Privacy Policy

1. Introduction

This Privacy Policy explains how La Pirouette / Piruetti Oy (“Piruetti”, “LaPirouette.com”, “we”, “our”, or “us”) processes personal data of customers using our online store and related services. By using our services, customers acknowledge and accept the terms of this Privacy Policy.

We collect personal data provided by the user as well as data generated from the use of our online services. We use this information to:

  • provide a secure and easy-to-use service
  • deliver a high-quality customer experience
  • offer product recommendations and develop our marketing
  • continuously improve our customer service and online store

2. Data Controller

The data controller for the processing of personal data is:

Piruetti Oy (Business ID: 2328597-7)
Itsenäisyydenkatu 17
33500 Tampere, Finland

For questions regarding privacy and data protection, please contact: shop@lapirouette.com

3. Personal Data We Collect

We may process the following categories of personal data:

Data provided directly by the user:

  • identification data (e.g. name)
  • contact details (e.g. address, email address, phone number)
  • order and payment information (in accordance with accounting legislation)

Data observed or derived from service usage:

  • purchase history (products ordered, pricing information)
  • delivery information (delivery method and address)
  • site usage and browsing data, device identifiers and analytics data

Providing identification, contact and payment information is required when purchasing from our online store.

The primary source of data is the customer. We may also receive information from trusted partners (e.g. payment or credit service providers). When required under GDPR, we will inform the customer of personal data obtained from third parties within the required timeframe.

4. Purposes and Legal Basis of Processing

Personal data is processed for the following purposes:

  • managing customer relationships
  • fulfilling and delivering orders, processing and archiving
  • improving our services and operations
  • enhancing customer experience
  • analytics and statistical purposes
  • personalized content, recommendations and marketing (e.g. newsletter)
  • fraud prevention and misuse detection
  • providing better customer service

Personal data is processed on the following legal bases under GDPR:

  • performance of a contract (online purchases and customer relationship)
  • compliance with legal obligations (e.g. accounting and consumer law)
  • consent (e.g. newsletter and direct marketing)
  • legitimate interest (analytics, service improvement, customer communications)

5. Data Storage and Security

All personal data is protected against unauthorized access, accidental or unlawful destruction, alteration, disclosure or other unlawful processing.

Customer data is stored in Finland. Data centers, systems and operational processes follow high security standards.

We implement appropriate technical and organizational measures to comply with the EU General Data Protection Regulation (GDPR). Access to personal data is logged and monitored in accordance with best practices.

6. Access to Personal Data

Personal data can only be accessed by authorized employees of Piruetti Oy who require such access to perform their work tasks. Employees are instructed to handle personal data responsibly, securely and ethically.

We may share personal data with trusted contractual partners when necessary to provide services.

The data controller is:
Piruetti Oy (Business ID: 2328597-7)
Itsenäisyydenkatu 17
33500 Tampere, Finland

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy. Certain data may be retained longer to comply with legal obligations (e.g. accounting and consumer law) or to establish, exercise or defend legal claims.

Upon request, personal data may be deleted or anonymized unless we are legally required to retain the data.

Examples of longer retention requirements include:

  • statutory accounting obligations
  • consumer law responsibilities
  • system log data required for security and compliance
  • backups required for operational continuity and data integrity

8. Data Subject Rights

Under GDPR, customers have the right to:

  • access their personal data and obtain a copy
  • request correction or deletion of their data (subject to legal exceptions)
  • object to or restrict processing
  • withdraw consent when processing is based on consent
  • lodge a complaint with a supervisory authority

Requests must be sufficiently detailed to allow us to verify the customer’s identity and process the request. We will inform the customer if certain data cannot be deleted due to legal retention requirements.

9. Accessing Stored Data

Customers may request a copy of their personal data stored in Piruetti Oy’s systems by contacting: [email protected]

10. Controlling Marketing and Communications

Customers may manage their marketing preferences at any time, including opting in or out of newsletters and personalized communications.

Customers may also close their account and request deletion of their personal data by contacting: [email protected]
Some data may be retained due to legal obligations.

11. Disclosure of Personal Data to Third Parties

We may disclose necessary personal data to third parties for delivery, payment processing, analytics, personalization and marketing purposes.

Data may be shared with:

  • analytics and statistics providers
  • personalization and recommendation partners
  • email marketing partners (if consented)
  • SMS service providers (if consented)
  • shipping and logistics companies
  • payment service providers
  • credit service providers (for invoice or installment payments)
  • invoicing partners
  • direct suppliers (for dropship orders)
  • customs authorities (when required)
  • collection agencies (in case of overdue payments)

Where possible, analytics and marketing data is anonymized or pseudonymized. We only maintain the ability to re-identify pseudonymized data.

Data may be disclosed to authorities where required by law. Where legally permitted, we will inform the customer of such disclosures.

12. Cookies and Similar Technologies

LaPirouette.com uses cookies and similar technologies (such as local storage) for operational functionality, personalization, analytics and targeted marketing.

Functional cookies are required for key features such as authentication, cart functionality, estimated delivery times and checkout. These cookies may persist between 15 minutes and 24 months unless cleared manually.

Analytics and marketing cookies are anonymized whenever possible. In cases where identifiers relate to a person (e.g. IP address), the data is treated as personal data under GDPR.

We use Google Analytics to analyze site usage, product trends and sales performance. Data sent to Google is anonymized where possible.

Users can adjust cookie settings via browser controls (e.g. blocking third-party cookies or enabling Do Not Track).

13. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy due to service improvements or changes in legislation. Significant changes will be communicated to registered customers.

14. Contact

For questions regarding privacy or data protection, please contact: [email protected]