Privacy Policy

This is the Privacy and Data Protection Policy for Hair Salon Pioni, in accordance with the EU General Data Protection Regulation (GDPR).

Drafted: May 7, 2026
Last updated: May 7, 2026

1. Data Controller

Hair Salon Pioni
Uudenmaankatu 12, 05800 Hyvinkää
Business ID: 1833411-3

2. Contact Person for Registry Matters

Aini Honkanen
aini.honkanen@gmail.com
+358 50 537 4547

3. Name of the Register

Hair Salon Pioni Customer Register.

4. Legal Basis and Purpose of Personal Data Processing

The legal basis for processing personal data is the performance of a contract (booking and service delivery) and the legitimate interest of the controller (maintenance of the customer relationship and marketing).

The data is used for:

  • Managing and confirming appointments.

  • Customer service and communication.

  • Maintaining, developing, and marketing customer relationships.

  • The website uses cookies for visitor analytics and targeted advertising.

5. Data Content of the Register

The following information provided during the booking process is stored in the register:

  • Name, phone number, and email address.

  • Booked services and service history.

  • Additional information provided by the customer (e.g., allergy notifications for hair services).

  • On the website (Webnode), IP addresses and essential cookies may be processed based on legitimate interest to ensure data security and monitor visitor statistics.

6. Regular Sources of Information

We receive information primarily from the customer during the booking process (Book Salon service), via telephone, email, or during a salon visit. If the customer uses Facebook or Google authentication for booking, we receive the basic information required for authentication from those services. Additionally, information about website usage is collected using cookies.

7. Regular Disclosure of Data and Data Transfer Outside the EU or EEA

Data is not sold or disclosed to third parties for purposes other than the salon's own use. The technical processing of data is managed by the booking system provider, Booksalon. We use analytics and marketing tools on the website (such as Google Analytics and Meta Pixel), whose providers may receive cookie data for analytics and marketing purposes.

Personal data is primarily processed within the EU/EEA. If service providers transfer data outside these areas, the transfer is conducted in accordance with data protection legislation (e.g., European Commission Standard Contractual Clauses).

8. Data Retention Period

We retain personal data for as long as necessary to manage the customer relationship or to comply with legal requirements (such as the Finnish Accounting Act).

9. Principles of Register Security

Care is taken in the processing of the register. Digital material is protected by usernames and passwords. Access to the data is restricted to individuals whose job description requires it (salon staff).

10. Right of Access and Right to Rectification

Every individual in the register has the right to check their own data and demand the correction of incorrect information. Requests must be sent in writing to the data controller.

11. Other Rights Related to the Processing of Personal Data

The data subject has the right to request the erasure of their data ("the right to be forgotten"), provided there is no legal obligation to retain the data (such as the Finnish Accounting Act). Requests should be addressed in writing to the contact person mentioned in Section 2.