Privacy policy

Crimppi Group Privacy Policy

Cri-Group Oy and its affiliates (hereinafter referred to as the “Crimppi Group”, “we”, “us”, or “our”), place the highest priority on protecting the integrity of our data, whether about you, your company, your transactions, your products or your service. We collect and process your personal data always in accordance with all applicable laws and regulations.

Crimppi Group’s headquarters

Crimppi Oy (2275552-7)
Liikekuja 7, 65380 Vaasa, Finland
Phone: +358 10 837 5000
Website: https://www.crimppi.com

Last updated: 17.3.2026

1. Data controller

Crimppi Oy (Business ID 2275552-7) acts as the data controller for the personal data described in this privacy policy.

Crimppi Oy
Liikekuja 7, 65380 Vaasa, Finland
Phone: +358 10 837 5000

If you wish to ask us about Crimppi Group Privacy Policy, please contact:

data.protection@crimppi.com

2. Categories of personal data

Crimppi Group may process the following categories of personal data:

A. Customer and business contact data

  • First name and last name
  • Email address
  • Phone number
  • Employer / company name
  • Job title
  • Information provided in contact forms or communications
  • Date and time of submission (logged)

B. Recruitment data

  • Name
  • Email address
  • Phone number
  • Application letter
  • Curriculum Vitae (CV)
  • Education and work history
  • Skills and qualifications
  • References (if provided)
  • Any other information voluntarily provided
  • Date and time of submission (logged)

C. Website usage data

  • IP address
  • Browser and device information
  • Pages visited
  • Traffic source (e.g., advertising platforms)

Website traffic may originate from platforms such as, but not restricted to:

  • Meta
  • LinkedIn

We analyze advertising performance using aggregated statistical reporting tools provided by these platforms. The data available to us does not allow direct identification of individual users.

3. Purpose of processing and legal basis

Personal data is processed for the following purposes:

Customer relationship management

  • Offering products and services
  • Selling and delivering services
  • Invoicing and financial administration
  • Handling support requests
  • Managing reclamations
  • Business development and marketing

Legal basis:

  • Performance of a contract
  • Steps prior to entering into a contract
  • Legitimate interest

Recruitment

  • Managing recruitment processes
  • Evaluating candidates
  • Making hiring decisions
  • Fulfilling legal obligations related to employment

Legal basis:

  • Legitimate interest
  • Steps prior to entering into an employment contract
  • Legal obligations

Website analytics and marketing

  • Measuring advertising effectiveness
  • Improving website performance
  • Developing marketing activities

Legal basis:

  • Consent (where required for cookies or tracking technologies)
  • Legitimate interest

4. Regular sources of data

Your personal data is primarily collected from you at the time of contact inquiry or subscription.

Where applicable and legally permitted, data may also be obtained:

  • From referees named by the applicant
  • From publicly available professional sources
  • From business communications related to customer relationships

5. Disclosure of personal data

Personal data may be disclosed to:

  • IT service providers
  • Website development and maintenance partners
  • Marketing agencies
  • External CRM system providers
  • Internal personnel within Crimppi Group for marketing, recruitment and business purposes

All third parties process personal data under appropriate contractual arrangements and in accordance with applicable data protection legislation.

Personal data may also be disclosed to competent authorities where required by applicable law.

Crimppi Gorup does not sell personal data.

6. International data transfers

Personal data is not intentionally transferred outside the EU/EEA.

If certain technical service providers process data outside the EU/EEA, such processing will be carried out in compliance with the GDPR and subject to appropriate safeguards.

7. Data security and registry protection

Personal data is stored in systems protected by appropriate technical and organizational security measures.

  • Access to systems is restricted to authorized personnel only.
  • Systems are protected by firewalls and access control mechanisms.
  • Access requires personal authentication (username and password).
  • Personnel are bound by confidentiality obligations.
  • Physical access to servers and infrastructure is restricted.

These measures are designed to prevent unauthorized access, alteration, disclosure, or destruction of personal data.

8. Data storing

Personal data is retained as follows:

  • Contact form and customer data: retained as long as necessary for marketing and business purposes and for the duration of the customer relationship.
  • Financial and invoicing data: retained as required by applicable accounting legislation.
  • Recruitment data: retained for the duration of the recruitment process and for a reasonable period thereafter.
  • Cookie-related data: retained in accordance with applicable legislation and cookie management settings.

