Klexironzlozarin

Privacy Policy

Last updated: 5 March 2025

1. Controller and contact

The data controller responsible for the processing of your personal data in connection with the website klexironzlozarin.world and the product VitaCore 5 is:

Klexironzlozarin
Mannerheimintie 96
00250 Helsinki
Finland

Email: office@klexironzlozarin.world
Phone: +358 300 20200

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us using the details above.

2. Legal basis and applicable law

We process personal data in accordance with the EU General Data Protection Regulation (GDPR), the Finnish Data Protection Act (Tietosuojalaki 1050/2018), and other applicable Finnish and European data protection laws. This Privacy Policy describes our practices in a transparent manner and informs you of your rights.

3. Personal data we collect

We may collect and process the following categories of personal data:

  • Identity and contact data: name, email address, telephone number, and postal address when you place an order, contact us, or subscribe to communications.
  • Transaction and order data: order details, payment-related information (e.g. payment method, transaction identifiers), and delivery information.
  • Technical and usage data: IP address, browser type and version, device type, operating system, referring URLs, pages visited, and approximate location (e.g. country or region) where necessary for the operation of the website or for analytics where you have given consent.
  • Communication data: content of messages you send to us (e.g. via contact or order forms) and records of our correspondence.
  • Cookie and similar technologies data: information collected via cookies and similar technologies, as described in our Cookie Policy.

4. Purposes of processing

We process your personal data for the following purposes and on the following legal bases where applicable:

  • Performance of a contract: to process and fulfil your orders, deliver products, manage returns and refunds, and provide customer support.
  • Legal obligation: to comply with accounting, tax, and other legal obligations (e.g. retention of invoices and order records as required by Finnish law).
  • Legitimate interests: to operate and improve our website, prevent fraud and abuse, ensure security of our systems, and defend or enforce our legal rights, where such interests are not overridden by your rights.
  • Consent: where we rely on your consent (e.g. for non-essential cookies, marketing communications, or other optional processing), you may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

5. Recipients and international transfers

We may share your personal data with:

  • Service providers who assist us with hosting, payment processing, shipping, email delivery, and analytics, under strict contractual obligations to protect your data and use it only for the purposes we specify.
  • Public authorities when required by law (e.g. tax authorities, law enforcement).

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission or an adequacy decision, in accordance with Chapter V of the GDPR.

6. Retention periods

We retain your personal data only for as long as necessary to fulfil the purposes set out in this policy or as required by law:

  • Order and customer data: for the duration of the contractual relationship and thereafter for the period required by Finnish accounting and tax law (typically at least 6 years from the end of the financial year).
  • Contact and enquiry data: for the time needed to handle your request and, where relevant, for a short period for follow-up or legal claims (e.g. up to 2 years unless a longer period is required by law).
  • Marketing and consent-based processing: until you withdraw consent or object, or until we no longer use the data for the stated purpose, subject to any legal retention requirements.
  • Log and technical data: as needed for security and troubleshooting, usually for a limited period (e.g. up to 12 months) unless a longer period is required for legal or security reasons.
  • Cookie-related data: as specified in our Cookie Policy.

After the retention period, we delete or anonymise your data so that it can no longer identify you.

7. Your rights under the GDPR

Under the GDPR, you have the following rights in relation to your personal data:

  • Right of access (Article 15): you may request a copy of the personal data we hold about you and information about how we process it.
  • Right to rectification (Article 16): you may request correction of inaccurate or incomplete personal data.
  • Right to erasure (Article 17): you may request deletion of your personal data in certain circumstances (e.g. where data is no longer necessary, consent is withdrawn, or you object and there are no overriding legitimate grounds).
  • Right to restriction of processing (Article 18): you may request that we restrict processing in certain situations (e.g. while accuracy is being verified or you have objected).
  • Right to data portability (Article 20): where processing is based on contract or consent and carried out by automated means, you may request to receive your data in a structured, commonly used, machine-readable format or to have it transmitted to another controller where technically feasible.
  • Right to object (Article 21): you may object to processing based on legitimate interests or to processing for direct marketing at any time.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
  • Right to lodge a complaint: you have the right to lodge a complaint with a supervisory authority. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto), tietosuoja.fi.

To exercise any of these rights, please contact us using the contact details in section 1. We will respond without undue delay and in any event within one month, subject to any extension where permitted by the GDPR.

8. Security measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Use of HTTPS and encryption for data in transit where applicable.
  • Access controls and limitation of access to personal data to authorised personnel only.
  • Secure storage and handling of data, including where applicable encryption at rest.
  • Regular review and update of our security practices and, where relevant, contracts with processors that require adequate security and compliance with data protection law.

Despite our efforts, no method of transmission or storage over the internet is completely secure. We encourage you to use strong passwords and to protect your account and device.

9. Children

Our website and services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete such information.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the website. The updated version will be posted on this page with a revised "Last updated" date. We encourage you to review this policy periodically. Where changes are material, we may notify you by email or by a notice on the website where appropriate.

11. Additional information

For information about cookies and similar technologies, please see our Cookie Policy. For the terms governing the use of our website and the purchase of products, please see our Terms of Service and Return Policy.