Privacy Policy and Register Description | Meadow Cosmetics

This privacy statement concerns the customer and marketing activities of Meadow Cosmetics Ltd. The statement explains how Meadow Cosmetics Ltd processes its customers' personal data in customer relationship and marketing activities.

Meadow Cosmetics Ltd is committed to complying with the data protection and personal legislation in force in Finland, including the EU General Data Protection Regulation (GDPR) and other laws and regulations applicable to its operations that govern the processing of personal data, as well as processing personal data in accordance with good data management and processing practices. The staff of Meadow Cosmetics Ltd is obliged to keep all personal data strictly confidential.

DATA CONTROLLER

Meadow Cosmetics Ltd, business ID 3591936-7, Pihlajatie 39 00270 Helsinki.

CONTACT PERSON FOR MATTERS RELATED TO THE PERSONAL DATA REGISTER

The contact person for the data controller regarding data protection matters is Severi Salonen. He can be contacted regarding matters related to the register via email: moi@meadow.fi

NAME OF THE REGISTER

Meadow Cosmetics Ltd's marketing and customer register.

CONTENT OF THE REGISTER

The following information can be stored in the register and processed with its help. Not all of the information mentioned below may be available for every user.

  • The data subject's name, address, phone number, email, customer information, payment information, company and its billing information, and any other information the customer may have provided.
  • Changes to the aforementioned information
  • Additionally, the register may contain other notes related to the data subject and their potential customer relationship, as well as other information necessary for the proper management of the customer relationship. Such information may include, for example, details of the data subject's contact requests or newsletter subscriptions.

PURPOSE AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

The data controller aims to serve its customers and marketing activities in the best possible way and to provide data subjects with content that interests them. Personal data is used by Meadow Cosmetics Ltd:

  • For targeting customer communications and marketing activities
  • For managing, maintaining, and developing customer relationships
  • For the provision of services and the management of service deliveries

Personal data is processed based on the consent given by the data subject, the legitimate interests of the data controller, or for the preparation or execution of a contract in which the data subject is a party.

DATA SOURCES

The personal data in this register is always obtained directly from the data subject themselves.

RETENTION PERIOD OF PERSONAL DATA

Data collected in the register is retained only as long and to the extent necessary and legally permitted in relation to the original or compatible purposes for which the personal data was collected. We will retain personal data based on the nature of the customer relationship as follows:

Data of regular customers is generally retained for three (3) years from the last active event between the data subject and the Data Controller.

Data of loyal customers and recurring subscribers may be retained for up to five (5) years from the last active event, as our cosmetic products may have a longer purchase cycle.

Data is deleted when the previously defined retention period has expired. Personal data may be used after the termination of the customer relationship if required by applicable legislation, such as for information required by accounting law (6 years). Additionally, the Data Controller will take all reasonable measures to ensure that inaccurate, incorrect, or outdated personal data is rectified or deleted without delay in relation to the purposes of processing.

PRINCIPLES OF REGISTER PROTECTION

The confidentiality of customer personal data is important to the Data Controller. The Data Controller has implemented appropriate technical and organizational measures to protect personal data from accidental or unlawful loss, disclosure, misuse, alteration, destruction, or unauthorized access.

The use of the register is guided within the organization of the data controller, and access to the personal register is restricted by access rights so that only those employees who have the right to access the information stored in the system due to their job responsibilities and who need the information for their tasks can do so.

The information systems used for processing personal data are sufficiently protected technically, and access to them is secured by appropriate methods including personal user IDs and passwords. Special attention is paid to the security of backup data and the destruction of materials containing personal data.

DATA DISCLOSURE

The processing and storage of personal data is partially outsourced to external service providers. The data controller ensures that such outsourcing is carried out in accordance with applicable data protection and personal legislation and that external service providers do not use the information in this personal data register for their own purposes.

Personal data will not be disclosed outside the Data Controller or its data storage service providers in a manner that would make the data identifiable to an individual user except in the following exceptional situations: as required by law or governmental order, by court order, or if otherwise necessary to prevent or investigate suspected violations of the law, terms of use of online services, or good practices, or to protect the rights of the data controller or third parties.

TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION / EUROPEAN ECONOMIC AREA

The data controller may transfer personal data outside the EU and EEA for the technical implementation of data processing when using external service providers for data storage based on a cooperation agreement between the parties. These transfers are carried out securely in accordance with data protection legislation and within the limits it sets.

