Privacy Policy
This Privacy Policy describes how personal data is processed on Movebeauty.world in accordance with the General Data Protection Regulation (EU) 2016/679, Finnish Data Protection Act 1050/2018, and related EU privacy requirements.
Last updated: 14 April 2026
1. Controller identity and contact details
Data Controller: Movebeauty.ddd. Address: Pirkankatu 11, 33230 Tampere, Finland. Email: admin@movebeauty.world. Phone: +358452745212. The controller decides the purposes and means of personal data processing carried out through this website and responds to data protection requests.
2. Personal data categories, legal bases, and purposes
We process only data that is necessary for defined purposes. Contact data may include name, email address, and message content provided through forms. Technical data may include IP address, browser and device information, basic logs, and cookie-related preference records. Legal bases are: consent under Article 6(1)(a) GDPR for optional cookies and optional analytics; legitimate interest under Article 6(1)(f) GDPR for secure website operation, abuse prevention, and essential service continuity; legal obligation under Article 6(1)(c) GDPR where retention is required by law. Data is used to respond to messages, maintain website functionality, document user privacy preferences, and protect service integrity.
3. Recipients, processors, and international transfers
Personal data may be processed by contracted processors such as hosting, infrastructure, and technical support providers. Processors act under written data processing terms that include confidentiality and security obligations. Personal data is not sold. If processing involves transfers outside the European Economic Area, transfers are performed only with recognized safeguards, such as European Commission standard contractual clauses, adequacy decisions, or other lawful GDPR transfer mechanisms.
4. Retention periods and security measures
Data is stored only as long as needed for the original purpose or legal retention obligations. Contact form messages are retained for communication handling and then deleted or anonymized when no longer required. Security and technical logs are retained for a limited period needed for troubleshooting and service protection. Cookie consent records are retained to demonstrate consent choices and updated when preferences change. We apply appropriate technical and organizational safeguards, including access restrictions, role-based handling, secure environment configuration, and periodic review of data handling procedures.
5. Data subject rights and supervisory authority in Finland
Under GDPR, users may request access, rectification, erasure, restriction, data portability where applicable, and objection to processing based on legitimate interest. Users may withdraw consent at any time for processing based on consent, without affecting prior lawful processing. Requests are handled after reasonable identity verification and without undue delay, normally within one month unless legal exceptions apply. Users may submit complaints to the Finnish supervisory authority: Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto), website: https://tietosuoja.fi/en/home. This policy may be updated if legal requirements, processing activities, or service structure changes.
To submit a data request, users may contact the controller by email or post using the contact details on this page. Requests should include sufficient information to identify the request scope, such as the type of request and a contact channel for response.