Privacy Policy

Last updated:

1. Data Controller

Shalmexxcrex
Pääskylänrinne 3, 00500 Helsinki, Finland
Email: support@shalmexxcrex.world
Phone: +358 45 2352871

2. Data We Collect

We may collect the following categories of personal data:

  • Contact information (name, email address) provided through our contact form
  • Message content submitted via the contact form
  • Technical data (IP address, browser type, device information) collected automatically when you visit our website
  • Cookie data and usage analytics, subject to your consent preferences

3. Purposes of Data Processing

We process personal data for the following purposes:

  • To respond to inquiries submitted through our contact form
  • To provide informational content about lifestyle and balanced nutrition
  • To improve website functionality and user experience
  • To analyze website traffic and usage patterns (with consent)
  • To comply with legal obligations

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under the GDPR:

  • Consent (Article 6(1)(a)) — for analytics and marketing cookies
  • Legitimate interest (Article 6(1)(f)) — for website functionality and security
  • Contract performance (Article 6(1)(b)) — to respond to your inquiries
  • Legal obligation (Article 6(1)(c)) — when retention or disclosure is required by applicable law

5. Data Retention

Personal data collected through the contact form is retained for a maximum of 12 months from the date of collection, unless a longer retention period is required by law. Server logs and security-related technical data may be stored for up to 12 months for fraud prevention and website security. Cookie consent preferences are stored locally on your device and are retained until you clear your browser data or withdraw consent.

6. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access — to obtain a copy of your personal data
  • Right to rectification — to correct inaccurate personal data
  • Right to erasure — to request deletion of your personal data
  • Right to restriction — to limit the processing of your data
  • Right to data portability — to receive your data in a structured format
  • Right to object — to object to processing based on legitimate interests
  • Right to withdraw consent — at any time, without affecting prior processing

To exercise any of these rights, please contact us at support@shalmexxcrex.world.

7. Data Sources

We collect personal data directly from you when you submit forms on our website. We may also collect limited technical data automatically from your device and browser during website access.

8. Data Recipients and Processors

We do not sell, trade, or rent your personal data. We may share data with trusted processors (such as hosting, analytics, and technical service providers) only to the extent necessary to operate the website and respond to your inquiry. Processing is performed under data processing agreements in accordance with Article 28 GDPR.

9. International Data Transfers

If your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, and we assess supplementary safeguards where required.

10. Automated Decision-Making

We do not use your personal data for automated decision-making, including profiling, that produces legal or similarly significant effects.

11. Children’s Data

Our website and services are intended for adults. We do not knowingly collect personal data from children under 13. If you believe a child has provided personal data, please contact us so we can remove it where required.

12. Supervisory Authority

You have the right to lodge a complaint with the Finnish Data Protection Ombudsman (Tietosuojavaltuutetun toimisto) or any other competent supervisory authority if you believe your data protection rights have been violated.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.

14. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted data transmission (HTTPS), access controls, and regular security reviews.