Cross Wrap

Privacy Policy

Privacy policy

CROSS WRAP OY — Privacy Policy


UPDATED ON 11.1.2021


Cross Wrap Oy is committed to protecting our customers’ and other partners’ privacy. In this Privacy Policy we explain how we at Cross Wrap use your personal data we may collect and process about you as our existing or potential customer, our supplier and when there exists some other relevant relationship between you and Cross Wrap.


Please note that our website sometimes contains links to other sites that are not governed by this Privacy Policy. As Cross Wrap cannot control or be responsible for the policies and practices on how user data is stored or used on third-party sites, we recommend reviewing the privacy policy of each third-party site linked from our website to determine their use of your personal data.

Below you can find more information on:

  • Identity of the controller and contact details
  • Types of personal data we process
  • Where we obtain your data
  • How we use your personal data and the legal basis of processing
  • Disclosures of your personal data
  • Your rights as the data subject
  • Cookie Policy
  • Data retention
  • Data security principles
  • Changes to this policy


Identity of the controller and contact details


Cross Wrap Oy is the controller in relation to the processing of your personal data described in this Privacy Policy. Should you have any questions about this Privacy Policy or how we process your data, please contact us at:


Cross Wrap Oy

Teollisuustie 6, 71800 Siilinjärvi, Finland



Types of personal data we process


Cross Wrap only processes such personal data that is necessary for predefined purposes. We typically process the following types of personal data about you:


  • Information about our business customers and their contact persons. In case you are the contact person for our business customer, we may collect and process the following information about you and your company, which we will combine and process together for as long as you are the contact person for that company:
    • Information concerning the company and the customer relationship, such as name, business number, address, invoicing and payment details (including possible payment failures), order/purchase history, possible direct marketing opt-outs
    • Information about you as the contact person, such as name, title and role in the company, contact details (such as email, phone number and address), details and contents of correspondence with us, possible direct marketing opt-outs


  • Information about our partners. Cross Wrap has many partners that operate in different capacities and include, for example, companies that are our suppliers and companies that we do other commercial and non-commercial co-operation with (such as providers of maintenance services, our agents and other representatives, and journalists in media companies). In this relation we may collect and process the following information about you:
    • Your name, details of the company you represent, title and role in the company, contact details (such as email, phone number and address), possible invoicing and payment details and order history, possible direct marketing opt-outs


  • Information we use for marketing purposes (potential customers). We also collect certain information about companies and their contact persons that have expressed their interest in the products and services Cross Wrap provides or who we otherwise believe would be interested in receiving information about our products and services. In this relation we may collect and process the following information about you:
    • Your name, details of the company you represent, title and role in the company, contact details (such as email, phone number and address), topics of interest, details and contents of correspondence with us, possible direct marketing opt-outs


  • Information we collect automatically. We collect certain information automatically by using cookies and analytics tools based on your use of our website and other content we provide to you (such as newsletters and direct marketing emails). This information includes, for example, the IP address and type of the device from which you access the service, how you interact with our content (pages visited or content clicked, searches performed etc.), the time, frequency and duration of your visits to the service, your browser type and operating system, as described in our cookie policy below.


Where we obtain your data


We obtain the data we process principally from you when you are in contact with us through our website by submitting contact forms or in other ways such as by email or calling us. We also obtain your data when our business customer enters into an agreement with us or submits requests for proposal, or in other business connections.


We may also collect and update your information through our own representatives or partners or from publicly available sources (such as company websites, databases of authorities etc.), campaigns, publications, fairs, from business cards and otherwise. We may also receive your data through third party services, such as professional social media sites, where Cross Wrap has presence and where you have opted to follow us.


How we use your personal data and the legal basis of processing


Cross Wrap uses your personal data for the following purposes:


  • Execution of agreement and management of customer relationship: We process your personal data to fulfil the agreement that you or your company has made with Cross Wrap and to enforce the rights and obligations relating to that agreement, including processing your personal data in relation to requests for proposal.


We also process your data to manage and develop the customer relationship, such as to contact you, send you updates on your order, for invoicing and debt collection and invite you to customer surveys.


The processing of your personal data is in these cases based on an agreement or necessary to take steps preceding entering into such agreement.


