Home

Privacy Policy

Controller: Vimreloxghorlaxx, Hatanpään valtatie 40, 33900 Tampere, Finland. Last updated:

1. Scope

This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website, submit forms, or communicate with us. It applies where the General Data Protection Regulation (EU) 2016/679 (GDPR) and related national laws in Finland and the European Economic Area apply.

2. Online advertising, geographic scope, and food supplements

We may run online advertising (including through platforms such as Google Ads) directed at users in Finland and, where we select, other countries in the European Economic Area and the United Kingdom. Those platforms may process personal data when you interact with ads or measurement features, under their own terms and policies. We aim to present our food supplement in line with applicable rules for nutrition and health claims and for advertising of dietary supplements in the regions we target. We do not use our website to suggest that our product treats, prevents, or diagnoses disease. Campaigns and landing pages are aligned with this Privacy Policy and our Cookie Policy.

3. Data controller and contact

The data controller is Vimreloxghorlaxx, operating from Hatanpään valtatie 40, 33900 Tampere, Finland. For privacy requests, you may write to the email addresses published in the site footer as plain text. We will verify identity where needed before disclosing or changing records.

4. Categories of personal data

We may process: identification and contact data (name, email address, telephone number if provided); message content you send; technical data such as IP address, browser type, and device identifiers; cookie and similar identifiers as described in our Cookie Policy; and order or correspondence references you supply.

5. Purposes and legal bases

6. Retention

We keep personal data only as long as necessary for the purposes above. Indicative periods: enquiry and order messages for up to twenty-four months after the last contact unless a longer period is required for disputes, accounting, or law; technical logs in line with security policies, typically not more than twelve months unless incident investigation requires longer; accounting or tax records as required by applicable law, often six to ten years where relevant.

7. Recipients and transfers

We may use hosting, email delivery, and analytics providers that process data on our instructions under Article 28 GDPR (processors). Where data is transferred outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions as required by Chapter V GDPR.

8. Security

We apply technical and organisational measures appropriate to the risk, including access restrictions, encryption where suitable, and staff instructions on confidentiality. No online transmission is completely secure; you should protect your credentials and devices.

9. Your rights

Subject to conditions in the GDPR, you may request access, rectification, erasure, restriction of processing, data portability (where applicable), and object to processing based on legitimate interests. You may withdraw consent at any time where processing is consent-based, without affecting prior lawful processing. You may lodge a complaint with the Finnish Office of the Data Protection Ombudsman or another EU supervisory authority.

10. Automated decision-making

We do not use solely automated decision-making, including profiling, which produces legal or similarly significant effects concerning you, unless we inform you otherwise and provide a legal basis.

11. Children

Our services are not directed at children under sixteen. We do not knowingly collect their personal data.

12. Changes

We may update this policy and will adjust the “Last updated” date. Material changes will be indicated on the website where appropriate.