At minimum, data is retained for the period required by law. Please refer to section 9 for information about cookie data storing.

9. Cookies

Our website uses cookies.

A cookie banner is displayed when users visit the website, allowing them to provide or manage their consent.

Refer to Crimppi Group Cooki Policy more specificially here.

What is a cookie? 

A cookie is a small text file that is stored on your device when you visit a website. Cookies help websites function properly, remember your preferences, and provide insights into how the site is used. Some cookies are essential for the operation of the website, while others support analytics, personalisation, or marketing. 

Categories of cookies we use

On Crimppi Group website, cookies are grouped into the following categories: 

  • Essential cookies – required for the basic functioning of the site (e.g. saving cookie preferences, language selection, testing browser support). 
  • Functional cookies – improve usability and allow us to remember your settings. 
  • Analytics cookies – help us understand how visitors interact with the website and improve its performance. 
  • Marketing & social media cookies – help us measure the effectiveness of our advertising (e.g. Meta Pixel) and allow us to make content as personalized as possible, for example, allowing us to target ads and content based on your previous online behavior. 

List of cookies used on our website

Cookie Category Purpose Retention (TTL) Third party 
_ga Analytics Google Analytics: identifies users for statistics. 2 years Google 
_gat_* Analytics Google Analytics: controls request rate. 1 minute Google 
_gcl_au Analytics Google Ads: tracks user interactions. Persistent Google 
_gid Analytics Google Analytics: distinguishes users. 24 hours Google 
Clarity cookies Analytics Microsoft Clarity: records user interactions such as clicks, scrolls, and mouse movements. Persistent Microsoft 
Google Search Console cookies Analytics Monitor and optimise search presence. Persistent Google 
Google Tag Manager cookies Marketing Manage tags and tracking on the site. Persistent Google 
Meta Pixel cookies Marketing Track website activity to improve advertising on Facebook and Instagram. Persistent Meta 
moove_gdpr_popup Essential Stores the user’s cookie consent preferences. Session – 
pll_language Functional Stores the visitor’s chosen language. Persistent – 
reCAPTCHA cookies Essential Protects the site from spam and abuse. Persistent Google 
wordpress_test_cookie Essential Tests whether the browser accepts cookies. Session – 
YouTube cookies Marketing Improve video experience, recommend related videos, remember playback preferences. Persistent Google/YouTube 

How long are cookies stored? 

The retention period varies depending on the cookie. Session cookies are deleted automatically when you close your browser. Persistent cookies remain on your device until they expire or are deleted manually. The typical duration of persistent cookies ranges from two months to several years, depending on the provider (e.g. Google, Meta, Microsoft, YouTube).  

How can you manage cookie settings? 

When you visit our website, you are presented with a cookie banner that allows you to give or decline consent for non-essential cookies. You can change your consent at any time by reopening the cookie settings via the banner or the “Change cookie settings” link at the bottom of the page. 

You can also delete existing cookies or block them through your browser settings. Please note that blocking some types of cookies may affect the functionality of the site.

10. Data security and registry protection

Personal data is stored in systems protected by appropriate technical and organizational security measures.

  • Access to systems is restricted to authorized personnel only.
  • Systems are protected by firewalls and access control mechanisms.
  • Access requires personal authentication (username and password).
  • Personnel are bound by confidentiality obligations.
  • Physical access to servers and infrastructure is restricted.

These measures are designed to prevent unauthorized access, alteration, disclosure, or destruction of personal data.

11. Your rights

Under the General Data Protection Regulation (GDPR), the data subject has the right to:

  • Access their personal data
  • Request rectification of inaccurate data
  • Request erasure of personal data
  • Restrict processing
  • Object to processing
  • Withdraw consent (where applicable)
  • Request data portability
  • Lodge a complaint with a supervisory authority

In Finland, the competent supervisory authority is the Office of the Data Protection Ombudsman.

Requests concerning personal data may be submitted using the contact details provided above.

12. Changes to this privacy policy

Crimppi Group reserves the right to update this Privacy Policy. The latest version will always be available on our website.