Cleanseskeleton
Privacy charter
Reference day

Privacy policy

This page explains how Cleanseskeleton collects, uses, stores, and protects personal data when you browse cleanseskeleton.world, send a message, or receive informational materials about flexible eating. We write in plain language and align our practices with the General Data Protection Regulation and internationally recognised expectations.

Controller: Cleanseskeleton, Mannerheimintie 14–20, 00100 Helsinki, Finland · Phone +358 9 565 74523 · assist@cleanseskeleton.world

Purpose and who this applies to

This policy applies to visitors, prospective clients, and anyone who interacts with us through the website or email. It does not replace any separate agreement you may sign for workshops or paid advisory work; those documents add detail where they exist.

We process personal data only for defined purposes: responding to inquiries, operating a secure site, improving content where analytics are allowed, meeting legal obligations, and—when you consent—sending relevant updates.

Categories of data

Depending on how you use the site, we may process:

  • Identity and contact details you type into forms, such as your name and email address.
  • Message content and optional context you choose to include.
  • Technical data such as IP address, browser type, device category, and approximate region derived from network data, when our hosting or security tools log connections.
  • Pseudonymous analytics identifiers if you enable the analytics category in the cookie banner.
  • Consent records stored locally in your browser and synchronised with our consent logic.

We do not ask you to share special categories of data on this website. If you voluntarily include health-related details in a message, we treat that information with additional care and only use it to respond to your inquiry unless a separate lawful basis applies.

Lawful bases for processing

We rely on consent for optional cookies and certain marketing communications. We rely on legitimate interests to keep the website secure, understand aggregate usage in a privacy-preserving way where permitted, and maintain our relationship with professional contacts, balancing those interests against your rights. We rely on contractual and pre-contractual steps when you request a service quote. We rely on legal obligation where tax or accounting rules require retention.

How collection happens in practice

Contact forms transmit the fields you submit to mailboxes or ticketing tools we control. Email headers may include routing data beyond the body text you write. When you load a page, infrastructure providers may temporarily log requests to filter abuse. Optional analytics scripts load only after you opt in through the cookie interface, and we configure them to reduce persistent identifiers where the product allows.

Retention period

General business correspondence is usually kept up to twenty-four months unless a longer period is justified by an open request, dispute, or statutory requirement. Accounting records that contain personal data may be kept for the period required by Finnish bookkeeping law. Server logs with raw IP addresses are typically rotated within ninety days unless security review requires a longer hold. Cookie lifetimes follow the cookies policy and vendor documentation.

International transfers

If we use tools hosted outside the European Economic Area, we implement appropriate safeguards such as standard contractual clauses approved by the European Commission, supplemented by technical measures like encryption in transit and access minimisation where relevant.

Data protection measures

We limit access to personal data to people who need it for their role, use strong authentication on administrative accounts, review subprocessors before onboarding, apply transport encryption where supported, and maintain procedures to detect and respond to incidents.

Your rights

You may request access, rectification, erasure, restriction of processing, objection where processing is based on legitimate interests, and portability where data is processed automatically under contract or consent. You may withdraw consent at any time for processing that depends on it. You may lodge a complaint with the Office of the Data Protection Ombudsman in Finland or, if you live elsewhere in the EU, with another supervisory authority.

Children

This site is intended for adults making lifestyle planning decisions. We do not knowingly collect data from children without verifiable parental consent where such consent is required.

Advertising and measurement

Where we use optional analytics or advertising-related technologies after you give consent, we minimise data collection and avoid drawing sensitive inferences about you from this site alone. We do not sell personal data as a standalone commercial product. You may refuse non-essential cookies at any time through our cookie controls.

Updates to this policy

When we make substantive changes, we adjust this page and may surface a short notice on high-traffic pages. The reference date at the top of the hero reflects the calendar day you are viewing; the policy text may still be updated from time to time—check this document for the latest wording.