What are you looking for?

Privacy Policy

Privacy Policy

Effective date: August 9, 2025
Data Controller: Online store, Finland
Business ID (Y-tunnus): 3385297-1
Contact for privacy matters: contact@emenx.com

1. General

This Privacy Policy describes how we collect, use, store, and protect personal data when you interact with our online store.
We are committed to handling your personal data in a transparent and secure manner, in compliance with the EU General Data Protection Regulation (GDPR), applicable Finnish laws, and other relevant data protection legislation.

By using our services, you agree to the terms described in this Privacy Policy.

2. Data We Collect

We only collect the minimum amount of information necessary to provide and improve our services. This may include:

  • Name

  • Shipping and billing address

  • Email address

  • Phone number

  • Payment information (processed securely via our payment service provider, Stripe — we do not store credit card numbers)

  • IP address and browser/device information (collected via Google Analytics)

  • Order history

  • Communication history (emails, contact form submissions)

We do not collect sensitive personal data.

3. Sources of Data

We collect data from:

  • Information you provide directly when placing an order or contacting us

  • Data automatically collected through cookies and analytics tools

  • Payment information from our payment provider (Stripe) when you make a purchase

4. Purposes of Processing

We process your personal data for the following purposes:

  • To process and deliver your orders

  • To communicate with you regarding your orders or inquiries

  • To comply with legal obligations (e.g., accounting and tax regulations)

  • To improve our website, products, and services through analytics

  • To prevent fraud and protect our services

We do not currently use your data for direct marketing or targeted advertising.

5. Legal Basis for Processing

We process your personal data based on:

  • Contract – when processing your order

  • Legal obligation – when complying with tax or accounting requirements

  • Legitimate interest – when improving our services and ensuring website security

  • Consent – when you accept cookies or opt in to communications

6. Use of Third-Party Services

We use the following trusted third-party service providers:

  • Stripe – for secure payment processing

  • Google Analytics – for website traffic analytics

  • WooCommerce – for e-commerce functionality

These providers may process your personal data on our behalf in accordance with GDPR.

7. Data Transfers Outside the EU

Because we offer international shipping and use third-party services, your data may be transferred and processed outside the EU/EEA.
When this happens, we ensure appropriate safeguards are in place, such as the European Commission’s Standard Contractual Clauses (SCCs).

8. Data Retention

We keep personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law.

Typical retention periods:

  • Order and billing data: 6–10 years (for legal/accounting purposes)

  • Communication data: 1–2 years

  • Analytics data: as per Google Analytics’ retention policy

9. Cookies

We use cookies to:

  • Enable website functionality

  • Measure and analyze site usage (Google Analytics)

  • Improve performance and user experience

You can manage or disable cookies in your browser settings.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against loss, theft, unauthorized access, alteration, or destruction.

11. Your Rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you

  • Request correction or deletion of your data

  • Restrict or object to processing

  • Withdraw consent at any time (when applicable)

  • Data portability

  • Lodge a complaint with a supervisory authority (in Finland: Data Protection Ombudsman)

Requests can be made to: contact@emenx.com

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or for legal reasons. Any changes will be posted on this page with an updated effective date.

13. Liability Disclaimer

While we take all reasonable measures to protect your data, we are not responsible for any damages resulting from:

  • Unauthorised access to your data caused by factors beyond our control

  • Data breaches affecting third-party service providers we use, despite having appropriate safeguards in place

  • Your own actions in disclosing personal information to third parties