Privacy Policy
Effective date: 25 March 2025. Document version: 1.0. This Privacy Policy describes how Trizelonsharvexx ("we", "us", "our"), operating the website available at https://trizelonsharvexx.world, collects, uses, discloses, retains, and secures personal data in connection with the Dynavix product information site, inquiry forms, optional customer accounts where offered, and related communications. We act as a controller within the meaning of the EU General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Norwegian Personal Data Act implementing GDPR provisions.
1. Data controller and contact details
The controller responsible for processing personal data is:
Trading name: Trizelonsharvexx
Postal address: Jernbanetorget 1, 0154 Sentralhallen S, Norway
Email: info@trizelonsharvexx.world
Telephone: +47 22 05 38 20
For questions about this Privacy Policy, exercising GDPR rights, or data protection concerns, contact us using the email or telephone above. We may request reasonable information to confirm your identity before disclosing or modifying information tied to your identity.
2. Scope and relationship to other documents
This Policy applies to personal data processed when you visit the website, submit order inquiries, contact us, subscribe to updates where available, interact with cookie controls, or otherwise communicate with us. It complements our Cookie Policy, Terms of Service, and Return Policy. If you purchase goods or services subject to a separate contract, additional processing may occur as described at the point of sale and in transactional emails.
3. Categories of personal data we process
Depending on your interaction, we may process the following categories of data:
- Identity and contact data: full name, delivery or billing address, country, telephone number, email address.
- Inquiry and order data: messages you type into forms, product interests, reference numbers, payment references where you initiate payment, and correspondence history.
- Technical and usage data: IP address, general location derived from IP at regional level, browser type, device type, operating system, pages viewed, referring URL, timestamps, and diagnostic logs strictly necessary for security.
- Cookie and similar technologies data: identifiers stored on your device when you consent, as listed in the Cookie Policy.
- Marketing preferences: opt-in records, unsubscribes, and segment labels tied to campaigns when marketing cookies or clearly separate consents apply.
- Compliance data: records demonstrating consent, policy versions accepted, fraud checks, sanctions screening outcomes where legally required, and accounting records linked to transactions.
We do not intentionally collect special categories of personal data (so-called sensitive data under Article 9 GDPR). Please do not send health diagnoses or similarly sensitive content through general contact forms; if you do, we will delete manifestly unnecessary content where feasible or restrict access in line with legal duties.
4. Sources of personal data
We obtain personal data directly from you when you submit forms, email us, call us, or browse the site. We may receive data indirectly from payment service providers limited to transaction status, from delivery partners limited to logistics updates, or from analytics providers operating on our behalf under strict instructions when you have opted in.
5. Purposes, legal bases, and necessity
We process personal data only where a lawful basis applies. The table below summarises typical processing activities related to this website and storefront operations:
| Purpose | Legal basis (GDPR) | Retention summary |
|---|---|---|
| Responding to product inquiries and order requests | Performance of a contract (Article 6(1)(b)) and, pre-contractual steps at your request | Up to 36 months after last contact unless longer storage is required for claims |
| Fulfilling purchases, logistics, and customer support | Performance of a contract (Article 6(1)(b)) | For the duration of the contractual relationship plus statutory limitation periods (typically 3–5 years for commercial claims under Norwegian law, subject to specifics) |
| Legal, regulatory, and tax compliance (invoices, bookkeeping) | Legal obligation (Article 6(1)(c)) | As required by the Bookkeeping Act and tax rules, often 5 years, in some contexts up to 10 years for certain tax-relevant documentation |
| Fraud prevention, security monitoring, and abuse detection | Legitimate interests (Article 6(1)(f)) in protecting services and users, balanced against your rights | Security logs on a rolling basis, typically 90–180 days unless an incident requires longer retention in segregated archives |
| Analytics cookies and similar technologies that go beyond strictly necessary operation | Consent (Article 6(1)(a)) | In accordance with cookie lifetimes stated in the Cookie Policy; preference records up to 24 months |
| Email marketing where a separate opt-in is collected | Consent (Article 6(1)(a)) | Until withdrawal of consent or 24 months of inactivity depending on campaign design, whichever comes first unless law requires otherwise |
| Product improvement and aggregated statistics without singling out individuals where feasible | Legitimate interests in improving clarity of information labels and site structure (Article 6(1)(f)) | Aggregated analytics without identifiers retained according to project needs, usually up to 24 months |
Where we rely on legitimate interests, you may object under Article 21 GDPR on grounds relating to your particular situation; we will cease processing unless we demonstrate compelling legitimate grounds overriding your interests or need the data for legal claims.
