Educational information only: general habit and lifestyle articles for adults in Finland— not medical, nutritional, psychological, or fitness advice; no diagnoses, treatments, or guaranteed outcomes. We do not sell medicines, supplements, telehealth, or coaching on this site. Terms of use · Privacy · Cookies.

Vain tiedoksi (FI): Yleistä elämäntapa-aineistoa aikuisille Suomessa—ei terveys-, ravitsemus-, psykologia- tai liikuntaohjausta; ei diagnooseja, hoitosuunnitelmia eikä taattuja tuloksia. Emme myy lääkkeitä, ravintolisiä, etäterveydenhuollon palveluja tai valmennusta tällä sivustolla. Käyttöehdot · Tietosuoja · Evästeet.

Whrexxondrax.world logo mark

Privacy policy

Last updated: 14 May 2026

This policy explains how Whrexxondrax.world (“we”, “us”) processes personal data when you use our website. Processing is subject to the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679) and the Finnish Data Protection Act (Tietosuojalaki, 1050/2018, as amended), which supplements the GDPR in Finland. Where cookies or similar technologies involve personal data, the GDPR applies together with EU rules on privacy in electronic communications; see also our Cookie policy.

This text is provided in English for clarity. If you need information in Finnish or Swedish, contact us and we will assist where reasonably possible.

Tietosuoja lyhyesti (FI): Käsittelemme henkilötietoja GDPR-asetuksen ja Suomen tietosuojalain mukaisesti. Sinulla on muun muassa oikeus tarkastaa tietosi, oikaista virheet, poistaa tietoja ja tehdä valitus tietosuojavaltuutetulle. Evästeistä kerrotaan evästekäytännössä.

1. Data controller

Controller: Whrexxondrax.world
Address: Raatihuoneenkatu / Rådhusgatan 3, 68600 Pietarsaari (Jakobstad), Finland
Email: askuse@whrexxondrax.world
Phone: +358 50 303 3700

We do not require you to appoint a Data Protection Officer for the processing described below; if that changes materially, we will update this page. For privacy requests, use the email address above with the subject line “Privacy request”.

2. Sources of personal data

We obtain personal data from:

  • You directly — for example when you complete the contact form or email us.
  • Your device and browser — technical data sent automatically when you load pages (and, if you consent, additional analytics data).

We do not buy marketing lists and we do not intend to collect special categories of data (such as health data) through this website.

3. Categories of personal data

Depending on how you use the site, we may process:

  • Contact form data: name, email address, message content, and the fact that you ticked the consent checkbox.
  • Technical data: browser type, device type, approximate region derived from IP, timestamps, and pages viewed (only if analytics cookies are accepted).
  • Cookie and consent records: your cookie choices and timestamps stored locally in your browser (local storage) for consent evidence.

4. Purposes and legal bases

Purpose Legal basis (GDPR)
Operating the website, security, and fraud prevention Legitimate interests (Art. 6(1)(f)), taking into account your rights and freedoms
Receiving and answering contact messages you send Your consent when you tick the GDPR checkbox on the form (Art. 6(1)(a)); and/or our legitimate interest in responding to a request you initiate (Art. 6(1)(f)), depending on the content of your message
Storing and evidencing cookie preferences Consent for non-essential cookies (Art. 6(1)(a)); legitimate interests for strictly necessary storage/access where exempt from consent under applicable ePrivacy rules
Optional analytics or marketing technologies, if enabled in the future after consent Consent (Art. 6(1)(a))
Compliance with legal obligations (e.g. retention for accounting or authority requests, if applicable) Legal obligation (Art. 6(1)(c))

Finnish national law may impose additional conditions for certain processing; we follow applicable provisions together with the GDPR.

5. Recipients and transfers

We use reputable hosting and email providers where personal data may be processed. If a provider processes data outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions, as required by GDPR Chapter V. A list of sub-processors can be requested by email.

6. Retention

  • Contact messages: typically retained up to 24 months unless a longer period is required for legal claims or bookkeeping, after which they are deleted or anonymised.
  • Server logs (if collected): rotated or deleted within a short technical window (for example up to 90 days) unless security investigation requires longer retention.
  • Consent records (local storage): remain on your device until you clear site data or we change the storage key with a renewed notice.

7. Your rights

Under the GDPR (as applied in Finland), you may have the following rights, subject to conditions and exceptions in law:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (“right to be forgotten”) (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20), where applicable
  • Right to object to processing based on legitimate interests (Art. 21(1)), and right to object to direct marketing (Art. 21(2))
  • Right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal (Art. 7(3))
  • Right to lodge a complaint with a supervisory authority (Art. 77)

To exercise your rights, email us at askuse@whrexxondrax.world with the subject line “Privacy request”. We may ask you to confirm your identity before we disclose or delete data. Under Art. 12(3) GDPR we aim to respond within one month, which may be extended by two further months in complex cases as permitted by law (we would inform you of any extension and reasons).

8. Right to lodge a complaint (Finland)

If you consider that our processing infringes applicable data protection law, you have the right to lodge a complaint with a supervisory authority. In Finland, the competent authority is the Office of the Data Protection Ombudsman (Tietosuojavaltuutettu).

  • Website and contact details: https://tietosuoja.fi/en
  • Postal address: Office of the Data Protection Ombudsman, P.O. Box 800, FI-00531 Helsinki, Finland
  • Visiting address (appointments): Lintulahdenkuja 4, FI-00530 Helsinki, Finland

Official contact channels may change; please verify the current address and electronic forms on the authority’s website before sending confidential documents.

9. Security and personal data breaches

We implement appropriate technical and organisational measures proportionate to the risk (such as access control, encryption in transit where available, vendor review, and instructions for anyone handling messages). No online transmission is completely risk-free; please avoid sending highly sensitive personal data (for example detailed health information) via the public contact form.

If a personal data breach is likely to result in a risk to your rights and freedoms, we will notify the supervisory authority and communicate with affected data subjects as required by Articles 33–34 GDPR and applicable Finnish provisions.

10. Direct marketing

We do not use contact form submissions to send unsolicited direct marketing. If we ever introduce a separate newsletter or similar, we will ask for a clear, opt-in consent and explain how to withdraw it.

11. Automated decision-making

We do not use automated decision-making or profiling as defined in GDPR Art. 22 based on the processing above.

12. Children

This site is aimed at a general adult audience. If you are a parent and believe a child has sent us personal data, contact us and we will delete it where appropriate.

13. Changes

We may update this policy to reflect legal, technical, or organisational changes. Material updates will be indicated by revising the “Last updated” date at the top.

Cookie policy Home