Privacy Policy
Privacy Policy
Last updated: 2.6.2025
General
The controller of the personal data processed is:
Heron Beauty Labs Ltd
3422068-5
Aleksanterinkatu 50 A 1
90120 Oulu
The main purpose of the register is to act as a customer and marketing register for the online store on the website www.daysbydahlia.com .
The operation of the online store and the provision of a functional service require that we collect and process some information about you. However, we value your privacy and are committed to protecting it. This privacy policy includes what personal data we collect, the principles on which we process it, and the rights and opportunities you have to exercise influence regarding your information.
We process your personal data in accordance with this privacy policy and applicable law, so we ask you to read this privacy policy carefully.
We may update this Privacy Policy from time to time, for example to reflect changes in our operations or practices, as well as for other operational, legal or regulatory reasons. Therefore, we ask you to visit this page from time to time and check for any updates to this Privacy Policy, the date of the last update can be found under the main heading of this site.
By using our services, website or contacting us, you agree that we process your personal data in accordance with this Privacy Policy.
For what purpose is my personal data collected and processed?
We collect, store and process personal data about you only for predefined purposes. The main purposes of use are:
· based on the production of the contract, order processing, delivery, archiving and accounting.
· to fulfill our contractual obligations
· to fulfill legal obligations and claims
· Maintaining customer relationships and responding to contact requests
· business development
· targeting services and marketing
What personal data is collected and stored about me?
The types of personal information we collect depend on how you interact with our website, online store or services. When we use the term “Personal Information”, we mean information that identifies, relates to, describes or can be associated with you.
1. Information provided by the user himself/herself
· Contact information: Such as your name, address, phone number, and email address.
· Order information: Such as your name, billing address, shipping address, payment confirmation, email address, and phone number.
· Account information: Such as your username, password, security questions, and other account security-related information.
· Customer Support Information: Such as information you choose to include in communications with our people.
· Location information: For service localization (Currencies, Delivery methods)
· Product reviews
· Marketing communications permissions
2. Information observed from the use of the services
· Shipping information: Such as shipping address and selected payment method
· Purchase history: Such as ordered products, returns, and payments
· Online store browsing and usage data
· Terminal device identification information
· Ecommerce session events
3. Data inferred through analytics
· Browsing and product recommendations based on purchase data
· Customer groupings and interests inferred from purchase data
4. Information collected from third parties
· Companies supporting the Site and Service: Like your example Shopify
· Payment processors: Our payment processors who collect payment information to process your payment, fulfill orders and provide you with the products or services you have requested, and to fulfill our contracts with you.
On what basis is personal data processed?
We ensure that we always have a legal basis for processing your personal data. We may process your personal data on a number of different grounds. We process your data to perform a contract and comply with legal obligations. We also process your personal data on the basis of our legitimate interests, which is to provide our services and operate and develop our business. We may also process some personal data on the basis of your consent.
Who processes my data and will it be disclosed to third parties?
As a rule, your personal data is processed by our company's personnel in the performance of their duties. We may also outsource some of the processing of personal data, such as the information systems used to store and process personal data. In such cases, we will ensure, among other things, through agreements, that the confidentiality of your data is maintained and that the data is also otherwise processed in accordance with the law. We may also disclose data in other ways to fulfill contractual obligations or when required by law or a competent authority. We may also disclose your data if we are involved in a corporate or business transaction.
Some necessary information is shared with third parties to enable payment transactions, delivery or marketing messages. For example, to enable deliveries, your address and contact information is shared with logistics providers and, in connection with a payment transaction, your payment information is passed on through a trusted payment processor.
As the website and online store are set up on the Shopify online store platform, you can read about how Shopify uses your information here ( https://www.shopify.com/legal/privacy ).
Will my data be transferred outside the EU?
Your personal data may be transferred outside the EU or EEA subject to appropriate safeguards in accordance with the European Union General Data Protection Regulation (2016/679). These safeguards include contracts based on the EU Commission's Standard Contractual Clauses, which can be found here ( https://eur-lex.europa.eu/legal-content/FI/TXT/HTML/?uri=CELEX:32010D0087&from=FI )
How long will my personal data be stored?
We will not retain your personal data for longer than is necessary for its intended purpose or as required by contract or law. However, the retention periods for personal data may vary depending on the purpose and situation. We will also endeavour to update your information from time to time.
How is my information stored and protected?
Your information is stored on our service provider's servers, which are protected in accordance with general industry practices. The personal information we collect and process is kept confidential and is not disclosed to anyone other than those who need it for their work or to our customers on a confidential and limited basis based on service agreements. Access to your personal information is protected by user-specific IDs, passwords and access rights.
Mandatory provision of information and consequences of failure to provide it?
If you do not provide personal data or allow us to process it, we are unlikely to be able to serve you and fulfill the purpose of our operations. Therefore, if you do not want us to process your data in accordance with this Privacy Policy, we ask that you do not provide us with any data.
Cookies?
Like many websites, we use cookies on our site to provide a better user experience for our visitors. We use cookies to improve our site and services, as well as to perform analytics and understand how users interact with our services. For more specific and detailed information about the cookies we use to operate the Shopify platform, please see here ( https://www.shopify.com/legal/cookies ).
We may also allow third parties and service providers to use cookies on our site to tailor services, products and advertising to better suit our site. We may utilize analytics tools provided by third parties and service providers on our site to improve our site, analyze website usage, and target and optimize marketing.
The website user can consent to or refuse the use of cookies through the settings of their web browser. Most web browsers automatically allow cookies. Please note that deleting or blocking cookies may negatively affect your user experience and may cause some services, including certain features and general functionality, to not function or be available.
What rights and influence do I have?
· Withdrawal of consent: If we process your information based on your consent, you can withdraw your consent at any time by notifying us.
· Access to information: You have the right to obtain from us confirmation as to whether we are processing personal data concerning you and to be informed of what personal data concerning you we are processing. You also have the right to obtain additional information on the grounds for processing your personal data.
· Right to have errors corrected: You have the right to request that we correct incorrect, outdated or otherwise incomplete personal data concerning you.
· Right to object to direct marketing : You may object to the processing of your personal data for direct marketing purposes by notifying us.
· Right to object to processing : If we process your personal data on the basis of public interest or our legitimate interests, you have the right to object to the processing of your personal data unless there are compelling reasons for the processing that override your rights or the processing is necessary for the exercise of legal claims. Please note that in this situation we will probably no longer be able to serve you.
· Right to restrict processing : In certain situations, you have the right to request that we restrict the processing of your personal data.
· Right to data portability : If we have processed your data based on your consent or to fulfill a contract, you have the right to receive the data you have provided to us electronically in a commonly used format so that the data can be transferred to another service provider.
How do I exercise my rights or influence?
You can exercise your rights described above by contacting us, for example by email. We ask you to include your name, address and telephone number, as well as a copy of your passport, driving license or other ID document in your message so that we can verify your identity. If you believe that the processing of your personal data is unlawful, you can also file a complaint with the competent supervisory authority.
Contact
If you have any questions about our privacy practices or this Privacy Statement, or if you would like to exercise any of your rights, please email us at
contactus@daysbydahlia.com
