This site uses cookies to operate securely and to understand how visitors use our pages. You can accept all cookies, reject non-essential cookies, or adjust categories.

Vomrelonttquozl

Privacy Policy

Last updated: 23 March 2026

This Privacy Policy explains how Vomrelonttquozl (“we”, “us”, “our”) processes personal data when you visit vomrelonttquozl.world, enquire about Zenvitalea, place an order, or exercise your rights under applicable data protection law. We operate from Finland and apply the General Data Protection Regulation (EU) 2016/679 (“GDPR”), Finland’s Data Protection Act (1050/2018, as amended), and related sector rules that apply to consumer sales and electronic communications where relevant.

Data controller and contact

The controller responsible for the processing described in this policy is:

We do not require you to use a dedicated contact form; you may also reach us by post at the address above. When you contact us, we process the information you provide in line with the purposes set out below.

Scope and children

Our website and Zenvitalea product information are directed at adults. We do not knowingly collect personal data from children under 16 years of age. If you believe a minor has provided data to us, please contact us so we can delete the information where appropriate.

Categories of personal data

Depending on how you interact with us, we may process the following categories of data:

  • Identity and contact data: name, delivery address, billing address, email address, telephone number, country of residence.
  • Order and transaction data: products ordered, order value in euros, payment status (we do not store full payment card numbers when payments are handled by certified payment providers), shipping references, returns and refund records.
  • Communication data: messages you send through forms or email, call logs if you phone us, and related metadata such as timestamps.
  • Technical and usage data: IP address, browser type, device type, approximate location derived from IP, pages viewed, referring URL, cookie identifiers where permitted.
  • Marketing preferences: consents or objections regarding newsletters or personalised advertising, where you have provided them.
  • Compliance data: records required for accounting, tax, consumer protection, and dispute handling.

Providing certain data is necessary to conclude a contract. If you do not provide required fields in an order or contact process, we may be unable to process your request.

Purposes and legal bases

We process personal data only when we have a valid legal basis under Article 6 GDPR (and Article 9 where special categories apply; we generally do not seek health data through this website).

Purpose Legal basis Additional notes
Operating the website, loading pages securely, preventing fraud and abuse Legitimate interests (Article 6(1)(f)) and, where required, consent for non-essential cookies Balanced against your rights; see our Cookie Policy
Processing orders, taking payment, delivering Zenvitalea, providing customer support Performance of a contract (Article 6(1)(b)) Includes logistics partners acting as processors
Accounting, invoicing, tax compliance, audit trails Legal obligation (Article 6(1)(c)) Retention follows statutory minimums in Finland and the EU
Handling statutory warranty claims and consumer withdrawal rights Performance of a contract and legal obligations Linked to purchase documentation
Responding to data subject requests and regulatory correspondence Legal obligation and legitimate interests We verify identity before disclosure
Direct marketing by electronic channels where permitted Consent (Article 6(1)(a)) or soft opt-in where national law allows for similar products You may withdraw consent at any time
Analytics to improve site structure and product information clarity Consent for non-essential analytics cookies; aggregated statistics may also rely on legitimate interests where no cookies are used You control optional cookies via the banner

Recipients and processors

We share personal data only when necessary and with appropriate safeguards:

  • Payment service providers process card and alternative payment data under their terms and PCI standards; we receive confirmation of payment status, not your full card number.
  • Carriers and warehouses receive name, address, and contact details needed for delivery.
  • IT hosting, email delivery, and customer service tools may process data under data processing agreements compliant with Article 28 GDPR.
  • Professional advisers such as accountants or lawyers receive limited data where required by law or for defending legal claims.
  • Authorities when a lawful request requires disclosure.

Where we transfer data outside the European Economic Area, we use mechanisms recognised by the European Commission, such as Standard Contractual Clauses, supplemented by assessments where required after the Schrems II judgment.

