Vraxylonlldroz

Privacy Policy

Last updated: March 2026

1. Controller and contact details

The data controller responsible for the processing of your personal data in connection with this website is:

Vraxylonlldroz
Mannerheimintie 96
00250 Helsinki
Finland

Email: team@vraxylonlldroz.world
Phone: +358 300 20200

If you have questions about this Privacy Policy or the processing of your personal data, or if you wish to exercise your rights under applicable data protection law, please contact us using the details above.

2. Scope and legal basis

This Privacy Policy applies to the website https://vraxylonlldroz.world and to any personal data we collect when you use our website, place an order, contact us, or interact with our services. We process personal data in accordance with the EU General Data Protection Regulation (GDPR), the Finnish Data Protection Act (Tietosuojalaki 1050/2018), and other applicable Finnish and European data protection legislation.

We process personal data only where we have a lawful basis: (a) your consent, (b) performance of a contract with you or steps at your request prior to entering into a contract, (c) compliance with a legal obligation, (d) our legitimate interests where they are not overridden by your rights, or (e) as otherwise permitted by law.

3. Personal data we collect and purposes of processing

3.1 Data you provide to us

  • Contact and order data: When you submit the order or contact form, we collect your name, email address, optional telephone number, and message content. We use this data to process your order, respond to your enquiries, and communicate with you about your order (e.g. confirmation, shipping). Legal basis: performance of a contract and, where applicable, consent.
  • Consent and preferences: If you consent to marketing or non-essential cookies, we record your consent and preferences. Legal basis: consent.

3.2 Data collected automatically

  • Technical and usage data: When you visit our website, we may collect your IP address, browser type and version, device type, operating system, referring URL, pages visited, and date and time of access. We use this data to operate and secure the website, analyse usage (where you have consented to analytics cookies), and improve our services. Legal basis: legitimate interest (operation and security) or consent (analytics).
  • Cookies and similar technologies: We use cookies and similar technologies as described in our Cookie Policy. Legal basis: consent (for non-essential cookies) or legitimate interest (for strictly necessary cookies).

4. Retention periods

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations.

  • Order and contact data: We retain data related to orders and customer communications for the period required for the performance of the contract, handling of complaints, and for accounting and tax purposes as required by Finnish law (typically at least 6 years from the end of the financial year).
  • Marketing and consent records: If you have consented to marketing, we retain your contact data and consent record until you withdraw consent or object, and thereafter only as needed to demonstrate consent (e.g. for legal claims) within statutory limitation periods.
  • Technical and access logs: Server and security logs are retained for a limited period necessary for security and troubleshooting (typically up to 12 months), unless a longer retention is required for legal or regulatory reasons.
  • Cookie data: Retention for each cookie type is set out in our Cookie Policy.

After the retention period has ended, we delete or anonymise your data so that it can no longer be attributed to you.

5. Recipients and international transfers

We may share your personal data with:

  • Service providers: Processors who assist us with hosting, payment processing, email delivery, or analytics, under strict data processing agreements and only for the purposes we specify.
  • Authorities: When required by law, we may disclose data to courts, law enforcement, or other public authorities in Finland or the EU.

We do not transfer your personal data to countries outside the European Economic Area (EEA) unless we have ensured an adequate level of protection (e.g. adequacy decision, standard contractual clauses, or other approved safeguards) and we will inform you of such transfers where required by law.

6. Your rights under the GDPR

Under the GDPR and Finnish data protection law, you have the following rights in relation to your personal data:

  • Right of access (Article 15): You may request a copy of the personal data we hold about you and information about how we process it.
  • Right to rectification (Article 16): You may request correction of inaccurate or incomplete personal data.
  • Right to erasure (Article 17): You may request deletion of your personal data where the legal grounds for processing no longer apply (e.g. you withdraw consent, data are no longer necessary, or you validly object).
  • Right to restriction of processing (Article 18): You may request that we restrict processing in certain situations (e.g. while we verify accuracy or while you contest the lawfulness of processing).
  • Right to data portability (Article 20): Where processing is based on consent or contract and is carried out by automated means, you may request to receive your data in a structured, commonly used, machine-readable format or to have it transmitted to another controller.
  • Right to object (Article 21): You may object to processing based on legitimate interests or to processing for direct marketing at any time.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your residence, place of work, or place of the alleged infringement. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto), https://tietosuoja.fi.

To exercise any of these rights, please contact us using the contact details in section 1. We will respond without undue delay and in any event within one month, subject to any extension where permitted by law. We may need to verify your identity before processing your request.

7. Security measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Use of HTTPS (TLS/SSL) for all data transmitted between your browser and our servers to prevent interception and tampering.
  • Access controls and authentication so that only authorised personnel can access personal data, and only to the extent necessary for their role.
  • Regular review and updating of security practices and, where applicable, encryption of sensitive data at rest.
  • Contractual obligations with processors to ensure they apply equivalent security and confidentiality standards.

Despite our efforts, no method of transmission or storage over the Internet is completely secure. We encourage you to use strong passwords and to keep your login and contact details confidential.

8. Children

Our website and services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data without parental consent, please contact us and we will take steps to delete such data.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the website. The updated version will be posted on this page with a revised “Last updated” date. We encourage you to review this Privacy Policy periodically. Where changes materially affect how we use your personal data, we will notify you where required by law (e.g. by email or a notice on the website) and, where necessary, obtain your consent.

10. Additional information for Finnish residents

As a data controller established in Finland, we comply with the Finnish Data Protection Act and the guidelines of the Data Protection Ombudsman. For more information on your rights and how to contact the supervisory authority, see section 6 above.