Shodrexxflix

Privacy Policy

Last updated: March 2025

1. Controller and contact details

The data controller responsible for your personal data in connection with this website and the services described herein is:

Shodrexxflix
Mannerheimintie 96
00250 Helsinki
Finland

Email: serviceteam@shodrexxflix.world
Phone: +358 300 20200

You may contact us at any time with questions about this Privacy Policy or to exercise your data protection rights.

2. Scope and legal basis

This Privacy Policy applies to the processing of personal data in relation to the website shodrexxflix.world (the "Website") and the sale of Actilora Vital and related customer communications. We process personal data in accordance with the EU General Data Protection Regulation (GDPR), the Finnish Data Protection Act (Tietosuojalaki 1050/2018), and other applicable Finnish and European laws.

Personal data means any information relating to an identified or identifiable natural person. We describe below what data we collect, for what purposes, on what legal basis, and for how long we retain it.

3. Personal data we collect and purposes

3.1 Data you provide when ordering or contacting us

When you place an order or send an enquiry via the contact or order form, we may collect:

  • Name
  • Email address
  • Phone number (if you provide it)
  • Message content
  • Any other information you voluntarily include in your message

Purpose: To process your order, respond to your enquiries, and communicate with you about your order (confirmations, shipping, support).

Legal basis: Performance of a contract (Art. 6(1)(b) GDPR) and, where applicable, our legitimate interest in handling general enquiries (Art. 6(1)(f) GDPR).

3.2 Technical and usage data

When you visit the Website, we may automatically collect technical data such as your IP address, browser type and version, device type, operating system, referring URL, pages visited, and approximate time of access. Such data may be processed via cookies and similar technologies as described in our Cookie Policy.

Purpose: To ensure the security and proper functioning of the Website, to prevent abuse, and (where you have consented) to analyse and improve the Website.

Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) for security and functionality; consent (Art. 6(1)(a) GDPR) for analytics and marketing-related processing where applicable.

3.3 Payment and delivery data

If you purchase products, we may process data necessary for payment processing and delivery (e.g. name, address, email, phone, and any payment-related identifiers provided by our payment service provider). We do not store full card numbers on our systems; payment details are handled by certified payment processors.

Purpose: To fulfil the contract, process payments, and deliver the products.

Legal basis: Performance of a contract (Art. 6(1)(b) GDPR) and compliance with legal obligations (e.g. tax and accounting) where applicable (Art. 6(1)(c) GDPR).

4. Retention periods

We retain your data only for as long as necessary for the purposes described above or as required by law.

  • Order and customer data: For the duration of the contractual relationship and thereafter for the period required under Finnish law for accounting and tax purposes (typically at least 6 years from the end of the financial year).
  • Enquiry data (no order): Generally up to 24 months from the last contact, unless a longer retention is justified (e.g. legal claims).
  • Technical and access logs: As necessary for security and troubleshooting, typically up to 12 months, unless a shorter or longer period is required by law or for legal proceedings.
  • Cookie-related data: As set out in our Cookie Policy.

After the retention period, we delete or anonymise your data so that it can no longer identify you.

5. Recipients and transfers

We may share your personal data with:

  • Service providers who process data on our behalf (e.g. hosting, payment processing, shipping, email delivery), under strict contractual obligations to protect your data and use it only for the agreed purposes.
  • Public authorities when required by law (e.g. tax, customs, or law enforcement).

We do not sell your personal data to third parties. If we use service providers outside the European Economic Area (EEA), we ensure appropriate safeguards are in place (e.g. standard contractual clauses or adequacy decisions) as required by GDPR.

6. Your rights under GDPR

You have the following rights in relation to your personal data:

  • Right of access (Art. 15): You may request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16): You may request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17): You may request deletion of your data where the legal conditions are met (e.g. data no longer necessary, consent withdrawn, unlawful processing).
  • Right to restriction of processing (Art. 18): You may request that we limit how we use your data in certain circumstances.
  • Right to data portability (Art. 20): Where processing is based on contract or consent and carried out by automated means, you may request to receive your data in a structured, commonly used format.
  • Right to object (Art. 21): You may object to processing based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto), tietosuoja.fi.

To exercise any of these rights, please contact us using the contact details in section 1. We will respond within one month, and we may need to verify your identity.

7. Security measures

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include:

  • Use of HTTPS (TLS/SSL) for all pages to encrypt data in transit.
  • Restricted access to personal data on a need-to-know basis.
  • Secure storage and handling of data by our staff and processors.
  • Regular review of our practices and contracts with processors.

Despite our efforts, no transmission over the internet or electronic storage is completely secure. We encourage you to use strong passwords and to contact us if you suspect any unauthorised use of your data.

8. Children

Our Website and services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will delete it promptly.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the law, or the Website. The "Last updated" date at the top will be revised when we make material changes. We encourage you to review this page periodically. Where required by law, we will seek your consent or notify you of significant changes.

10. Contact

For any questions about this Privacy Policy or our processing of your personal data, please contact us:

Shodrexxflix
Mannerheimintie 96, 00250 Helsinki, Finland
Email: serviceteam@shodrexxflix.world
Phone: +358 300 20200