6. Automated decision-making and profiling
We do not use automated decision-making that produces legal effects concerning you or similarly significantly affects you within the meaning of Article 22 GDPR based solely on automated processing. Basic segmentation for marketing, if introduced after explicit consent, would remain human-reviewed and described in an updated version of this Policy.
7. Recipients and categories of recipients
We share personal data only with recipients who need access to achieve the purposes above:
- Infrastructure and hosting providers within the European Economic Area or bound by appropriate safeguards where outside the EEA.
- Email delivery and customer messaging tools operating under data processing agreements.
- Payment service providers when you complete payment; card data is handled by the payment provider under its own privacy notice and PCI obligations where applicable.
- Carriers and customs brokers for shipment labelling, customs declarations, and proof of delivery.
- Professional advisers such as lawyers, accountants, or auditors under confidentiality duties.
- Public authorities when required by valid legal process or to protect vital interests.
We do not sell personal data in the sense of disclosure for monetary consideration to data brokers.
8. International transfers
Where personal data is transferred to countries not subject to an adequacy decision under Article 45 GDPR, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, supplementary technical measures where required by case law, or other mechanisms permitted under Chapter V GDPR. Copies of relevant safeguards may be requested subject to commercial confidentiality limits.
9. Retention principles
We retain personal data no longer than necessary for the purposes collected or as required by law. Retention periods may extend when disputes are pending, when deletion would frustrate a legal obligation, or when anonymised datasets are derived. Backup systems may retain deleted data for a limited technical window until overwritten in the ordinary course.
10. Security measures
We apply a combination of organisational and technical measures appropriate to the risk, including role-based access control, authentication for administrative interfaces, encryption of data in transit using TLS, patching routines, supplier due diligence, pseudonymisation where practicable for analytics datasets, and staff confidentiality training. No method of transmission over the Internet is completely secure; you should also protect your devices and credentials.
11. Your rights under GDPR
Subject to conditions and exemptions in the GDPR, you have the following rights in relation to personal data we process about you:
- Right of access (Article 15): obtain confirmation whether we process your data and receive a copy.
- Right to rectification (Article 16): correct inaccurate data or complete incomplete data.
- Right to erasure ("right to be forgotten") (Article 17): request deletion where applicable grounds exist, such as withdrawal of consent where consent was the sole basis, or unlawful processing.
- Right to restriction of processing (Article 18): limit processing in defined circumstances, for example while contesting accuracy.
- Right to data portability (Article 20): receive structured, machine-readable data you provided where processing is based on consent or contract and carried out by automated means.
- Right to object (Article 21): object to processing based on legitimate interests or to direct marketing where applicable.
- Rights related to consent (Article 7): withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
To exercise these rights, contact info@trizelonsharvexx.world. We respond within one month, extendable by two further months in complex cases with notice. You may lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet), visiting address Tollbugata 3, 0152 Oslo, Norway, or via datatilsynet.no.
12. Children
Our website markets food supplements intended for adults. We do not knowingly collect personal data from children under 16 without parental authority. If you believe a minor has provided data, contact us and we will take appropriate steps to delete unnecessary records.
13. Marketing communications
Where we send promotional emails, we will do so only with prior affirmative consent or another lawful basis clearly indicated at collection. Each marketing email includes an unsubscribe mechanism. Preference centres, if deployed, will mirror categories described in the Cookie Policy where relevant.
14. Changes to this Privacy Policy
We may update this Policy to reflect legal, technical, or operational changes. The effective date at the top will change, and substantive updates will be highlighted on the website or communicated where appropriate. Continued use after posting may constitute notice where permitted by law, but rights-intensive changes affecting consent-based processing will seek fresh consent where required.
15. Norwegian consumer context
As a trader addressing consumers in Norway, we comply with the Marketing Control Act, the Personal Data Act, and applicable consumer sales rules alongside GDPR. Additional transparency about commercial practices appears in our Terms of Service. Nothing in this Policy limits mandatory consumer rights that cannot be contracted away.
For further information about how cookies and similar technologies operate on this site, read the Cookie Policy. For contract terms governing purchases, see the Terms of Service.