Nuutinen
nina.nuutinen@cutrin.com
+358 (0)40 770 2366

If you have any questions about data privacy and the processing of personal data, please send us an email to nina.nuutinen@cutrin.com

Customer information can only be accessed by Cutrin Oy’s own employees, and our staff is trained in the secure and ethical use of personal data. All staff members only have access to the specific customers details necessary for them to carry out their duties.

We use trusted contractual partners, which allows us to transfer information to a third party. The agreements we have made with all of our partners take into account the requirements of the General Data Protection Regulation of the EU and other legislation. You can read more about third parties in the section ‘Disclosure of personal data to third parties’.

Collection, processing and use of personal data

We need to collect various types of information about you if you want to place an order through our online shop or use our site.

We collect, store and process the information you provide for the purposes of order processing, any complaints or customer returns following the order, and to provide services through our online shop. The data we collect about you includes your name, email address, delivery address, billing address, phone number and payment information. Orders placed by companies must also include the company name and business ID. We will only use the information you provide when you place an order to process the online shop orders, unless you give your permission for other purposes, such as subscribing to our newsletter.

We disclose personal data to third parties only if it is permitted by law, for example for the purpose of fulfilling a contractual obligation, for marketing and billing purposes or if the customer has given their prior consent to the disclosure of data. The external service providers we contract to fulfil the order (e.g. transport and forwarding companies, payment gateway providers and banks) receive from us the information necessary for the fulfilment of the order and the contract. Our service providers may use the data thus disclosed solely for the performance of their duties.

Collection of data for marketing purposes

In addition to fulfilling any orders you place through the cutrin.fi site, we also use your information for the following purposes:

  • to improve your shopping experience and to make it more customer-friendly and personalised;
  • to keep you up-to-date on your order;
  • to inform you about specific products, training sessions and marketing campaigns; and
  • to recommend training sessions, products or services that may be of interest to you.

For this purpose, we use the information available to us, such as delivery notifications and read receipts of email messages, information concerning the terminal device you are using, internet connection, operating system, browser, platform, date and time of your visit on the website, as well as the products you have viewed, and information that we have received from you (including automatically sent or generated data). In addition, we also use your order history to ask you to submit product reviews after you have placed your order.

You may, at any time, object to the use of your personal data for marketing purposes or other individual purposes. You may, at any time, unsubscribe from the newsletter or emails requesting product reviews by clicking the link at the end of the newsletters. Alternatively, you can ask to be removed from the mailing list by sending an email to cutrintilaukset@cutrin.com.

Customer account

You can register as our customer by creating an account in the online shop. The customer relationship is confirmed manually. This means that we check whether the customer has the right (valid business ID) to make wholesale purchases in the hairdressing industry. We open a customer account for each registered customer, which gives a direct password-protected access to the usage data we have saved. This function allows the customer to view information such as the orders they have placed.

Customer account information

In order to register you as a customer, we collect the following information about you:

  • Email address (this is also your username)
  • Password (it is up to you to make sure that the password is strong enough and that you keep it confidential)
  • First and last name
  • Address information
  • Telephone number
  • Company name and business ID

Storage and protection of personal data

Protection of data

All personal data is protected against unauthorised access and accidental or unlawful destruction, alteration, disclosure, transfer or other unlawful processing.

Cutrin Oy stores its customer data in Finland. The servers, the technical security of the warehouse management system and the e-commerce system as well as the security of the processes are at a very high level. Passwords are carefully protected and we use two-factor authentication when possible. We update passwords regularly. Our servers are protected against data breaches and denial-of-service attacks.

When it comes to the processing of personal data and our technical solutions, we observe good data protection practices, such as consolidation, minimisation, pseudonymisation, anonymisation and encryption of data. The processing of personal data is subject the requirements of the General Data Protection Regulation of the EU, which entered into force on 25 May 2018.

All access to personal data is controlled in accordance with good practices.

Retention of data

We will only retain your personal data for the duration necessary to fulfil the purposes set out in this policy. In addition, some data may be retained for a longer period of time to the extent necessary to perform the obligations imposed by law, such as obligations related to accounting and consumer trade, and to demonstrate that these obligations have been duly fulfilled.

At the customer’s request, personal data concerning them may be anonymised or removed from Cutrin Oy’s systems. The removal and anonymization measures are irreversible and we cannot recover deleted customer accounts.

We are legally obliged to retain certain types of data for a longer period of time for example for the following purposes:

  • The Accounting Act (Kirjanpitolaki,1997/1336) sets out longer storage periods for data regardless of whether the material contains personal data or not.
  • Fulfilment of consumer trade obligations.
  • System log data is collected and stored as required by law in order to provide a lawful and secure online shop to our customers.
  • Taking sufficient backups of the shop’s databases and systems to protect the data, taking corrective actions and ensuring data security and the continuity of data.

If we are unable to delete some data from our systems, we will always notify the customer and explain why the deletion is not possible.

Protection of the register

Access to the register requires having the right to access Cutrin Oy’s internal network. The access right is limited to the data necessary for the performance of the employee’s duties and requires the use of personal user IDs. In case of disturbances, the data is backed up regularly.

Employees who process customer register data are bound by professional secrecy. Data is only disclosed to third parties because of a statutory reporting obligation, such as at the customer’s own request or at the legal request of an authority.

Regular data sources

The contact details and customer relationship information kept in the register are obtained when the customer relationship is established and when the customer provides information to the controller during the customer relationship. A customer relationship is established when the customer registers to use the service.

Information on the customer’s creditworthiness at the time of placing an order is obtained from Suomen Asiakastieto Oy (Business ID: 0111027-9).