  • Direct marketing and other communication with you. We may process your personal data for direct marketing purposes both by electronic means (email, SMS) and by phone or post. We also process your personal data to send you updates relating to our products, services and business (such as newsletters), and other content you may have requested. In case you are the representative of Cross Wrap’s other business partner than customer, we also process your data to communicate with you in matters relevant to that relationship.


We may target and customise our marketing and other content in order to serve you with more relevant content and create profiles and customer segments based on your title and role, order history, topics of interest, your interactions with our content and other information we have collected from you. You can always opt out of receiving direct marketing and other updates, and object to profiling.


We process your data for the abovementioned purposes based on an agreement you/your company has with Cross Wrap or our legitimate interest if we consider your company as a potential customer, if the agreement between us has ended and you have not opted out of direct marketing, or your company has another business relationship with Cross Wrap. If we have requested your consent for the foregoing activities, we process your personal data based on that consent.


  • Development and analysis. We process your personal data as well as the data we collect automatically to analyse and develop our products, services and business, and to better understand how our services are used. We will not use your information in an identifiable form if it is not necessary for the abovementioned purposes.


  • Processing based on a legal obligation. We may be obligated to process certain of your personal data based on a legal obligation under the Finnish accounting and other mandatory law, also after the customer relationship has ended. In these cases, the processing is based on that legal obligation.


Disclosures of your personal data


Cross Wrap does not sell your information to third parties. We may, however, disclose your information in circumstances described below.


  • Trusted business partners: We may disclose your personal data to our trusted business partners for their own direct marketing purposes and other processing purposes that may be based on their legitimate interests, however, not in contradiction with this Privacy Policy. These trusted business partners process your personal data as independent controllers.


  • Third party service providers: We may transfer personal data about you to our trusted third party services providers (such as our subcontractors who provide manufacturing and maintenance services, agents and other representatives, accountants as well as IT service providers) to process it on our behalf, based on our instructions and in compliance with this Privacy Policy, any other appropriate confidentiality and security measures as well as applicable data protection laws.


  • Authorities: We may disclose your information to authorities when we have a legal obligation or other legitimate interest to do so under applicable law.


  • Consent: Based on your consent we may disclose your information within the limits of the specific consent you have given. Information on revoking your consent is provided below.


  • Business transactions: We may disclose your personal data in connection with a business transaction, if and to the extent necessary.


  • Our legitimate interests: We may disclose your personal data if it is necessary in order to protect or defend our legitimate rights and interests, or those of our users, employees, directors or shareholders, and/or to ensure the safety and security of our services.


The principal place of processing of your personal data is in the EU and subject to the provisions of the EU General Data Protection Regulation and other national and EU privacy laws. In certain occasions we may use service providers located outside the EU/EEA in the provision and technical implementation of our services, in which case your personal data may be transferred outside the EU/EEA. In case we transfer your personal data outside the EU/EEA we have ensured that your personal data is afforded adequate level of protection by way of contractual obligations or by using other safeguards available under the EU data protection laws.


Your rights as the data subject


As the data subject, under data protection laws you can influence on how we process your personal data in the following ways:


  • Right of access, rectification and erasure: You have the right to request access to your personal data we process. At your request we will also rectify any inaccurate, incomplete or outdated personal data relating to you. You also have the right to request your personal data to be erased (right to be forgotten) in accordance with applicable law.


  • Data portability: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller when we process your data automatically based on a contract or your consent.


  • Right to object to direct marketing (including related profiling): In case you do not want to receive further marketing or other updates from us or wish to opt out of profiling we do in order to offer you tailored direct marketing, you have the right to object to processing of your personal data for those purposes. Should you use your right to object, you will no longer receive direct marketing from us. You can use your right to object either by contacting us or through the unsubscribe link on electronic messages we send you.


  • Right to object data processing and right of restriction: You have the right to object to processing we carry out based on legitimate interest on grounds relating to your particular situation, unless we have compelling legitimate interests for the processing which override those interests. You also have the right to request the restriction of the processing of your personal data, for example, in case you object to processing as described above or contest the accuracy of your personal data.


  • Revocation of consent: You may revoke a consent you have given at any time by contacting us or unsubscribing from further updates from us through the unsubscribe link on electronic messages we send you. Please note that revoking your consent does not affect the legality of the processing we have carried out prior to the revocation.


