Privacy Policy

1. Introduction

Welcome to Shrixxenthron ("we," "our," or "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website shrixxenthron.world and purchase our products, including CorWellness.

This policy is designed to comply with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Finnish Data Protection Act (1050/2018), and other applicable data protection laws.

2. Information We Collect

2.1 Personal Data You Provide

We collect personal data that you voluntarily provide to us when you:

• Place an order through our website
• Create an account or register on our site
• Subscribe to our newsletter
• Contact us with inquiries or feedback
• Participate in surveys or promotions

This information may include:

• Identity Data: First name, last name
• Contact Data: Email address, phone number (optional), billing address, delivery address
• Transaction Data: Details about payments and orders
• Communication Data: Your correspondence with us, including messages and feedback

2.2 Automatically Collected Data

When you visit our website, we may automatically collect certain information, including:

• Technical Data: IP address, browser type and version, time zone setting, operating system
• Usage Data: Pages visited, time spent on pages, navigation paths, click patterns
• Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)

3. Legal Basis for Processing

Under GDPR, we process your personal data based on one or more of the following legal grounds:

• Contract Performance (Article 6(1)(b)): Processing necessary to fulfill our contract with you, including processing and delivering your orders.
• Consent (Article 6(1)(a)): Where you have given explicit consent for specific purposes, such as receiving marketing communications.
• Legitimate Interests (Article 6(1)(f)): Processing necessary for our legitimate business interests, such as improving our services, fraud prevention, and website analytics, provided these interests do not override your rights.
• Legal Obligation (Article 6(1)(c)): Processing necessary to comply with legal obligations, such as tax and accounting requirements.

4. How We Use Your Information

We use your personal data for the following purposes:

• To process and fulfill your orders, including shipping and payment processing
• To communicate with you about your orders, including order confirmations and shipping updates
• To provide customer support and respond to your inquiries
• To send you marketing communications (with your consent)
• To improve our website, products, and services
• To analyze website usage and user behavior
• To prevent fraud and maintain website security
• To comply with legal obligations

5. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

• Service Providers: Third-party companies that help us operate our business, including payment processors, shipping companies, hosting providers, and analytics services. These providers are contractually obligated to protect your data and use it only for the specified purposes.
• Legal Requirements: We may disclose your data if required by law, court order, or government request, or to protect our rights, privacy, safety, or property.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with adequate data protection laws as determined by the European Commission
• Other legally approved transfer mechanisms

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Order Data: Retained for 7 years after the transaction for tax and accounting purposes, as required by Finnish law.
• Marketing Data: Retained until you withdraw your consent or unsubscribe.
• Website Analytics Data: Retained for up to 26 months.
• Customer Support Communications: Retained for 3 years after the last interaction.

After the retention period expires, we will securely delete or anonymize your data.

8. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

• Right of Access (Article 15): You can request a copy of the personal data we hold about you.
• Right to Rectification (Article 16): You can request correction of inaccurate or incomplete data.
• Right to Erasure (Article 17): You can request deletion of your personal data under certain circumstances ("right to be forgotten").
• Right to Restriction (Article 18): You can request that we limit the processing of your data under certain circumstances.
• Right to Data Portability (Article 20): You can request to receive your data in a structured, commonly used format.
• Right to Object (Article 21): You can object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Where processing is based on consent, you can withdraw your consent at any time.
• Right to Lodge a Complaint: You have the right to file a complaint with a supervisory authority. In Finland, this is the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto).

To exercise any of these rights, please contact us using the contact details provided below.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using SSL/TLS protocols
• Secure servers and databases with access controls
• Regular security assessments and updates
• Staff training on data protection and security
• Limited access to personal data on a need-to-know basis

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

10. Children's Privacy

Our website and products are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

11. Links to Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a new "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

We will respond to your inquiry within 30 days as required by GDPR.

14. Supervisory Authority

If you are not satisfied with our response or believe we are processing your data unlawfully, you have the right to lodge a complaint with the Finnish Data Protection Authority: