Privacy Policy

Google Translate --> The Privacy Policy is currently only available in English. If you do not understand English, please translate the Privacy Policy before proceeding to use the website.
To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/. The legal basis for the processing of personal data in this context are Art. 6 (1) (c) GDPR and Art. 6 (1) (f) GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents. The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents. Biofrost website visitor can change consent settings here

VIKING LAB OY – PRIVACY POLICY

If you have any questions or concerns regarding this Privacy Policy, please feel free to reach out to us using the contact information provided below.

1. WHO WE ARE

Viking Lab Oy
Vanha Vaasantie 8 C
33470, Ylöjärvi
Finland
Phone: +358 44 0221422

Company registration number: FI26181268

2. GDPR CONTACT PERSON

The GDPR contact person in our company is:

  • Name: Heikki Lehmuslehti
  • Position: Chief Executive Officer (CEO)
  • Email: heikki@vikinglab.fi
  • Phone Number: +358 44 0221422

3. COLLECTED DATA

Our website uses Google Analytics, which collects information about visitors and their behavior on the site. The collected data may include:

  • IP Address: This allows for the determination of the user’s general location.
  • Browser Information: Information about which browser and version you are using.
  • Operating System: Information about which operating system is in use (e.g., Windows, macOS, Android).
  • Session Duration and Page Views: How long you stay on the site and which pages are the most viewed.
  • User Location: Your general location, such as city or country.

In addition to the data collected by Google Analytics, we also collect personal information related to your online store orders. This may include:

  • Name: To identify you as the customer.
  • Email Address: For order confirmation, updates, and customer service communication.
  • Billing Address: To process payments and for invoicing purposes.
  • Shipping Address: To ensure that your orders are delivered to the correct location.
  • Order Details: Information about the products you purchased, including quantities and prices.

3.1 Purpose of Use

We collect data to improve user experience and optimize the functionality of our website. The collected data is used for purposes such as:

  • Analyzing website traffic and user behavior, including through the use of cookies for tracking and analytics.
  • Identifying which pages are the most popular and which areas need improvement.
  • Providing users with better and more relevant content and advertisements.
  • Processing and fulfilling your orders accurately.
  • Communicating with you regarding your orders, inquiries, and customer service requests.

4. COOKIES

Our site uses cookies to gather information about user interactions. Cookies are small text files that are stored on your device when you visit the site. We use cookies to improve your browsing experience and for analytical purposes. The cookies on our site include:

4.1 Essential Cookies

These cookies are necessary for the basic functionality of our site and are automatically loaded when you visit the site. They enable critical features like language preferences and basic site functionality:

  • _icl_visitor_lang_js: This cookie stores the user’s browser language to automatically display the site in the correct language. It helps ensure smooth navigation for users by directing them to the appropriate language version of the site.
  • wpml_browser_redirect_test: This cookie tests whether the browser supports redirection between different language versions of the site. It is necessary for properly redirecting users to the correct language version.
  • Essential WordPress Plugin Cookies: These cookies are necessary for the basic functionality of the site and are set by various WordPress plugins. They enable essential features such as user authentication, security, and the functioning of forms and comment sections. Without these cookies, certain parts of the site may not work as intended.

4.2 Non-Essential Cookies (Requires User Consent)

These cookies are not essential for the site’s basic functionality and are only activated after you provide consent. They are used for enhancing user experience, analytics, and serving personalized content such as embedded videos:

  • Google Analytics Cookies: Used to track how often the site is visited, identify users, and collect information about their behavior on the site. These cookies help us enhance the usability of the site and analyze its performance.
  • YouTube Embedded Player Cookies: When videos from YouTube are embedded on our site, cookies such as DoubleClick (owned by Google) may be used. These cookies can track user interactions with the embedded videos and may serve personalized ads.
  • WPML Cookies: Used by the WPML plugin to manage multi-language functionality on the site. These cookies help remember the user’s language preferences and ensure that content is displayed in the correct language. These cookies only store information after user consent.
  • Google Fonts Cookies: Used to load custom fonts on our site. Google Fonts sets cookies to remember your font preferences and optimize the loading speed of the fonts on different pages. This cookie will only load after consent.
  • WooCommerce Cookies: Used by the WooCommerce plugin to manage the online store. These cookies help track items in your shopping cart, process orders, and maintain user sessions during shopping. They ensure the correct functionality of the store, such as adding products to the cart and checking out, and will only activate after consent.
  • WordPress Emoji Cookies: WordPress uses cookies to load and display emoji icons properly across different browsers. These cookies help ensure consistent display of emojis on the site.
  • Google Maps Cookies: When we embed Google Maps on our site, cookies may be set to store user preferences and track interactions with the map. These cookies enhance user experience by remembering your map settings and will only activate after consent.