Customer rights

As a customer, you have the right:

  • to access personal data about you, including the right to receive a copy of the personal data concerning you;
  • to request the rectification or erasure of your personal data; and
  • to request, under certain conditions, the restriction of processing or object to the processing of your personal data.

In addition, if the processing is based on separate consent, you have the right to withdraw your consent at any time. Please note that this does not affect the lawfulness of the processing of data before the withdrawal of consent.

You can submit a request to exercise your rights by contacting our customer service team (cutrintilaukset@cutrin.com). The request must be sufficiently specific so that our customer service team can verify your identity. We will notify you if we are unable to fully comply with your request, for example if we are legally required or have a legal right to retain some data (such as credit information).

If you notice that your data has been processed in an inappropriate or unlawful manner, you have the right to lodge a complaint with the data protection authority.

Receiving your personal data

You can request to receive the information stored in Cutrin Oy’s systems for yourself by contacting us via email at cutrintilaukset@cutrin.com.

You can find more detailed information about the personal data we collect and store under the section ‘Collection, processing and use of personal data’.

Disclosure of personal data to third parties

We may disclose some necessary information to third parties in order to ensure that your order reaches you and for marketing purposes. Your information is also disclosed to a creditor when a credit granting decision is needed.

Together with third parties, we also use customer data for analytics and personalisation purposes. Together with our partners, we use purchase behaviour and browsing data to better provide you with products and offers that may interest you. The data used for analytics and personalisation purposes is anonymised or pseudonymised whenever possible. Only we can connect the pseudonymised data with your name.

Where necessary, we can also disclose data to authorities. If it is permitted by law, we will always inform the customer of any requests for information.

The third-party tools we use and the data they collect:

  • Advertising tools: Meta (including Facebook and Instagram advertising), Google (including Google Ads, YouTube, Display Network advertising)
  • Analytics tools: Google Analytics
  • Newsletter mailing lists and marketing automation: ActiveCampaign
  • Online shop: WooCommerce
  • Logistics: Posti
  • Payment services: Paytrail
  • Inventory management: SAP

Cutrin Oy ensures a high level of data security and protection when transferring and processing data in accordance with the General Data Protection Regulation of the EU. The tools we use to verify the level of the security of data processing by third parties are standard contractual clauses approved by the European Commission or another approved means in accordance with the General Data Protection Regulation.

Cookies and how we use them

Cutrin Oy uses cookies and other similar technologies, such as the browser’s local storage. Cookies are small text files sent between the server and the browser of the device used to access the website. Cookies and other identifiers have a specified validity period, after which the browser deletes the identifier. We use these technologies to provide our services, personalise the user experience, obtain analytics data and show adverts that we believe may interest you.

Functional cookies and local storage are used, for example, to identify the customer, maintain login details, estimate the delivery time and update the shopping cart. To be able to use these functions, users of the site must consent to the use of cookies and local storage. Functional cookies and local storage variables set by the server remain in the browser 15min-24kk, unless you remove them in your browser settings. If your browser allows it, visiting the site re-sets the cookies and local storage variables.

The data used for analytics and personalised marketing is anonymized whenever possible. Otherwise, we treat the data as personal to the extent that the identifier contains customer-identifying information, such as the IP address. Identifiers that are in any way associated with the customer are also treated as personal data. The validity period of the identifiers used for analytics and personalised marketing purposes is 30s-24kk. . We use Google Analytics to obtain analytical information about areas such as the use of our website, popular products, trends and sales. The data is sent to Google in an anonymised format. Learn more about Google Analytics and the processing of data.

Other technologies we use for analytics and personalised marketing purposes, such as tracking pixels, help us better understand our customers’ behaviour and tell us which products our customers are interested in and which features and services our customers find the most useful. You can opt out of the identifiers used by our analytics and marketing partners by enabling your browser’s Do Not Track feature and setting your browser to reject third-party cookies. You can read about the Do Not Track feature in Chrome here and the same feature in Firefox here.

You can manage and delete cookies yourself in your browser settings. The below links provide instructions on how to delete cookies in different browsers:

Google Chrome · Mozilla Firefox · Safari · Internet Explorer · Opera

List of cookies we use:

GROUP 1: Group 1 cookies collect information about how you use our website and help us improve the performance and user experience of the website.

sbjs_current | sbjs_current_add | sbjs_first | sbjs_first_add | sbjs_migrations | sbjs_session | sbjs_udata | wordpress_logged_in | wp-settings-16 | LOGIN_INFO | __cfduid

GROUP 2: Group 2 cookies store information about your shopping cart, including products, amounts and discounts and allow you to return to your shopping cart.

woocommerce_cart_hash | woocommerce_items_in_cart

GROUP 3: Group 3 cookies measure and enhance advertising.

1P_JAR | APISID | HSID | IDE | NID | PREF | SAPISID | SIDCC | SSID | __gads | _fbp | act | c_user | datr | dpr | fr | presence | sb | spin | wd

GROUP 4: Group 4 cookies keep track of video settings and views (YouTube & Vimeo).

APISID | HSID | SAPISID | SSID | VISITOR_INFO1_LIVE | YSC | __gads | player | vuid

GROUP 5: Group 5 cookies provide data for site analytics (how the user accesses the page, how long the session lasts etc).

PHPSESSID | __cfduid | _ga | DSID | LOGIN_INFO

Changes to this privacy policy

Due to the development of services and changes in legislation, we reserve the right to modify this privacy policy. Registered customers will be notified of significant changes to the privacy policy when the terms and conditions are updated.

Questions about data protection?

If you have any questions about privacy, processing of data or this privacy policy, please contact us via email at cutrintilaukset@cutrin.com.

 

Notice

×

This product can not be added to the cart