Vlexironphsmyx Get in touch

Publisher: Vlexironphsmyx, Helsinki, Finland (EU). · General lifestyle information only—not medical advice. · Privacy · Terms · Cookies

Legal

Privacy Policy

This document explains how Vlexironphsmyx processes personal data when you use our website, contact us, or interact with optional tools such as analytics when you give consent. We aim for clarity, proportionality, and compliance with the EU General Data Protection Regulation (GDPR) and Finnish privacy law.

GDPR EU hosting Data requests

Version 3 · Last updated: 7 April 2026 · Language: English

Introduction and scope

This Privacy Policy applies to personal data processed in connection with the website available at and related email communications. It does not apply to third-party websites or services that we do not control, even if you reach them through links on our site.

We publish general lifestyle information about everyday eating habits. We do not process health data for the purpose of providing medical care, diagnosis, or treatment. If you voluntarily include sensitive information in a message, we will limit use to what is necessary to respond or to comply with law.

Short summary: we collect only what we need, explain why we use it, and give you choices where the law requires.

Data controller and representative details

The controller responsible for processing is:

Entity Vlexironphsmyx
Address Hietalahdenranta 5–7, 00120 Helsinki, Finland
Phone +358 50 471 6993
Email callback@vlexironphsmyx.world

For privacy-related requests, email is preferred because it creates a clear record for both parties. If you contact us by phone, we may ask you to confirm details in writing before we disclose personal data.

Categories of personal data

Depending on how you interact with us, we may process the following categories:

  • Identity and contact data: name, email address, message content, and similar details you provide through forms or direct correspondence.
  • Technical data: IP address, browser type and version, device category, operating system, and referrer information collected through server logs.
  • Usage data: aggregated information about pages viewed, approximate time on page, and error events if you consent to optional analytics technologies.
  • Preference data: cookie consent choices stored locally or in consent records, and communication preferences where you opt in.
  • Security data: limited records relating to abuse prevention, including timestamps and suspicious activity indicators.

We do not aim to collect special categories of personal data (such as health data). If you include such information voluntarily, we will treat it with additional care and restrict processing to what is necessary.

Purposes of processing

We process personal data for specific, explicit purposes, including:

  • operating and securing the website, including load balancing and incident response;
  • responding to inquiries submitted through contact forms or email;
  • maintaining records of consent and preference choices for cookies and similar technologies;
  • measuring website performance and audience trends in aggregate if you opt in to analytics;
  • complying with legal obligations, including record-keeping where applicable;
  • establishing, exercising, or defending legal claims where necessary.

We do not use your personal data for automated profiling that produces legal or similarly significant effects concerning you.

Legal bases under GDPR

We rely on the following legal bases, as applicable:

  • Consent (Article 6(1)(a)): for optional cookies and similar technologies, and for certain marketing communications if you opt in.
  • Contractual necessity (Article 6(1)(b)): where processing is necessary to respond to your request before a contract exists, or to perform a contract with you.
  • Legal obligation (Article 6(1)(c)): where processing is necessary to comply with applicable law.
  • Legitimate interests (Article 6(1)(f)): for website security, service improvement, and internal analytics that do not require consent under ePrivacy rules, balanced against your rights.

Where we rely on legitimate interests, we consider whether the processing is necessary and proportionate, and we document our assessment.

Recipients and processors

We may share personal data with:

  • Hosting and infrastructure providers that store website files and process logs on our behalf under strict contractual terms.
  • Email and communication providers that deliver messages when you contact us.
  • Analytics or marketing vendors only if you consent and only to the extent permitted by your choices.
  • Professional advisers such as legal counsel where required for compliance or disputes.
  • Authorities when disclosure is required by law or a lawful request.

We do not sell personal data. We require processors to implement appropriate safeguards and to process data only on documented instructions.

Online advertising and measurement (including Google)

We may use online advertising and measurement technologies to understand how visitors discover our site and to show relevant messages, only where permitted by law and where you have given appropriate consent through our cookie controls (for example for analytics and marketing categories).

Providers such as Google (including Google Ads, Google Ads conversion tracking, Google Analytics, and similar Google Marketing Platform services) may process limited technical data and identifiers when those tools are loaded. Processing is subject to Google’s policies and, where applicable, the EU User Consent Policy for advertisers using personalized ads in the European Economic Area and the United Kingdom.

You can read how Google uses information from sites that use its services here: Google Partner Sites. You can manage ad personalization in your Google Account: Google Ads Settings, and learn about opting out of Google Analytics in browsers: Google Analytics Opt-out.

If we enable additional advertising or social pixels in the future, we will list them in our Cookie Policy and rely on consent where required.

International transfers

Where personal data is transferred outside the European Economic Area, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, unless an adequacy decision applies to the destination country.

We assess transfer risks and, where applicable, implement supplementary measures to ensure an essentially equivalent level of protection.

Retention periods

We retain personal data only as long as necessary for the purposes described:

  • Contact form and email threads: typically up to twenty-four months after the last substantive message, unless a longer period is needed for legal claims or obligations.
  • Server logs: typically up to ninety days, unless a longer period is justified for security investigations.
  • Consent records: up to twelve months or longer if required to demonstrate valid consent under regulatory expectations.
  • Legal and accounting records: as required by Finnish law, which may extend retention for certain categories.

When retention ends, we delete or anonymize data where feasible.

Security measures

We implement technical and organizational measures appropriate to the risk, including:

  • encryption in transit (HTTPS) for website traffic;
  • access controls limiting administrative access to systems that contain personal data;
  • secure hosting practices and monitoring for service availability;
  • instructions to personnel on confidentiality and data handling.

No method of transmission over the internet is completely secure. We encourage you to use strong passwords and avoid sharing sensitive information in unsecured channels.

Your rights

Depending on circumstances, you may have the following rights under GDPR:

  • Access: request confirmation of processing and a copy of your personal data.
  • Rectification: request correction of inaccurate data.
  • Erasure: request deletion where applicable.
  • Restriction: request limitation of processing in certain cases.
  • Objection: object to processing based on legitimate interests, where applicable.
  • Data portability: receive certain data in a structured, commonly used format where processing is based on consent or contract and is automated.
  • Withdraw consent: withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
  • Lodge a complaint: with a supervisory authority.

In Finland, the supervisory authority is the Office of the Data Protection Ombudsman (Tietosuojavaltuutettu). You can find current contact details on the authority’s official website.

Automated decision-making

We do not use automated decision-making, including profiling, that produces legal or similarly significant effects concerning you.

Children

The website is intended for adults and general audiences. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us and we will take appropriate steps.

Changes to this Policy

We may update this Privacy Policy to reflect operational, legal, or technical changes. The “Last updated” date will change accordingly. For material changes, we may provide additional notice on the website where appropriate.

Contact

For questions about this Policy or to exercise your rights, contact:

callback@vlexironphsmyx.world
Vlexironphsmyx · Hietalahdenranta 5–7 · 00120 Helsinki · Finland