Privacy policy
This is a register and privacy statement in accordance with the EU General Data Protection Regulation (GDPR).
Name of the Register
Beauty and the Best Oy’s Customer Data Register
Controller
Beauty and the Best Oy, Business ID: 3236554-9
Person Responsible for Register Matters
Tom Schevelin-Repnau, yrittäjä
Purpose of the Register
The purpose of the register is to serve as Beauty and the Best Oy’s customer data register.
Data may be used for the following purposes
- Management of customer relationships
Regular Sources of Information
The main source of information is the customer themselves. Information may also be obtained from public authorities, business information registers, and joint partners.
Contents of the Register
The register mainly contains information provided by customers themselves to Beauty and the Best Oy.
The register may include, among others, the following customer information:
- Name of the person
- Email address
- Any other information provided by the user
Regular Disclosure of Data
With the customer’s consent, data may be disclosed to Beauty and the Best Oy’s joint partners for the delivery of products and services ordered by the customer.
Billing-related information may be disclosed to payment transaction intermediaries.
Data is not disclosed to other third parties within or outside the EU.
Data may be disclosed to authorities if they make a request based on Finnish law.
Principles of Register Protection
Manual Material
Data is not stored in physical form except for accounting records, which are accessible only to designated Beauty and the Best Oy employees and the accountant, all of whom are bound by confidentiality obligations.
Data Stored in Information Systems
Data is transferred over an SSL-secured connection.
Electronic data is protected by a firewall. Only specifically designated Beauty and the Best Oy employees have access to the register data. Employees are identified with a username and password. Data is treated as confidential and may not be disclosed to anyone other than those who need it for their work, who are bound by confidentiality obligations.
Right of Access and Prohibition
The data subject has the right to check what information concerning them has been stored in the personal data register. A written request for access must be sent, signed, to the person responsible for register matters.
The right of access is free of charge no more than once a year.
Retention Period of Data
We retain personal data only for as long as necessary depending on the type of personal data and its processing purpose. We store form submissions for a maximum of 6 months, after which they are automatically deleted from the site’s database.
Cookies
This website uses cookies. Cookies are small text files generated by our web service and, with your browser’s consent, stored in your browser device’s memory. Cookies allow us to analyze the service requests your browser makes to our web service, identify choices and settings you make while using the site, and provide personalized services based on them.
Through your browser’s settings, you can refuse or delete cookies. However, this will affect our ability to provide personalized, high-quality online services.