Privacy policy


The privacy statement of the website has been prepared to ensure that the website processes your photos and personal data appropriately. Each customer is a data subject as defined in the GDPR.

The Customer must accept the terms of this Privacy Policy in order to use the Services.

This document describes what personal data (i.e. information related to specific persons or that can be used to identify a particular person) collects when a customer visits websites and in connection with customer orders, and how that personal data is processed and used. This document also explains how use cookies.

We use the information:

  • Delivering an easy-to-use and safe service
  • Improve customer service and marketing
  • For the development of e-commerce

Controller and its contact details

The controller of the personal data processed shall be:

Benelife Oy (Business ID 2570401-2)
Samostentie 5 B 17
93600 Kuusamo


You can ask more about data protection and the processing of personal data:

by e-mail


What information can be collected about me? collects and processes only the information needed for the professional processing of the customer's order and the maintenance of the customer relationship.

Information provided or personally identifiable by the user:

  • Identification information, such as name
  • Contact information, such as address, email address and, optionally, telephone number, which is used to manage the customer relationship and can also be handed over to Posti for arrival notification.
  • Payment information, such as billing information.
  • We do not store credit card information completely
  • With the customer's consent, location data used to estimate delivery time
  • Account number (only in situations where money is returned to the account to the customer)
  • Information observed and derived from the use of services by analytics
  • Purchase history, e.g. ordered products and their price information
  • Shipping information, such as the selected mode of delivery and delivery address


What is my personal data used for?

Personal data is used for:

  • For processing and delivering orders
  • To manage and maintain an account
  • For statistical purposes
  • Preventing abuses
  • To provide better customer service treats the information confidentially and does not disclose it to external processors.


How is my data stored and protected? database containing the personal data of the customer of the site is continuously protected by appropriate technical and organisational measures to prevent its loss and misuse. It is stored in a safe environment that the public does not have access to. Data centers and the technical and process security of e-commerce systems are at a very high level. Servers are protected against data breaches and denial of service attacks.

When the customer's personal data is transferred, for example during login and payment process, it is encrypted using Secure Socket Layer (SSL) technology. This means that the communication between the customer's computer and the site is subject to a leading encryption method, provided that the customer's web browser supports SSL (https) technology.

When processing personal data and planning the processing of personal data, we follow good data protection practices, for example, consolidation and anonymisation of data, if possible. The processing of personal data takes into account the requirements of the EU's General Data Protection Regulation to be complied with as of 25 May 2018.


Who processes my personal data?

The customer's personal data is accessible to the site operator.

The electronic payment process is handled by the certified payment service provider Visma Pay. Payment information is transmitted directly to the payment service provider and stored there for payment processing and possible refunds for a limited period of time. It's not about paying by bill.

The online payment service is provided by Visma Pay (2486559-4) . When creating a payment transaction, the following information is stored in the Paytrail register:

  • Payment method
  • Date of payment
  • IP address
  • Account number

Read more about Visma Pay:


How long will my data be stored?

We will only retain personal data for the necessary time in order to fulfil the purposes described in this statement. In addition, some data may be retained for a longer period to the extent necessary to fulfil legal obligations, such as accounting and consumer trade responsibilities, and to demonstrate their proper implementation.

At the customer's request, personal data concerning him or her may be deleted or anonymised from the systems on the website and will no longer be used for the purposes listed in the statement.

For some of the information, legislation imposes obligations on the long-term storage of data, including for the following purposes:

The Accounting Act defines longer retention periods for data, regardless of whether the material contains personal data or not. System log data is collected and stored as required by law in order to provide a lawful and secure online store to our customers. Taking adequate backups of e-commerce databases and systems to secure data, fix errors, and verify security and continuity.
The images of the customer orders and the related information will be automatically deleted no later than 30 days after the order has been delivered, unless the abnormal procedure has been separately agreed between the parties.


What kind of rights do I have?

Your rights as a registered customer:

  • Right of access to data, Article 15 GDPR.
  • Right to rectification, Article 16 GDPR
  • Right to erasure (right to be forgotten), Article 17 GDPR
  • Right to restriction of processing, Article 18 GDPR. You may notify Benelife in writing at any time that you wish to prohibit the further processing of your personal data; however, this is subject to the restriction that Benelife retains the right to process the data to the extent necessary (e.g. invoicing data under the Accounting Act).
  • Right to transfer data from one system to another, Article 20 GDPR
  • Right of objection, Article 21 GDPR (see also 'Withdrawal of consent and right of objection' below).

In accordance with Article 22 of the GDPR, the data subject has the right not to be subjected to a decision based solely on automated processing, such as profiling, which has legal effects on him or her, or which affects him or her in a similar manner. The foregoing shall not apply where the decision:

  • necessary for the conclusion or performance of an agreement between the data subject and the controller
  • has been approved by Union law applicable to the controller or by the law of a Member State, which also lays down appropriate measures for the protection of the rights and freedoms and legitimate interests of the data subject; or
  • based on the explicit consent of the data subject

You can request the exercise of the rights by contacting our customer service. Benelife reserves the right to ask the customer to identify themselves appropriately before processing the above requests.

If you notice that there are deficiencies in the processing or that it is unlawful, you have the right to lodge a complaint with the data protection authority Art. 77 GDPR.


Legal bases for data processing

The legal bases for data processing shall be established in accordance with Article 6 of the GDPR, in which case the processing is mainly carried out in accordance with

  • consent, Article 6(1)(a) GDPR
  • agreement, Article 6(1)(b) GDPR
    legal obligations, Article 6(1)(c) GDPR and
  • protection of legitimate interests, Article 6(1)(f) GDPR.


Withdrawal of consent and right to object

You have the right to withdraw your consent at any time without affecting the legality of the processing. If the consent is withdrawn, we will stop the corresponding data processing.


In the case of benefits entitled to withdrawal of your right

In accordance with Article 21 of the GDPR, you have the right, due to your specific situation, to object at any time to the processing of personal data concerning you collected in accordance with Article 6(1)(f) of the GDPR. Benelife may no longer process personal data unless we can demonstrate that there is a substantially important and legitimate reason for the processing that overrides the interests, rights and freedoms of the data subject or is necessary for the establishment, exercise or defence of a legal claim.


How do I get information about myself from the data stored in the system?

You can request the information stored in the systems for yourself by contacting you via email: We will process requests within 30 days of receipt of the request.


Will my personal data be disclosed to third parties?

We provide information to the following third parties:

  • When paying to a payment agent with a payment card
  • To the collection company, when invoices are due and when the collection is transferred

The Customer may limit the disclosure of data for marketing purposes by contacting customer service.

If necessary, we will also disclose information at the request of the authorities. We always inform the customer of requests for information, if this is permitted by law.


Are cookies used on the website of the online store and what are they?

Benelife strives to design its website as user-friendly and efficient as possible. To achieve this, Benelife uses cookies. The website uses only cookies necessary for the use of the website and the online store, which cannot be disabled to safeguard the operation of the website and the store. Cookies set by the server remain in the browser for 30 days. The website does not use cookies that collect personal data or are used, for example, in the form of cookies. Marketing.


Can this privacy policy be changed?

Due to the development of services and changes in legislation, we reserve the right to change the privacy policy. Significant changes to the Privacy Policy will be notified to registered customers in connection with the update of the terms and conditions.

This Privacy Policy replaces the previous Privacy Policy.


Where can I contact?

You can contact us for questions related to the Privacy Policy:

by e-mail: