The Cutrin.fi website is owned by Cutrin Oy.
Cutrin Oy is committed to protecting the privacy of its customers and offers its customers the possibility to influence how their data is processed.
The information we collect can be divided into data provided by the user, data collected through the use of the online services and data collected by analytics tools.
We use data:
Name of register
Customer register of the Cutrin.fi online shop. The register consists of several sub-registers.
Business ID 2443709-8
FI-02780 Espoo, Finland
Customer service: +358 (0)800 122 211
Switchboard: +358 (0)20 4877 100
E-invoicing address: 003724437098
EDI number: 003724437098
Operator ID: 003723609900
Invoices may be submitted via email to email@example.com
The controller of the personal data we process is:
Cutrin Oy (Business ID 2443709-8)
FI-02780 Espoo, Finland
Person in charge of matters related to the register
+358 (0)40 770 2366
If you have any questions about data privacy and the processing of personal data, please send us an email to firstname.lastname@example.org
Customer information can only be accessed by Cutrin Oy’s own employees, and our staff is trained in the secure and ethical use of personal data. All staff members only have access to the specific customers details necessary for them to carry out their duties.
We use trusted contractual partners, which allows us to transfer information to a third party. The agreements we have made with all of our partners take into account the requirements of the General Data Protection Regulation of the EU and other legislation. You can read more about third parties in the section ‘Disclosure of personal data to third parties’.
We need to collect various types of information about you if you want to place an order through our online shop or use our site.
We collect, store and process the information you provide for the purposes of order processing, any complaints or customer returns following the order, and to provide services through our online shop. The data we collect about you includes your name, email address, delivery address, billing address, phone number and payment information. Orders placed by companies must also include the company name and business ID. We will only use the information you provide when you place an order to process the online shop orders, unless you give your permission for other purposes, such as subscribing to our newsletter.
We disclose personal data to third parties only if it is permitted by law, for example for the purpose of fulfilling a contractual obligation, for marketing and billing purposes or if the customer has given their prior consent to the disclosure of data. The external service providers we contract to fulfil the order (e.g. transport and forwarding companies, payment gateway providers and banks) receive from us the information necessary for the fulfilment of the order and the contract. Our service providers may use the data thus disclosed solely for the performance of their duties.
In addition to fulfilling any orders you place through the cutrin.fi site, we also use your information for the following purposes:
For this purpose, we use the information available to us, such as delivery notifications and read receipts of email messages, information concerning the terminal device you are using, internet connection, operating system, browser, platform, date and time of your visit on the website, as well as the products you have viewed, and information that we have received from you (including automatically sent or generated data). In addition, we also use your order history to ask you to submit product reviews after you have placed your order.
You may, at any time, object to the use of your personal data for marketing purposes or other individual purposes. You may, at any time, unsubscribe from the newsletter or emails requesting product reviews by clicking the link at the end of the newsletters. Alternatively, you can ask to be removed from the mailing list by sending an email to email@example.com.
You can register as our customer by creating an account in the online shop. The customer relationship is confirmed manually. This means that we check whether the customer has the right (valid business ID) to make wholesale purchases in the hairdressing industry. We open a customer account for each registered customer, which gives a direct password-protected access to the usage data we have saved. This function allows the customer to view information such as the orders they have placed.
In order to register you as a customer, we collect the following information about you:
Protection of data
All personal data is protected against unauthorised access and accidental or unlawful destruction, alteration, disclosure, transfer or other unlawful processing.
Cutrin Oy stores its customer data in Finland. The servers, the technical security of the warehouse management system and the e-commerce system as well as the security of the processes are at a very high level. Passwords are carefully protected and we use two-factor authentication when possible. We update passwords regularly. Our servers are protected against data breaches and denial-of-service attacks.
When it comes to the processing of personal data and our technical solutions, we observe good data protection practices, such as consolidation, minimisation, pseudonymisation, anonymisation and encryption of data. The processing of personal data is subject the requirements of the General Data Protection Regulation of the EU, which entered into force on 25 May 2018.
All access to personal data is controlled in accordance with good practices.
Retention of data
We will only retain your personal data for the duration necessary to fulfil the purposes set out in this policy. In addition, some data may be retained for a longer period of time to the extent necessary to perform the obligations imposed by law, such as obligations related to accounting and consumer trade, and to demonstrate that these obligations have been duly fulfilled.
At the customer’s request, personal data concerning them may be anonymised or removed from Cutrin Oy’s systems. The removal and anonymization measures are irreversible and we cannot recover deleted customer accounts.
We are legally obliged to retain certain types of data for a longer period of time for example for the following purposes:
If we are unable to delete some data from our systems, we will always notify the customer and explain why the deletion is not possible.