Users have the right to manage cookies and choose whether to accept them or not. You can change your cookie settings in your browser at any time. Please note that disabling cookies may affect the functionality of non-essential features, such as viewing embedded YouTube videos or completing purchases in the online store.

For more information about cookies and how to manage or disable them, please visit AllAboutCookies.org. To learn more about the cookies used on Biofrost.fi and to adjust your cookie settings, click here.

5. HOW DO WE USE YOUR PERSONAL INFORMATION?

We collect personal information to provide and enhance our services, specifically for the operation of our online store. The personal information we collect includes your name, contact information, billing address, and shipping address. This information is necessary for the following purposes:

  • Order Processing: We use your personal information to process and fulfill your orders, ensuring that the goods are delivered to the correct address.
  • Customer Communication: We may use your contact information to communicate with you regarding your orders, provide updates, and respond to inquiries.
  • Payment Processing: Your billing information may be used to process payments for the goods you purchase.
  • Improving Services: We may analyze personal information to improve our website, products, and services, ensuring a better user experience.

We will not use your personal information for any purposes other than those outlined above without obtaining your explicit consent. Your personal data will be securely stored and processed in compliance with GDPR requirements. You have the right to request access to your personal information, request corrections, or request deletion of your data at any time.

Biofrost online store is currently closed and doesn’t collect any data.

6. HOW LONG WE RETAIN YOUR DATA

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including the processing of your orders and compliance with legal obligations. Specifically, we will retain your order data from the Biofrost online store until you request its deletion.

If you would like to have your personal data removed, you may contact us at any time, and we will ensure that your data is deleted promptly, in accordance with your rights under the General Data Protection Regulation (GDPR).

Please note that we may retain certain information as required by law or for legitimate business purposes, such as maintaining records for tax or audit compliance.

7. DATA RETENTION AND YOUR RIGHTS

Under the General Data Protection Regulation (GDPR), you have certain rights regarding your personal data that we collect and process. These rights include:

  • Right to Access: You have the right to request access to the personal information we hold about you. This includes details about your orders, such as order history and specific data we have collected.
  • Right to Rectification: If you believe that any information we hold about you is inaccurate or incomplete, you have the right to request corrections to that information.
  • Right to Erasure: You have the right to request the deletion of your personal data from our records at any time. Upon your request, we will delete your data promptly, in accordance with your rights under GDPR.
  • Right to Restrict Processing: You have the right to request the restriction of processing your personal data under certain circumstances.
  • Right to Withdraw Consent: If we are processing your data based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the information provided on our website. We will respond to your request without undue delay and, in any case, within one month.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including the requirements of applicable laws and regulations. The specific retention periods for different types of data are determined based on the following criteria:

  • Legal Obligations: We may be required to retain certain personal data to comply with applicable laws and regulations.
  • Contractual Requirements: If you have placed an order with us, we will retain your personal information as long as necessary to complete the order and fulfill our contractual obligations.
  • User Requests: You may request the deletion of your personal data at any time, and we will comply with such requests in accordance with applicable law.
  • Business Needs: We will retain your data as long as it is necessary for our legitimate business interests, such as maintaining the performance and security of our website and improving our services.

When your personal data is no longer required for these purposes, we will securely delete or anonymize it in accordance with applicable data protection laws. If you have any questions about our data retention practices, please feel free to contact us.

8. DATA PORTABILITY

Under the General Data Protection Regulation (GDPR), you have the right to data portability. This means you can request a copy of your personal data that we hold about you in a structured, commonly used, and machine-readable format. However, please note that as a WordPress website owner using Google Analytics, our ability to provide specific personal data may be limited. Google Analytics collects aggregated data about website usage, which does not include identifiable personal information. Therefore, we can only provide personal data that you have directly shared with us through actions such as creating an account, placing an order, or leaving comments. Additionally, you have the option to opt out of providing analytics details by managing your preferences through our consent banner.

The personal data we may hold about you includes information you have provided when:

  • Placing orders on our website.
  • Signing up for newsletters.
  • Creating an account on our website.
  • Leaving comments on posts or pages.

Please note that if you have not engaged with our services in these ways, we may not have any personal data associated with you. When you request your data, we will provide it in a format that can typically include details such as:

  • Name: Your name as provided during account registration, order placement, newsletter signup, or when leaving a comment.
  • Email Address: Your email used for communication, order confirmations, or associated with your comments, if provided.
  • Username: Your chosen username for logging into the website, applicable only if you have created an account.
  • Password: (hashed) Your password is securely stored and not directly retrievable, applicable only if you have an account.
  • Billing Address: The address used for billing purposes, applicable only if you have placed an order.
  • Shipping Address: The address used for shipping your orders, applicable only if you have placed an order.
  • Phone Number: Your contact number, if provided and applicable.
  • Order History: Information about the orders you have placed, including products purchased and dates of purchase, applicable only if you have placed an order.
  • Date of Registration: The date when you registered on our website, applicable only if you have created an account.
  • User Roles: Your assigned roles (e.g., subscriber, customer) on the site, applicable only if you have created an account.
  • Comments: Any comments you have left on our posts or pages, including the content of the comment and the date it was posted.

