Privacy Policy
Last updated:
1. Data controller
The controller responsible for personal data processed through this website is:
| Trading name | Trizeloneiazai |
|---|---|
| Address | Kansankatu 2, 96100 Rovaniemi, Finland |
| General / privacy contact | info@trizeloneiazai.world |
For EU GDPR requests you may also use the same contact channels listed in the site footer.
2. Categories of data we collect
- Identity and contact details you type into forms (name, email, optional phone, message content).
- Technical data from your device (IP address, browser type, approximate location derived from network information) through server logs and static assets.
- Cookie and similar identifiers when you accept optional categories described in the Cookie Policy.
3. Purposes and legal bases (GDPR Art. 6)
| Purpose | Legal basis | Typical retention |
|---|---|---|
| Answering enquiries and order requests | Performance of pre-contractual steps / contract | Up to 24 months after last contact unless law requires longer |
| Cookie consent records | Consent / legitimate interest (evidence of choice) | 12 months from last update |
| Website security and abuse prevention | Legitimate interests | Rotating server logs, usually up to 90 days |
| Legal claims and regulatory duties | Legal obligation / legitimate interests | As required by applicable law |
| Online advertising and conversion measurement when you allow marketing cookies | Consent where required by law; otherwise legitimate interests limited to aggregated reporting | See Cookie Policy; typically up to 13 months per vendor defaults |
4. Recipients and processors
We may share limited data with hosting providers, email delivery services, and payment or logistics partners strictly where needed to operate the store. Written data processing agreements are used when GDPR requires them.
5. International transfers
If a processor is located outside the European Economic Area, we rely on European Commission standard contractual clauses or another approved transfer mechanism under Chapter V GDPR.
6. Security measures
We apply HTTPS encryption for visitor connections, role-based access for internal accounts, patching for infrastructure, and separation between production and test environments. No control can guarantee absolute security, so you should also protect your login devices.
7. Geography, advertising topics, and platform rules
This storefront is operated from Rovaniemi, Finland, and primarily serves consumers in the European Economic Area and the United Kingdom. Technical data such as IP-derived region or language settings may be processed to show the correct currency display, comply with local consumer rules, and—for visitors who opt in—to measure digital campaigns.
Inventory consists of food supplements only. We do not use this website to promise treatment outcomes, to target advertisements at named diseases, or to collect special-category health data for ad personalisation. Campaign copy, keywords, and landing pages are reviewed so that they stay within applicable platform policies, including Google Ads requirements for healthcare and supplement advertisers.
If an ad network flags a creative or landing element, we adjust or pause it. Destinations linked from advertisements match the product category shown in the ad and omit therapeutic claims beyond what food law allows.
8. Your rights
Subject to conditions in GDPR chapters III and IV, you may request access, rectification, erasure, restriction, portability, and objection regarding personal data we process. You may withdraw consent for processing based on consent at any time without affecting prior lawful processing.
You may lodge a complaint with the Finnish Office of the Data Protection Ombudsman (https://tietosuoja.fi/en/).