Privacy Policy

Last updated:

1. Introduction

Phrixxensquidral ("we," "us," or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website phrixxensquidral.world and purchase our products, including VascuLife.

This policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Finnish Data Protection Act (1050/2018), and other applicable data protection laws. By using our website, you consent to the data practices described in this policy.

2. Data Controller Information

The data controller responsible for your personal data is:

Company Name: Phrixxensquidral
Address: Mannerheimintie 16, 00100 Helsinki, Finland
Email: service@phrixxensquidral.world
Website: https://phrixxensquidral.world

3. Personal Data We Collect

We collect personal data that you voluntarily provide to us when you:

  • Place an order through our website
  • Contact us via email or contact forms
  • Subscribe to our newsletter (if applicable)
  • Browse our website (automatically collected data)

Categories of personal data we collect include:

  • Identity Data: Full name
  • Contact Data: Email address, phone number (optional), delivery address
  • Transaction Data: Order details, payment information (processed securely by third-party payment providers)
  • Technical Data: IP address, browser type and version, device information, operating system, time zone setting
  • Usage Data: Information about how you use our website, pages visited, time spent on pages
  • Communication Data: Contents of messages you send to us

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance (Article 6(1)(b)): Processing necessary to fulfill your order and deliver products
  • Consent (Article 6(1)(a)): When you have given explicit consent for specific processing activities, such as marketing communications
  • Legal Obligation (Article 6(1)(c)): When we need to comply with legal requirements, such as tax and accounting obligations
  • Legitimate Interests (Article 6(1)(f)): For purposes such as improving our services, fraud prevention, and website security, where these interests do not override your rights

5. Purposes of Data Processing

We use your personal data for the following purposes:

  • Processing and fulfilling your orders, including delivery and payment processing
  • Communicating with you about your orders, inquiries, and customer service matters
  • Sending order confirmations, shipping updates, and delivery notifications
  • Managing returns and refunds in accordance with our Return Policy
  • Complying with legal and regulatory requirements, including tax obligations
  • Improving our website, products, and services based on usage patterns
  • Preventing fraud and ensuring the security of our website
  • Sending marketing communications (only with your explicit consent)

6. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Service Providers: Third-party companies that assist us in operating our website, processing payments, fulfilling orders, and providing customer support. These providers are contractually obligated to protect your data and use it only for the specified purposes.
  • Delivery Partners: Shipping and logistics companies to deliver your orders
  • Payment Processors: Secure payment service providers to process transactions
  • Legal Authorities: When required by law, court order, or government request
  • Professional Advisors: Lawyers, accountants, and auditors when necessary

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When such transfers occur, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with an adequacy decision from the European Commission
  • Other legally approved transfer mechanisms

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Order Data: 7 years from the date of purchase (required for tax and accounting purposes under Finnish law)
  • Account Data: Until you request deletion or close your account
  • Marketing Data: Until you withdraw consent or unsubscribe
  • Technical/Analytics Data: Up to 26 months
  • Communication Records: 3 years from the last interaction

After the retention period expires, we securely delete or anonymize your personal data.

9. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

  • Right of Access (Article 15): Request a copy of the personal data we hold about you
  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten") under certain circumstances
  • Right to Restriction (Article 18): Request limitation of processing of your data
  • Right to Data Portability (Article 20): Receive your data in a structured, commonly used format
  • Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent (Article 7): Withdraw consent at any time where processing is based on consent
  • Right to Lodge a Complaint: File a complaint with the Finnish Data Protection Ombudsman (Tietosuojavaltuutetun toimisto)

To exercise any of these rights, please contact us using the details provided in Section 2. We will respond to your request within one month, as required by GDPR.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for all data transmission
  • Secure storage systems with access controls
  • Regular security assessments and updates
  • Staff training on data protection practices
  • Secure payment processing through PCI-DSS compliant providers

While we strive to protect your personal data, no method of transmission over the Internet is 100% secure. We encourage you to use strong passwords and keep your account information confidential.

11. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience. For detailed information about the cookies we use and how to manage your preferences, please refer to our Cookie Policy.

12. Children's Privacy

Our website and products are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new "Last updated" date. We encourage you to review this policy periodically.

14. Supervisory Authority

If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with the Finnish Data Protection Ombudsman:

Tietosuojavaltuutetun toimisto (Office of the Data Protection Ombudsman)
Address: Lintulahdenkuja 4, 00530 Helsinki, Finland
Phone: +358 29 566 6700
Website: www.tietosuoja.fi

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

service@phrixxensquidral.world
Mannerheimintie 16, 00100 Helsinki, Finland