This Privacy Policy describes how Vunarexxxarlenox.world collects, uses, stores, and protects personal data when you browse vunarexxxarlenox.world, correspond with us about Vamero, or complete related transactions. We align our practices with the EU General Data Protection Regulation (EU) 2016/679 (“GDPR”), Finland’s Data Protection Act (1050/2018), and, where applicable, the ePrivacy Directive as transposed into national law. Where UK or Swiss residents use our services, we apply equivalent transparency and fairness principles.
Controller and representative capacity
The controller responsible for processing is Vunarexxxarlenox.world, with its principal contact point at Korkeavuorenkatu 2, 00140 Helsinki, Finland. Email: question@vunarexxxarlenox.world. We do not require a Data Protection Officer appointment for our current processing profile; nonetheless, privacy enquiries receive priority handling from trained staff.
Categories of personal data
Depending on your interaction, we may process identity and contact data (name, email, postal address, telephone number when provided), transaction and billing references (processed by payment partners), communication content (free-text messages, attachments you send), technical data (IP address, browser type, device identifiers, approximate region derived from IP, timestamps, referring URL), security logs (failed login attempts where applicable, rate-limiting metadata), and cookie identifiers as described in our Cookie Policy. We avoid collecting sensitive categories of data unless you voluntarily supply them and we have a lawful basis to retain them.
Purposes and legal bases
We process personal data for: (1) website security, availability, and abuse prevention, relying on legitimate interests (Art. 6(1)(f) GDPR) balanced against your rights; (2) responding to enquiries and performing steps prior to contract when you request information or quotes (Art. 6(1)(b)); (3) performing purchase contracts, including delivery and payment orchestration (Art. 6(1)(b)); (4) meeting accounting, tax, and regulatory record-keeping duties (Art. 6(1)(c)); (5) sending optional newsletters or marketing communications where you provide opt-in consent (Art. 6(1)(a)); (6) optional analytics and marketing cookies where you grant consent through the cookie banner (Art. 6(1)(a)).
Recipients and international transfers
We engage subprocessors for hosting, transactional email, payment acquiring, customer relationship tooling, and—when permitted—analytics. Subprocessors may be located in the EU, EEA, United Kingdom, or United States. Transfers outside the EEA rely on adequacy decisions, Standard Contractual Clauses, or supplementary technical measures such as encryption in transit and access logging. A current list of categories of recipients is available upon request.
Retention schedules
Marketing consent records remain until withdrawal, after which we delete or anonymise identifiers within thirty days unless proof of consent must be retained longer under law. Contractual and accounting records may be kept up to ten years where Finnish bookkeeping and consumer protection rules require. Customer support tickets are generally retained twenty-four months from the last substantive reply unless a dispute extends the need. Security logs rotate after ninety days except where forensic retention is justified. Cookie lifetimes follow the Cookie Policy.
Security measures
We implement TLS for data in transit, role-based access controls, multi-factor authentication for administrative interfaces, vendor security reviews for material processors, patch management for supported systems, and contractual confidentiality obligations. No security architecture is infallible; we maintain incident response procedures and will notify supervisory authorities and affected individuals when required by law.
Your rights
You may request access, rectification, erasure, restriction of processing, data portability, and object to processing based on legitimate interests. You may withdraw consent at any time without affecting the lawfulness of prior processing. You may lodge a complaint with the Finnish Office of the Data Protection Ombudsman (tietosuoja.fi). We respond to rights requests within one month, extendable by two further months where complex, and we may request reasonable identity verification.
Automated decision-making
We do not employ automated decision-making, including profiling, that produces legal or similarly significant effects on individuals.
Children
Our services are not directed at children under sixteen. We do not knowingly collect personal data from children; if we learn that we have, we delete it promptly.
Processors and onward transfers
We maintain written agreements with processors that require confidentiality, implement appropriate technical and organisational measures, and assist with responding to data subject requests. Any onward transfer to a subprocessor occurs only with our authorisation and equivalent safeguards.
Personal data breaches
Where a breach is likely to result in a risk to your rights and freedoms, we will notify the supervisory authority without undue delay and, when required, communicate with affected individuals, describing the nature of the breach, likely consequences, and measures taken.
Advertising and measurement partners
Where you consent to marketing or analytics cookies, partners may process pseudonymous identifiers to measure campaign performance or site usage. You can withdraw consent at any time via the cookie settings.
Policy updates
We may revise this Policy to reflect legal, technical, or organisational changes. Material updates will be signposted on this page with a refreshed “Last reviewed” date. Continued use after notice constitutes acknowledgement where permitted by law.