Retention periods

We keep personal data only as long as necessary for the purposes above:

  • Order and contract data: for the duration of the contract plus the statutory limitation periods for commercial claims (typically up to ten years for accounting records where Finnish law requires).
  • Accounting and tax materials: at least six to ten years depending on the record type, as required by Finnish bookkeeping and tax legislation.
  • Marketing consents and suppression lists: until you withdraw consent or object, and thereafter only minimal data needed to honour your objection.
  • Website logs and security records: typically between 30 and 180 days unless longer retention is justified for incident investigation.
  • Cookie-related identifiers: as described in the Cookie Policy, often between a few minutes and thirteen months depending on the tool.

When data is no longer needed, we delete or anonymise it in a secure manner.

Security measures

We implement appropriate technical and organisational measures, including:

  • TLS encryption for data in transit on our website where HTTPS is enabled by the hosting environment.
  • Access controls and authentication for internal systems, with role-based permissions.
  • Backups and redundancy arrangements proportionate to risk.
  • Instructions for personnel handling personal data and confidentiality expectations.
  • Vendor review processes for processors that handle personal data on our behalf.

No online transmission is completely risk-free. We encourage you to use secure networks and up-to-date browsers when submitting information.

Your rights

Under the GDPR, you have the following rights in relation to your personal data, subject to conditions and exceptions in law:

  • Right of access (Article 15): obtain confirmation whether we process your data and receive a copy.
  • Right to rectification (Article 16): correct inaccurate or incomplete data.
  • Right to erasure (Article 17): request deletion where applicable, for example when data is no longer necessary or consent is withdrawn without another legal basis.
  • Right to restriction (Article 18): limit processing in defined circumstances.
  • Right to data portability (Article 20): receive machine-readable data you provided, where processing is based on consent or contract and is automated.
  • Right to object (Article 21): object to processing based on legitimate interests or to direct marketing.
  • Rights related to automated decision-making (Article 22): we do not use solely automated decisions with legal or similarly significant effects on this website.
  • Right to withdraw consent at any time where processing is consent-based, without affecting prior lawful processing.

To exercise your rights, contact us using the details in the “Data controller” section. We may need to verify your identity before responding. You also have the right to lodge a complaint with a supervisory authority.

Supervisory authority

In Finland, the supervisory authority is the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto). Contact information and guidance are available at https://tietosuoja.fi/en/. You may lodge a complaint with the authority in your habitual residence, place of work, or place of the alleged infringement within the EU.

Profiling

We do not perform intrusive profiling that produces legal effects concerning you. Analytics cookies, if enabled, may help us understand aggregate navigation patterns but are not used to make automated decisions about creditworthiness or eligibility for Zenvitalea.

Changes to this policy

We may update this Privacy Policy to reflect legal, technical, or business developments. Material changes will be highlighted on this page with a new “Last updated” date. Continued use of the website after changes constitutes acknowledgement where permitted by law; where consent is required, we will obtain it separately.

Contact about privacy

For privacy questions or requests, email message@vomrelonttquozl.world or write to Vomrelonttquozl, Hietalahdenranta 5-7, 00120 Helsinki, Finland. We aim to respond within one month, which may be extended by two further months for complex requests as permitted under Article 12 GDPR.

Records of processing activities

Where Article 30 GDPR requires us to maintain records of processing activities, we document the purposes of processing, categories of data subjects and personal data, recipients, international transfers, retention timelines, and a description of security measures in an internal register. The register is available to supervisory authorities on request and is updated when we introduce new processing operations or tools.

Data protection officer

We have not appointed a data protection officer under Article 37 GDPR because our core processing activities do not require a mandatory DPO appointment under applicable guidance. Privacy questions are handled by our team at the contact details above. If our processing scale changes in a way that triggers a DPO requirement, we will publish an updated notice and contact point.

Personal data breaches

We maintain internal procedures to detect, respond to, and document personal data breaches. Where a breach is likely to result in a risk to your rights and freedoms, we will notify the supervisory authority without undue delay and, where required, communicate with affected data subjects with clear information about the nature of the breach and remedial steps, in line with Articles 33 and 34 GDPR.

Finnish national provisions

Finnish law supplements the GDPR in areas such as employment and certain public registers. Where national rules impose specific obligations on us, we implement them alongside this Policy. If you are a consumer in another EU Member State, mandatory consumer protection rules of that country may also apply to sales contracts.