WordPress generally stores user data in a format like JSON, which allows for easy data transfer. However, please keep in mind that not all fields may be available if you have not provided this information or engaged with the services.

To exercise your right to data portability, please contact us using the information provided in the Contact Us section of this policy. We will respond to your request without undue delay and, in any case, within one month.

Please remember that Google Analytics data is aggregated and does not allow us to identify individual users, so we cannot provide specific analytics data pertaining to you.

9. WHO WE SHARE YOUR DATA WITH

We may share your personal data with third parties in the following circumstances:

  • Google Analytics: We share data with Google Analytics to analyze website traffic and user behavior. However, we will only share this data if you have given your explicit consent to do so. Your consent allows us to understand how our website is used and to make improvements based on user interaction.
  • YouTube: If our website includes embedded YouTube videos, please be aware that YouTube may collect data from users who interact with these videos. This data collection will also only occur if you have provided your consent. The use of YouTube features may result in the collection of information such as your IP address and usage data.
  • WordPress: Our website is built on the WordPress platform, which may collect certain data as part of its functionality. This includes data necessary for managing user accounts, processing orders, and maintaining site security.
  • Essential Plugins: We use essential plugins to enhance website functionality and user experience. These plugins may collect personal data as part of their operations. We ensure that any plugins we use comply with GDPR regulations.

We do not sell, trade, or otherwise transfer your personal information to third parties without your explicit consent, except as required by law or as necessary to protect our rights.

If you have any questions about the sharing of your personal data, please do not hesitate to contact us.

10. AUTOMATED DECISION-MAKING

  • We do not engage in automated decision-making processes that significantly affect users.
  • The data collected through Google Analytics is used solely for analysis and improving user experience on our website.
  • No personal data is used for automated profiling or decision-making that would have legal or similar significant effects on individuals.

11. PERSONAL DATA BREACH NOTIFICATION

In the event of a personal data breach that may pose a risk to your rights and freedoms, we are committed to informing you without undue delay. If we become aware of a breach involving your personal data, we will take the necessary steps to assess the situation and mitigate any potential harm.

As required by the General Data Protection Regulation (GDPR), we will notify the relevant supervisory authority of the breach within 72 hours of becoming aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals.

Our notification to you will include:

  • A description of the nature of the breach.
  • The likely consequences of the breach.
  • The measures we have taken or plan to take to address the breach and mitigate its effects.
  • Contact details for further information.

We take the security of your personal data seriously and will implement all necessary measures to protect it. If you have any questions or concerns regarding our data protection practices, please do not hesitate to contact us.

12. USER RIGHTS

Under the General Data Protection Regulation (GDPR), you have certain rights regarding your personal data that we collect and process. These rights include:

  • Right to Access: You have the right to request access to the personal information we hold about you. This includes details about your orders, such as order history and specific data we have collected.
  • Right to Rectification: If you believe that any information we hold about you is inaccurate or incomplete, you have the right to request corrections to that information.
  • Right to Erasure: You have the right to request the deletion of your personal data from our records at any time. Upon your request, we will delete your data promptly, in accordance with your rights under GDPR.
  • Right to Restrict Processing: You have the right to request the restriction of processing your personal data under certain circumstances.
  • Right to Data Portability: You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format. You may also request that we transfer your data to another data controller.
  • Right to Withdraw Consent: If we are processing your data based on your consent, you have the right to withdraw that consent at any time. You can change your consent preferences at this link: Change Consent.

To exercise any of these rights, please contact us using the information provided on our website. We will respond to your request without undue delay and, in any case, within one month.

13. ACCESS PERSONAL INFORMATION

Under the General Data Protection Regulation (GDPR), you have the right to access your personal information that we hold. This right allows you to obtain confirmation from us as to whether or not we are processing your personal data and, if so, to request access to the specific data we have collected about you.

Your right to access includes:

  • The purpose of processing: You have the right to know why we are processing your data.
  • The categories of personal data: You can request information about the types of personal data we hold about you.
  • The recipients: You have the right to know who your personal data has been shared with, including third parties.
  • The retention period: You can ask how long your personal data will be stored.
  • The right to request corrections: If you believe that any information we hold about you is incorrect or incomplete, you have the right to request corrections.

To exercise your right to access your personal information, please contact us using the information provided on our website. We will respond to your request within one month and provide you with a copy of your personal data in a structured, commonly used, and machine-readable format.

