logo
Ximthoremmath
Aqua Revive formula
Privacy and data protection

Privacy Policy

This Privacy Policy explains how Ximthoremmath collects, uses, stores and protects personal data in connection with the AQUA REVIVE website available at ximthoremmath.ddd. It is intended to comply with the General Data Protection Regulation (GDPR), the Finnish Data Protection Act and other applicable data protection laws.

Data controller

The data controller responsible for the processing of personal data on this website is:

Ximthoremmath
Mestarintie 11, 01730 Vantaa, Finland
Phone: +358456602220
Email: contact@ximthoremmath.world

Categories of data and sources

We may process the following categories of personal data when you interact with this website:

  • Identification and contact details, such as name and email address, when you use the contact or order form.
  • Message content that you voluntarily include in the form.
  • Technical data, such as IP address, browser type, device information and access time, collected through server logs and cookies.

Personal data is generally obtained directly from you when you fill in the form or contact us. Technical data can also be collected automatically when you access the website.

Purposes and legal bases

We process personal data for the following purposes:

  • Handling and responding to your enquiries or order-related messages.
  • Operating, maintaining and securing the website.
  • Analysing aggregated website usage in order to understand and improve the user experience, where you have given consent for analytics cookies.
  • Managing marketing preferences, including optional marketing communications, where you have given separate consent.

Depending on the situation, the processing is based on one or more of the following legal bases under GDPR:

  • Your consent, for example when you agree to the use of optional cookies or send us information via the form.
  • Performance of a contract or steps prior to entering into a contract, when you request information about an order or delivery.
  • Compliance with legal obligations, such as accounting and consumer protection requirements.
  • Legitimate interests, such as maintaining IT security, preventing misuse and ensuring an appropriate presentation of our online presence, provided that your interests and fundamental rights do not override these interests.

Data retention

We store personal data only for as long as necessary for the purposes described above or as required by law. Retention periods may vary depending on the category of data and applicable legal requirements.

  • Contact and order-related correspondence is generally kept for up to three years after the last interaction, unless longer retention is necessary for legal reasons.
  • Technical log data is usually kept for a short period necessary for security and maintenance purposes.
  • Cookie-related identifiers are stored for the lifetime of the cookie as described in the Cookie Policy.

Recipients and international transfers

We may share personal data with the following categories of recipients, only where necessary and subject to appropriate safeguards:

  • IT service providers and hosting providers that support the operation of the website.
  • Payment and logistics partners involved in handling orders, where applicable.
  • Professional advisers such as legal or accounting services, where required.
  • Authorities and public bodies where we are under a legal obligation to disclose data.

If data is transferred to countries outside the European Economic Area, we will ensure that appropriate safeguards are in place, such as standard contractual clauses, an adequacy decision or equivalent mechanisms under applicable law.

Your rights

Under GDPR and applicable law, you may have the following rights in relation to your personal data:

  • Right of access to your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure, subject to legal retention obligations.
  • Right to restriction of processing in certain circumstances.
  • Right to data portability, where processing is based on consent or contract and carried out by automated means.
  • Right to object to processing based on legitimate interests, including profiling, and to object at any time to processing for direct marketing.

Where processing is based on consent, you have the right to withdraw your consent at any time with effect for the future. This does not affect the lawfulness of processing based on consent before its withdrawal.

To exercise your rights or to ask questions about this Privacy Policy, you can contact us at contact@ximthoremmath.world or by mail to the address indicated above.

Security measures

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures are reviewed periodically and adapted in line with technological developments and risk assessments.

Supervisory authority

If you believe that the processing of your personal data infringes applicable data protection law, you have the right to lodge a complaint with a supervisory authority. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman. You may also contact your local authority.

Updates to this policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our processing activities. The latest version will always be available on this page and will indicate the date of the last update.