Access to the register requires having the right to access Cutrin Oy’s internal network. The access right is limited to the data necessary for the performance of the employee’s duties and requires the use of personal user IDs. In case of disturbances, the data is backed up regularly.
Employees who process customer register data are bound by professional secrecy. Data is only disclosed to third parties because of a statutory reporting obligation, such as at the customer’s own request or at the legal request of an authority.
The contact details and customer relationship information kept in the register are obtained when the customer relationship is established and when the customer provides information to the controller during the customer relationship. A customer relationship is established when the customer registers to use the service.
Information on the customer’s creditworthiness at the time of placing an order is obtained from Suomen Asiakastieto Oy (Business ID: 0111027-9).
As a customer, you have the right:
In addition, if the processing is based on separate consent, you have the right to withdraw your consent at any time. Please note that this does not affect the lawfulness of the processing of data before the withdrawal of consent.
You can submit a request to exercise your rights by contacting our customer service team (firstname.lastname@example.org). The request must be sufficiently specific so that our customer service team can verify your identity. We will notify you if we are unable to fully comply with your request, for example if we are legally required or have a legal right to retain some data (such as credit information).
If you notice that your data has been processed in an inappropriate or unlawful manner, you have the right to lodge a complaint with the data protection authority.
You can request to receive the information stored in Cutrin Oy’s systems for yourself by contacting us via email at email@example.com.
You can find more detailed information about the personal data we collect and store under the section ‘Collection, processing and use of personal data’.
We may disclose some necessary information to third parties in order to ensure that your order reaches you and for marketing purposes. Your information is also disclosed to a creditor when a credit granting decision is needed.
Together with third parties, we also use customer data for analytics and personalisation purposes. Together with our partners, we use purchase behaviour and browsing data to better provide you with products and offers that may interest you. The data used for analytics and personalisation purposes is anonymised or pseudonymised whenever possible. Only we can connect the pseudonymised data with your name.
Where necessary, we can also disclose data to authorities. If it is permitted by law, we will always inform the customer of any requests for information.
The third-party tools we use and the data they collect:
Cutrin Oy ensures a high level of data security and protection when transferring and processing data in accordance with the General Data Protection Regulation of the EU. The tools we use to verify the level of the security of data processing by third parties are standard contractual clauses approved by the European Commission or another approved means in accordance with the General Data Protection Regulation.
The data used for analytics and personalised marketing is anonymized whenever possible. Otherwise, we treat the data as personal to the extent that the identifier contains customer-identifying information, such as the IP address. Identifiers that are in any way associated with the customer are also treated as personal data. The validity period of the identifiers used for analytics and personalised marketing purposes is 30s-24kk. . We use Google Analytics to obtain analytical information about areas such as the use of our website, popular products, trends and sales. The data is sent to Google in an anonymised format. Learn more about Google Analytics and the processing of data.
Other technologies we use for analytics and personalised marketing purposes, such as tracking pixels, help us better understand our customers’ behaviour and tell us which products our customers are interested in and which features and services our customers find the most useful. You can opt out of the identifiers used by our analytics and marketing partners by enabling your browser’s Do Not Track feature and setting your browser to reject third-party cookies. You can read about the Do Not Track feature in Chrome here and the same feature in Firefox here.
You can manage and delete cookies yourself in your browser settings. The below links provide instructions on how to delete cookies in different browsers:
List of cookies we use:
GROUP 1: Group 1 cookies collect information about how you use our website and help us improve the performance and user experience of the website.
sbjs_current | sbjs_current_add | sbjs_first | sbjs_first_add | sbjs_migrations | sbjs_session | sbjs_udata | wordpress_logged_in | wp-settings-16 | LOGIN_INFO | __cfduid
GROUP 2: Group 2 cookies store information about your shopping cart, including products, amounts and discounts and allow you to return to your shopping cart.
woocommerce_cart_hash | woocommerce_items_in_cart
GROUP 3: Group 3 cookies measure and enhance advertising.
1P_JAR | APISID | HSID | IDE | NID | PREF | SAPISID | SIDCC | SSID | __gads | _fbp | act | c_user | datr | dpr | fr | presence | sb | spin | wd
GROUP 4: Group 4 cookies keep track of video settings and views (YouTube & Vimeo).
APISID | HSID | SAPISID | SSID | VISITOR_INFO1_LIVE | YSC | __gads | player | vuid
GROUP 5: Group 5 cookies provide data for site analytics (how the user accesses the page, how long the session lasts etc).
PHPSESSID | __cfduid | _ga | DSID | LOGIN_INFO