In international data transfers, we use appropriate protective measures, such as standard contractual clauses approved by the European Commission or other transfer mechanisms in accordance with GDPR. All transfers of personal data are carried out in compliance with high-level data security practices, such as data encryption during both transfer and storage. We also ensure that service providers processing the data adhere to internationally recognized data security standards.

RIGHTS OF THE REGISTERED PERSON

The registered person has the right to check the information concerning them in the register and to request the correction of any potentially incorrect, incomplete, or outdated information. A request for inspection can be made free of charge once a year. Inspection and correction requests should be addressed to the contact person of the personal register, whose contact details can be found at the beginning of this report, either by visiting them in person or by sending a signed letter or a similarly verified document to ensure the requestor's right to the request. Responses to inspection requests will be provided within a month of the request being made.

The registrant has the right to withdraw their previously given consent for data processing at any time or to file a complaint with the supervisory authority regarding matters related to the processing of their personal data. The registrant also has the right to request the deletion of their personal data from the register, provided that it is no longer needed for the purposes for which it was collected or otherwise processed, or that there are no legal obligations regarding the processing or retention of the data applicable to the Data Controller. The registrant also has the right to request the restriction of the processing of their personal data or to object to the processing of their personal data.

COLLECTION AND USE OF PERSONAL DATA

Meadow Cosmetics Ltd collects personal data, such as phone numbers, to provide and improve our services. We use the data for, among other things:

  • To communicate regarding orders or inquiries
  • To send marketing messages, such as SMS notifications, with your consent
  • To send reminders for abandoned carts and suggest completing purchases

Your information is processed securely and used only for the purposes mentioned in this privacy policy.

SMS MARKETING PROGRAM TERMS

Program description and data processing

We collect your phone number when you create an account, check out, or join our SMS marketing program. These numbers are used for:

  • To send updates, offers, and reminders via SMS messages
  • To provide a more personalized shopping experience

We do not share SMS opt-in information with third parties except through service providers necessary for sending messages.

Abandoned cart reminders

The Meadow.fi website uses cookies and plugins to track the products you add to your cart. This information helps us identify when your cart has been abandoned and send you timely reminder messages to complete your purchase.

Location data and location-based services

If location-based services are in use, we may collect device location data to provide location-based services or personalized content. Location data is collected:

  • When you use features that require location data (e.g., store locator)
  • To enhance the shopping experience and deliver relevant offers

All location data is processed securely and used only in the manner described here.

COOKIES AND TRACKING TECHNOLOGIES

The Meadow.fi website uses various cookies and tracking technologies. Here is a detailed breakdown of the types of cookies we use:

Essential cookies

These cookies are essential for the operation of the site and enable, among other things, the use of the shopping cart, logging in, and payment processing. These cookies cannot be disabled, as the online store would not function without them.

Functional cookies

Functional cookies allow for the personalization of the website experience. They remember your choices (such as language and region selections) and provide more personalized features. These cookies collect information anonymously and do not track your movements on other websites.

Analytics cookies

We use analytics cookies (such as Google Analytics) to collect information about how visitors use our online store. These cookies collect information about, among other things, which pages visitors visit most often and what error messages they may receive. The collected data is anonymous and individual visitors cannot be identified.

Marketing cookies

Marketing cookies help us provide you with targeted advertising based on your interests. Their purpose is to show ads that are relevant and interesting to individual users, and thus more valuable to publishers and third-party advertisers.

You can manage cookie settings in your browser settings. Most browsers allow you to disable cookies or accept only certain cookies. However, please note that some functions of the online store may not work properly if you disable cookies.

AUTOMATED DECISION-MAKING AND PROFILING

Meadow Cosmetics Oy may use customer data for automated decision-making and profiling to enhance the service experience. This means we can:

  • Analyze your purchase history to provide you with personalized product recommendations
  • Target marketing messages based on your interests and previous purchasing behavior
  • Send automatic reminders for abandoned shopping carts

Automated decision-making never concerns legally significant decisions, nor is it intended to cause you harmful effects. You always have the right to request that a natural person participates in a decision based on your data, as well as to express your opinion and, if necessary, contest an automatically made decision.

UPDATES TO THE PRIVACY POLICY

This privacy policy was last updated on 16.04.2026.

Meadow Cosmetics Oy monitors changes in data protection legislation and aims to continuously develop its business, therefore reserving the right to update this privacy policy.