Privacy Policy

How we collect, use, and protect your personal data

Last updated:

1. Data Controller

The data controller responsible for processing your personal data is:

Vomrelonmyshex
Hämeenkatu 7, 33100 Tampere, Finland
Email: community@vomrelonmyshex.world
Website: https://vomrelonmyshex.world

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: full name as provided in the order form.
  • Contact data: email address and, if voluntarily provided, phone number.
  • Communication data: messages and inquiries submitted through our contact or order forms.
  • Technical data: IP address, browser type and version, operating system, time zone setting, device information, and browsing actions on our website.
  • Usage data: information about how you use our website, including pages visited, time spent, and navigation paths.
  • Cookie data: data collected through cookies and similar tracking technologies, as described in our Cookie Policy.

3. How We Collect Your Data

We collect personal data through the following methods:

  • Direct interactions: when you fill in the order form, contact us, or otherwise provide your information directly.
  • Automated technologies: as you navigate our website, we may automatically collect technical data about your browsing actions and patterns using cookies, server logs, and similar technologies.

4. Legal Basis for Processing

We process your personal data on the following legal bases in accordance with the General Data Protection Regulation (GDPR) and Finnish data protection legislation:

  • Consent (Article 6(1)(a) GDPR): where you have given clear consent for us to process your personal data for a specific purpose, such as submitting an order form or accepting analytics/marketing cookies.
  • Contract performance (Article 6(1)(b) GDPR): where processing is necessary for the performance of a contract with you, such as handling your order and delivering our product.
  • Legitimate interests (Article 6(1)(f) GDPR): where processing is necessary for our legitimate interests, such as improving our website, preventing fraud, and ensuring security, provided these do not override your rights and freedoms.
  • Legal obligation (Article 6(1)(c) GDPR): where processing is necessary to comply with a legal obligation, such as tax and accounting requirements under Finnish law.

5. Purposes of Processing

We use your personal data for the following purposes:

  • To process and manage your orders and requests.
  • To communicate with you regarding your order, including sending confirmation emails.
  • To improve and optimize our website, content, and user experience.
  • To analyze website usage patterns and performance through analytics tools.
  • To comply with legal obligations, including tax and regulatory requirements.
  • To prevent fraudulent activities and ensure website security.
  • To manage cookie preferences and consent.

6. Data Sharing and Recipients

We may share your personal data with the following categories of recipients:

  • Service providers: third-party companies that provide services on our behalf, such as hosting providers, email services, and analytics platforms. These providers process data only on our instructions and in accordance with this policy.
  • Legal authorities: where required by law, regulation, or legal proceedings, we may disclose your data to public authorities, courts, or regulators.

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place in accordance with GDPR, including:

  • Adequacy decisions by the European Commission.
  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Other legally recognized transfer mechanisms.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Order data: retained for a period of up to 5 years after the last interaction, in compliance with Finnish accounting and tax legislation.
  • Communication data: retained for up to 2 years from the date of the communication, unless a longer period is required by law.
  • Technical and usage data: retained for up to 26 months for analytics purposes.
  • Cookie consent data: retained for up to 12 months, after which you may be asked to renew your preferences.

After the retention period, data is securely deleted or anonymized.

9. Your Rights Under GDPR

Under the General Data Protection Regulation, you have the following rights:

  • Right of access (Article 15): you have the right to request a copy of the personal data we hold about you.
  • Right to rectification (Article 16): you have the right to request correction of inaccurate or incomplete personal data.
  • Right to erasure (Article 17): you have the right to request deletion of your personal data, subject to certain conditions.
  • Right to restriction of processing (Article 18): you have the right to request that we restrict the processing of your data in certain circumstances.
  • Right to data portability (Article 20): you have the right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to object (Article 21): you have the right to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at: community@vomrelonmyshex.world

10. Right to Lodge a Complaint

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In Finland, the competent authority is:

Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto)
Lintulahdenkuja 4, 00530 Helsinki, Finland
Website: https://tietosuoja.fi/en/
Email: tietosuoja(at)om.fi

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Use of HTTPS encryption for all data transmitted through our website.
  • Access controls limiting data access to authorized personnel only.
  • Regular security reviews and updates to our systems and processes.
  • Secure data storage with appropriate backup and recovery procedures.

12. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies. For detailed information about the types of cookies we use, their purposes, and how to manage your preferences, please refer to our Cookie Policy.

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to read the privacy policies of any third-party websites you visit.

14. Children's Privacy

Our website and products are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a minor, we will take steps to delete such data promptly.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. The updated version will be posted on this page with a revised "Last updated" date. We encourage you to review this policy periodically.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Vomrelonmyshex
Hämeenkatu 7, 33100 Tampere, Finland
Email: community@vomrelonmyshex.world