Privacy Policy

Salon Chic ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data in accordance with the EU General Data Protection Regulation (GDPR).

1. Data Controller

The data controller responsible for your personal data is:

Salon Chic

Heikkiläntie 2, 00210, Helsinki, FI

Email: [email protected] Phone: +358456479492

2. What Data We Collect

We may collect the following categories of personal data:

• Contact information — name, email address, phone number
• Booking data — appointment dates, service preferences, booking history
• Communication data — messages and feedback you send us
• Technical data — IP address, browser type, device information, cookies
• Usage data — pages visited, time spent on site, referral source

3. How We Use Your Data

We process your personal data for the following purposes:

• Service delivery — to manage bookings, provide our services, and communicate with you
• Customer relationship — to respond to inquiries, send appointment reminders, and provide customer support
• Website operation — to maintain and improve our website functionality
• Analytics — to understand how our website is used and improve user experience
• Marketing — to send promotional communications, where you have given consent
• Legal compliance — to comply with applicable laws and regulations

4. Legal Basis for Processing

We process your data based on the following legal grounds:

• Contract performance (Art. 6(1)(b) GDPR) — processing necessary to fulfill our service agreement with you
• Legitimate interest (Art. 6(1)(f) GDPR) — processing necessary for our legitimate business interests, such as improving our services and ensuring website security
• Consent (Art. 6(1)(a) GDPR) — where you have given explicit consent, such as for marketing communications or optional cookies
• Legal obligation (Art. 6(1)(c) GDPR) — processing necessary to comply with legal requirements

5. Data Sharing and Third-Party Recipients

We do not sell your personal data. We may share your data with the following categories of recipients:

• Hosting and infrastructure providers — cloud services that host our website and store data
• Analytics providers — services such as Google Analytics that help us understand website usage
• Marketing tools — advertising platforms such as Facebook Pixel and Google Ads, when enabled
• Payment processors — secure payment services for processing transactions
• Communication tools — email and messaging services used for appointment reminders and customer support
• Legal authorities — when required by law or to protect our legal rights

All third-party service providers are bound by data processing agreements and are required to process your data only for the specified purposes and in accordance with applicable law.

6. International Data Transfers

Some of our third-party service providers may process your data outside the European Economic Area (EEA). When this occurs, we ensure that appropriate safeguards are in place, including:

• EU Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by the European Commission for the receiving country
• Other appropriate safeguards as permitted under Chapter V of the GDPR

7. Cookies

Our website uses cookies to enhance your browsing experience. You can manage your cookie preferences through the cookie settings on our website. For more details, please refer to the cookie consent dialog.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law:

• Booking records — retained for the duration required by applicable accounting and tax regulations
• Marketing consent records — retained as long as the consent remains valid
• Analytics data — retained in anonymized or pseudonymized form as configured in our analytics tools
• Communication records — retained for a reasonable period to manage customer relationships

When data is no longer needed, it is securely deleted or anonymized.

9. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

10. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• Right to be informed — to know how your data is collected and used (this policy)
• Right of access — to request a copy of the personal data we hold about you
• Right to rectification — to request correction of inaccurate or incomplete personal data
• Right to erasure — to request deletion of your personal data ("right to be forgotten"). Please note that for data already transmitted to third-party advertising platforms (such as Meta/Facebook or Google), you may also need to contact those providers directly to request deletion from their systems. You can manage your Meta ad data at facebook.com/adpreferences and your Google ad data at adssettings.google.com
• Right to restrict processing — to request limitation of how we process your personal data
• Right to data portability — to receive your personal data in a structured, commonly used, machine-readable format
• Right to object — to object to processing of your personal data, including for direct marketing
• Rights related to automated decision-making — to not be subject to decisions based solely on automated processing
• Right to withdraw consent — to withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at [email protected].

We will respond to your request within one month, as required by the GDPR. In exceptional cases, this period may be extended by two additional months.

11. Right to Lodge a Complaint

If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures are regularly reviewed and updated.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Salon Chic Email: [email protected] Phone: +358456479492

---

Last updated: May 2026