  • Right to lodge a complaint: You have the right to lodge a complaint with the relevant supervisory authority in case you feel that we have processed your personal data contrary to this Privacy Policy or the applicable law. Contact details of the Finnish supervisory authority can be found at


You can find more information on how you can influence the use of cookies in our cookie policy below.


Cookie Policy


Like many other websites, also Cross Wrap uses cookies and similar technologies on its website We use these technologies to improve our services and business, remember your preferences, understand how you are using our service and help customise our marketing, other communications and advertising.


A “cookie” is a small data file containing a string of characters that is sent to your device when you visit a website. When you visit the website again, the cookie allows that site to recognise your browser. A cookie does not harm your device, and we do not get any information that is directly related to you (such as your name or email address) merely through cookies. The duration of how long a cookie will stay on your device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay on your device until they expire or until you delete them.


We use cookies primarily to personalize the contents of our services, analyze the use of our services and maintain your identity or session on the service. We may also partner with third parties to manage and tailor our advertising on other websites. In addition, Cross Wrap uses social plug-ins on our service enabling you to receive our content from those platforms and share our content also on your social media platforms. When you interact with these social media plug-ins, some data is sent directly to the provider of that social media service, and we may also receive certain anonymous/pseudonymous data about your use of such content and other data associated with your use of that social media service from those social media partners.


Most web browsers allow you to control and block cookies through their settings. Please note that if you limit the ability of our website to set cookies or block them entirely, the entire contents of our website may not be available and some of the features might not function properly. Below You can learn about how to control cookie settings on most common web browsers:


Cross Wrap uses Google Analytics, a web analytics service provided by Google Inc. Google Analytics uses cookies to help the website analyse how users use the site. The information generated by the cookie about your use of this website will be transmitted to and stored by Google on servers in the United States. IP anonymization is activated on this website and your IP address will however be truncated by Google beforehand within the area of member states of the European Union or the European Economic Area. Only in exceptional cases, the full IP address is sent to a Google server in the USA and truncated there. Google uses this information on behalf of Cross Wrap for the purpose of evaluating how you use our website, compiling reports on website activities and providing further services related to website and internet usage to Cross Wrap. The IP address transferred by your browser within the scope of Google Analytics will not be associated with any other data held by Google.


To prevent your data from being used by Google Analytics you can install the browser plug-in from Google which is available here.


If you would like more information about cookies, please visit More information about interest-based advertising, including how to opt-out of these cookies, can be found at


Cookie Declaration


Data retention


Information we process will only be retained as long as is necessary to fulfil the abovementioned purposes or as long as we have a statutory obligation to keep your information, after which it will be deleted from our files.


If you are our customer, we retain your data for at least the time you are our customer. After the customer relationship ends, the retention period depends on the data and its purpose of use. For example, we retain your personal data for direct marketing purposes until you have objected to it, and retain invoicing and payment information for 10 years after the agreement has ended. As a rule, we retain data on potential customers until that customer has objected to direct marketing or opted out of all of our communication, and we have no other grounds for retaining the personal data. We comply with statutory obligations in retaining data.


If you have exercised your right to object to direct marketing, we may still keep certain information about you to comply with that request.


Data security principles


We employ sufficient technical and organizational measures to protect your personal data against accidental and/or unlawful access, alteration, destruction or other processing (including unauthorized disclosure and transfer). These measures include proactive and reactive risk management, use of firewalls, encryption techniques and secure IT areas as well as access control and security systems, security planning, controlled granting and monitoring of access/user rights, ensuring skills through training for personnel involved in processing personal data and through assessments as well as careful selection of suppliers. We are continuously updating our in-house practices and guidelines in an appropriate manner.


Changes to this policy


Cross Wrap continuously develops its business and services, which is why we may occasionally need to make changes also to this Privacy Policy. We will endeavour to inform you about any changes we make either personally or through our services. We suggest that you check this page periodically if you would like to monitor changes.

Subscribe to our newsletter

Keep up with the latest news, blogs, tech tips, and references - join the industry insiders!

Choose from four industry-specific newsletters to receive just the right content for you.