If your request is complex or if we receive multiple requests from you, we may extend the response time by an additional two months. In such cases, we will inform you of the extension and the reasons for the delay.

14. HOW WE PROTECT YOUR DATA

The security of your personal data is of utmost importance to us. Our website is hosted by OVH, a reputable hosting provider located in France. OVH is known for its commitment to data security and privacy, employing industry-leading measures to protect data from unauthorized access, disclosure, alteration, and destruction.

We implement a variety of security measures to ensure the protection of your personal information, including:

  • Encryption: We use encryption protocols to safeguard your personal data during transmission and storage.
  • Access Controls: We restrict access to your personal information to authorized personnel only, who require it for their job functions.
  • Regular Security Audits: We conduct regular security assessments and audits to identify and address potential vulnerabilities.
  • Data Backup: We perform regular backups of our data to ensure that your information is protected against loss or corruption.
  • Compliance with GDPR: We are committed to complying with the General Data Protection Regulation (GDPR) and other relevant data protection laws to ensure the highest standards of data privacy and security.

While we take reasonable measures to protect your personal data, please understand that no method of transmission over the internet or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions or concerns about our data protection practices, please do not hesitate to contact us. In all OVH datacentres, access is strictly monitored. To avoid any intrusions or risks, each perimeter is secured with barbed wire fences. The area is also monitored by constant video surveillance and motion detection sensors. Activity both within and outside of the datacentres is monitored and recorded on secure servers, with surveillance teams working on site, 24/7. In order to control and monitor access to the OVH premises, strict security procedures have been put in place. Each staff member receives a RFID name badge, which is also used to restrict their access. Employee access rights are reassessed regularly, according to their remit. To access the premises, employees must hand in their badges for verification before passing through the security doors. The datacenters have an even higher level of protection, as only authorized personnel can gain entry. OVH installations are strictly for our own use. Read more from here OVH Data Security

15. LEGAL OBLIGATIONS

We may be required to disclose your personal information in the following circumstances:

  • Legal Compliance: We may disclose your information to comply with applicable laws, regulations, or legal requests from governmental authorities.
  • Legal Proceedings: We may disclose your information to respond to a subpoena or court order, or in connection with a legal investigation.
  • Protection of Rights: We may disclose your information to protect our rights, privacy, safety, or property, or that of our users or the public.
  • Contractual Obligations: If necessary, we may disclose your information to enforce our terms of service or other agreements with you.

We will take reasonable steps to notify you of any such required disclosures unless doing so would violate the law or court order.

16. DO NOT TRACK

Our website does not respond to “Do Not Track” signals sent by your web browser. “Do Not Track” is a feature that allows you to indicate your preferences regarding the collection of your personal data while you browse the internet. However, due to the current state of internet standards, we cannot guarantee that our website will respond to these signals.

We encourage you to review your browser settings for options related to “Do Not Track.” You can choose to adjust your privacy settings based on your preferences. Please note that disabling tracking features may affect your user experience on our website.

If you have any questions or concerns regarding your privacy while using our website, please do not hesitate to contact us.

17. MINORS

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from minors without parental or guardian consent. If we become aware that we have inadvertently collected personal information from a minor, we will take reasonable steps to delete such information from our records as soon as possible.

If you are a parent or guardian and believe that your child has provided us with personal data, please contact us immediately. We encourage parents and guardians to monitor their children’s online activities and to help us ensure that minors do not provide personal information through our website.

If we require parental consent for the processing of personal data of minors in specific jurisdictions, we will comply with the relevant legal requirements.

18. CHANGES

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we make changes, we will revise the effective date at the top of this Privacy Policy and notify you through appropriate channels, which may include email, website notifications, or other methods as deemed necessary.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide by and be bound by the modified policy.

19. CONTACT US

If you have any questions about this Privacy Policy, have noticed any errors, or have concerns regarding our website, please contact us immediately so we can address them promptly. Your feedback is important to us. If you would like to make a complaint or need assistance, please reach out to us via email or by traditional mail at our sales office located in Ylöjärvi. You can use the contact details provided below:

Viking Lab Oy
Vanha Vaasantie 8 C
33470, Ylöjärvi
Finland
Phone: +358 44 0221422

Company registration number: FI26181268

We are committed to resolving your inquiries and ensuring your privacy concerns are addressed.

Biofrost Privacy Policy has been updated at 08.10.2024

GET IN TOUCH

COMPANY

Viking Lab Oy / Biofrost
VAT: FI26181268
Privacy Policy

ADDRESS

Viking Lab Oy / Biofrost
Rovaniementie 305
FI-99800 IVALO
Finland

CONTACT US

tel: +358 20 735 3160

biofrost-attachment105
FOLLOW US
Facebook Twitter Youtube