Privacy Policy

Last updated:

1. Data Controller

The data controller responsible for your personal data is:

Ghipharezeler
Lapinlahdenpolku 8, 00180 Helsinki, Finland
Email: contact@ghipharezeler.world
Phone: +358 45 1687796

2. What Data We Collect

We may collect the following categories of personal data:

• Contact information: name and email address provided through our contact form
• Message content: the text you submit via the contact form
• Technical data: IP address, browser type, operating system, referring URLs, and pages visited
• Cookie data: preferences and usage data as described in our Cookie Policy

3. Purpose of Data Processing

We process your personal data for the following purposes:

• To respond to your inquiries submitted through the contact form
• To ensure the technical functionality and security of our website
• To analyze website usage patterns and improve our content (with consent)
• To comply with legal obligations

4. Legal Basis for Processing

We process your data based on the following legal grounds under GDPR Article 6:

• Consent (Art. 6(1)(a)): for analytics and marketing cookies, and where explicitly requested before optional processing
• Legitimate interest (Art. 6(1)(f)): for replying to contact messages, preventing abuse, website security, and technical functionality
• Steps prior to entering a service relationship (Art. 6(1)(b), where applicable): for handling service-related pre-contract requests you initiate
• Legal obligation (Art. 6(1)(c)): for compliance with applicable laws

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Contact form data: retained for up to 12 months after the inquiry is resolved
• Analytics data: retained for up to 26 months
• Cookie consent records: retained for up to 12 months

6. Data Sharing and Transfers

We do not sell, rent, or trade your personal data. We may share data with:

• Hosting providers and technical service providers necessary for website operation
• Analytics services (if you have given consent)

If data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

6A. Data Processors

We use carefully selected processors (for example hosting, analytics, and communication tools) acting on our documented instructions. Data Processing Agreements are in place where required under GDPR Article 28.

7. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of access: request a copy of the personal data we hold about you
• Right to rectification: request correction of inaccurate or incomplete data
• Right to erasure: request deletion of your personal data ("right to be forgotten")
• Right to restriction: request limitation of data processing
• Right to data portability: receive your data in a structured, commonly used format
• Right to object: object to processing based on legitimate interest
• Right to withdraw consent: withdraw consent at any time without affecting prior processing

To exercise any of these rights, please contact us at contact@ghipharezeler.world.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted data transmission (SSL/TLS), access controls, and regular security assessments.

9. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Finnish Data Protection Ombudsman (Tietosuojavaltuutetun toimisto) or the supervisory authority in your country of residence.

Contact details of the Finnish supervisory authority are available at tietosuoja.fi.

9A. Children

This website is intended for a general adult audience and is not directed to children under 13. We do not knowingly collect personal data from children under 13 via our forms.

9B. Automated Decision-Making

We do not use your personal data for solely automated decision-making, including profiling, that produces legal or similarly significant effects under GDPR Article 22.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.