Home

Privacy Policy

Last updated:

Data controller

Lyxtherokhor

Postal address: Götgatan 72A, 118 26 Stockholm, Sweden

Contact identifiers for privacy requests: info@lyxtherokhor.world, contact@lyxtherokhor.world, support@lyxtherokhor.world, help@lyxtherokhor.world (please include “Privacy request” in the subject line of your message).

Scope

This policy describes how we collect and use personal data when you visit this website, create an order request, use the contact form, or communicate with us about Larnio food supplements. It is written to align with the EU General Data Protection Regulation (GDPR) and relevant Swedish national law.

Geographical scope

The data controller is established in Sweden (European Union). Our primary audience is visitors and customers in the European Economic Area. If you contact us from another region, we still apply GDPR-aligned principles where they apply to our processing. Cross-border transfers outside the EEA are covered in the section on recipients and safeguards.

Marketing, cookies, and advertising platforms

When we run online advertising, we may use measurement and remarketing tools only where you have given consent through our cookie controls. We do not use personal data to target advertisements based on sensitive categories of health data. Product communications describe Larnio as a food supplement and avoid suggesting that it treats or prevents disease.

Categories of data

Category Examples Source
Identity and contact Name, email address, phone number if provided You, when you submit a form
Transaction and communication Order notes, message content, correspondence history You and our mailbox systems
Technical IP address, browser type, approximate region from server logs Automatically when you load pages
Cookie-related Consent state, optional analytics or marketing identifiers Your browser and our cookie tools

Purposes and legal bases

  • Processing orders and responding to enquiries: performance of a contract or steps prior to a contract (Art. 6(1)(b) GDPR), and legitimate interest in operating customer service (Art. 6(1)(f) GDPR).
  • Compliance with accounting or consumer rules where applicable: legal obligation (Art. 6(1)(c) GDPR).
  • Website security and abuse prevention: legitimate interests (Art. 6(1)(f) GDPR).
  • Optional analytics or marketing cookies: consent (Art. 6(1)(a) GDPR).

Retention

Contact and order-related messages are kept for the time needed to complete the request and for any follow-up, typically up to twenty-four months unless a longer period is required by law or for established claims. Server logs are rotated on a short cycle compatible with security monitoring. Accounting records may be stored longer when tax law requires.

Recipients and transfers

We use infrastructure and communication providers that process data on our instructions. Where a recipient is outside the European Economic Area, we rely on appropriate safeguards such as standard contractual clauses. A summary of sub-processors can be provided on request.

Security measures

We apply access controls, encrypted transport for this site, and limited staff access to inboxes handling customer data. No method of transmission over the internet is fully risk-free; we review providers regularly.

Your rights

Under GDPR you may request access, rectification, erasure, restriction of processing, data portability, and objection where applicable. You may withdraw consent for optional processing at any time without affecting prior lawful processing. You may lodge a complaint with the Swedish Authority for Privacy Protection (IMY) or another EU supervisory authority.

Automated decision-making

We do not use fully automated decisions that produce legal effects concerning you.

We use strictly necessary cookies to run the site and optional cookies for analytics and marketing if you allow them. Read the Cookie Policy for details.