Privacy Policy

Last updated: February 2026

Perfectly Beach (“we”, “us”, or “our”) operates the website perfectlybeach.com. This Privacy Policy explains how we collect, use, and protect your personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Finnish Data Protection Act.

Data Controller

Perfectly Beach
Country: Finland
Email: [email protected]

What Data We Collect

Information you provide directly:

  • Contact forms: Name and email address when you contact us
  • Comments: Name, email address and comment content if you leave a comment on our blog
  • Email subscriptions: Email address if you subscribe to our newsletter

Information collected automatically:

  • Analytics data: Pages visited, time on site, referring website, browser type, device type, and approximate geographic location (country/city level)
  • Cookies: Small text files stored on your device (see Cookie Policy section below)
  • Server logs: IP address, browser type, and access times

Legal Basis for Processing (GDPR Article 6)

We process your personal data based on the following legal grounds:

  • Consent (Art. 6(1)(a)): When you subscribe to our newsletter, leave a comment, or accept non-essential cookies
  • Legitimate interest (Art. 6(1)(f)): For website analytics, security, and improving our content and services
  • Legal obligation (Art. 6(1)(c)): When required by law to retain certain records

How We Use Your Data

  • To respond to your enquiries via contact forms
  • To send you newsletter content you have subscribed to
  • To display comments you have posted on our blog
  • To analyse website traffic and improve our content
  • To ensure the security and proper functioning of our website
  • To comply with legal obligations

Cookie Policy

Essential Cookies

These are necessary for the website to function and cannot be switched off. They include cookies for security, load balancing, and user preferences.

Analytics Cookies

We use Google Analytics 4 to understand how visitors use our website. Google Analytics uses cookies to collect anonymous data about page views, session duration and traffic sources. This data helps us improve our content and user experience.

  • Provider: Google LLC
  • Purpose: Website analytics
  • Data transfer: Data may be transferred to the United States. Google participates in the EU-US Data Privacy Framework.
  • Retention: 14 months
  • Opt-out: You can install the Google Analytics Opt-out Browser Add-on

Affiliate Cookies

When you click on affiliate links on our site, our affiliate partners (such as Awin, CJ Affiliate, and Amazon) may place cookies on your device to track the referral. These cookies are governed by the respective partner’s privacy policy. We do not have access to the personal data collected by these cookies.

Managing Cookies

You can control and delete cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the website. Most browsers allow you to:

  • View what cookies are stored and delete them individually
  • Block third-party cookies
  • Block cookies from specific sites
  • Block all cookies
  • Delete all cookies when you close your browser

Third-Party Services

We use the following third-party services that may process your data:

Service Purpose Data Processed Privacy Policy
Google Analytics Website analytics Anonymous usage data Google Privacy Policy
Cloudflare CDN and security IP address, browsing data Cloudflare Privacy Policy
Awin Affiliate tracking Click and purchase data Awin Privacy Policy
Pinterest Social media integration Interaction data Pinterest Privacy Policy
Instagram/Meta Social media integration Interaction data Meta Privacy Policy

Affiliate Links and Tracking

Our website contains affiliate links to third-party retailers. When you click on these links:

  • You will be redirected to the retailer’s website
  • The affiliate network may place a tracking cookie on your device
  • If you make a purchase, we may earn a commission
  • We do not have access to your payment or personal information from these transactions

For more information, please see our Affiliate Disclosure page.

Your Rights Under GDPR

As an EU/EEA resident, you have the following rights regarding your personal data:

  • Right of access (Art. 15): Request a copy of the personal data we hold about you
  • Right to rectification (Art. 16): Request correction of inaccurate data
  • Right to erasure (Art. 17): Request deletion of your personal data (“right to be forgotten”)
  • Right to restrict processing (Art. 18): Request limitation on how we use your data
  • Right to data portability (Art. 20): Receive your data in a machine-readable format
  • Right to object (Art. 21): Object to processing based on legitimate interest
  • Right to withdraw consent: Withdraw previously given consent at any time

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

Data Retention

  • Comments: Retained indefinitely or until you request deletion
  • Contact form submissions: Retained for 12 months, then deleted
  • Analytics data: Retained for 14 months (Google Analytics)
  • Email subscriptions: Retained until you unsubscribe
  • Server logs: Retained for 30 days

Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • SSL/TLS encryption for all data transmission
  • Cloudflare DDoS protection and web application firewall
  • Regular security updates and monitoring
  • Access controls and secure hosting environment

International Data Transfers

Some of our third-party service providers are based outside the EU/EEA (primarily in the United States). Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, including:

  • EU-US Data Privacy Framework certification
  • Standard Contractual Clauses (SCCs) approved by the European Commission

Children’s Privacy

Our website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us so we can promptly delete it.

Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. The relevant authority for Finland is:

Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto)
Website: tietosuoja.fi
Email: [email protected]

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.

Contact Us

For any questions about this Privacy Policy or your personal data, please contact us at:
Email: [email protected]