Legal

Privacy Policy

How Retailgrid Oy collects, uses, stores, and protects personal data when you access or use Retailgrid services.

Effective Date: 5 March 2026 · Last Updated: 5 March 2026

This Privacy Policy describes how Retailgrid Oy (“Retailgrid,” “we,” “our,” or “us”) collects, uses, stores, and protects personal data when you access or use Retailgrid services. By using Retailgrid, you agree to the terms of this Privacy Policy.

1. Who We Are

Retailgrid is a cloud-based data workspace and AI-enabled tool for retailers. We operate under:

Retailgrid Oy
Maria01, Lapinlahdenkatu 16, 00180 Helsinki, Finland
Email: support@retailgrid.io

We act as a Data Controller for personal data we collect directly from users and as a Data Processor for Customer Data uploaded to the platform.

2. Data We Collect

We collect the following categories of data:

2.1 Account Information

  • Name
  • Email address
  • Company name
  • Password (hashed)
  • User settings & preferences

2.2 Billing Information

For paid plans:

  • Payment method details (handled securely by payment processors)
  • Billing address
  • VAT number (if applicable)

2.3 Usage Data

Includes data about how you interact with the platform:

  • Logins, session timestamps
  • Actions performed in the workbook
  • System events, error logs
  • Feature usage analytics

2.4 Device & Technical Data

  • IP address
  • Browser type and version
  • Operating system
  • Cookies and tracking technologies
  • Device identifiers

2.5 Customer Data (Uploaded by You)

This may include:

  • Product data
  • Pricing data
  • Sales data
  • Competitor information
  • Any other data imported via files or integrations

We process Customer Data solely to operate and deliver Retailgrid features.

3. How We Use Your Data

We process your data for the following purposes:

3.1 To Provide and Maintain the Service

  • Account management
  • Data processing and enrichment
  • AI-driven analytics and insights

3.2 To Improve Retailgrid

  • Product analytics
  • Troubleshooting and error prevention
  • Developing new features

3.3 To Communicate with You

  • Service announcements
  • Support responses
  • Security alerts

3.4 For Billing and Subscription Management

  • Processing payments
  • Managing plan upgrades and renewals

3.5 For Security and Compliance

  • Preventing fraud and abuse
  • Investigating suspicious activity
  • Complying with legal obligations

We never sell your personal data.

4. Legal Basis for Processing (GDPR)

Under the GDPR, we rely on the following legal bases:

  • Contractual necessity — to provide the Retailgrid service
  • Legitimate interests — for service improvement and security
  • Consent — for optional features like marketing emails
  • Legal obligations — for accounting, tax, and compliance

5. How Customer Data Is Handled

Customer Data is processed exclusively:

  • As instructed by you
  • For the purpose of providing the Retailgrid service
  • Under strict confidentiality and security controls

We do not use Customer Data to train external models.

6. Sharing of Data

We may share personal data only with:

6.1 Service Providers (Sub-Processors)

Including:

  • Cloud hosting providers
  • Payment processors
  • Error monitoring tools
  • Analytics providers

Each provider is bound by GDPR-compliant agreements.

6.2 Legal Requests

If required by law, we may disclose personal data to authorities.

6.3 Business Transfers

In the event of a merger, acquisition, or restructuring, personal data may be transferred under confidentiality obligations.

We never sell or rent personal data.

7. International Data Transfers

If data is transferred outside the EU/EEA, we use:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Other approved safeguards

8. Data Retention

8.1 Personal Data

Retained for as long as your account is active and up to 12 months after deletion.

8.2 Customer Data

Retention is based on your subscription plan settings and is deleted when:

  • You delete it manually
  • Your subscription expires
  • The retention period ends

8.3 Backups

Backups containing deleted data may persist for up to 90 days.

9. Your Rights

Under GDPR and applicable laws, you have the right to:

  • Access your data
  • Correct inaccurate or incomplete data
  • Delete personal data (“right to be forgotten”)
  • Restrict or object to processing
  • Export your data (data portability)
  • Withdraw consent for optional features

To exercise these rights, contact us at: support@retailgrid.io

10. Cookies & Tracking

We use cookies to:

  • Authenticate sessions
  • Store preferences
  • Analyze product usage
  • Improve performance

You can control cookie settings through your browser.

11. Security Measures

We use industry-standard technical and organizational measures, including:

  • Encrypted data transfer (TLS)
  • Encryption at rest
  • Access controls & audit logging
  • Secure development practices
  • Regular security assessments

No system is completely secure; users must maintain safe credentials.

12. AI Features

Retailgrid includes AI-powered features. When using them, you acknowledge:

  • AI outputs may not always be accurate
  • You must review all AI-generated results
  • Customer Data used for AI features is processed only for your tasks

We do not train third-party models with Customer Data.

13. Children's Privacy

Retailgrid is not intended for use by individuals under 16.

14. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. If updates are material, we will notify you by email or in-app. Your continued use of Retailgrid after changes constitutes acceptance.

15. Contact

For any questions, data requests, or privacy concerns, contact us:

Retailgrid Oy
Maria01, Lapinlahdenkatu 16, 00180 Helsinki, Finland
Email: support@retailgrid.io

By using Retailgrid, you acknowledge that you have read, accepted and understood this Privacy Policy.