Zlozarinnyshunis

Privacy Policy

Last updated: 30 March 2026 · Effective date: 30 March 2026

Controller: Zlozarinnyshunis · 2920 Bloor St W, Etobicoke, ON M8X 1B6, Canada · Email: info@zlozarinnyshunis.world · Phone: +1 (416) 239-3566

1. Introduction and Scope

Zlozarinnyshunis ("we", "us", "our") operates the website at zlozarinnyshunis.world and offers the food supplement product VitalHerbaLife. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you visit our website, place an order, or contact us.

We are committed to protecting your privacy and handling your personal data in accordance with:

  • The Personal Information Protection and Electronic Documents Act (PIPEDA) – Canada's federal private-sector privacy law;
  • The Canadian Anti-Spam Legislation (CASL);
  • The General Data Protection Regulation (GDPR) (EU) 2016/679, to the extent it applies to individuals in the European Economic Area;
  • Applicable provincial privacy legislation in Canada, including the Freedom of Information and Protection of Privacy Act (Ontario).

By using our website or placing an order, you acknowledge that you have read and understood this Privacy Policy.

2. Identity and Contact Details of the Controller

The data controller responsible for your personal information is:

3. Personal Data We Collect

We collect personal information that you provide to us directly, as well as data collected automatically when you use our website.

3.1 Information You Provide Directly

  • Order information: Full name, email address, telephone number (optional), delivery address, and any notes you include with your order.
  • Contact enquiries: Name, email address, telephone number (optional), and the content of your message.
  • Consent records: Records of your agreement to our Terms of Service and Privacy Policy at the time of submitting a form.

3.2 Information Collected Automatically

  • Technical data: IP address, browser type and version, operating system, device type, screen resolution.
  • Usage data: Pages visited, time spent on pages, referring URLs, click behaviour, and navigation paths.
  • Cookie data: Information stored via cookies and similar technologies. See our Cookie Policy for full details.

3.3 Special Categories of Data

We do not intentionally collect special categories of personal data (such as health data, racial or ethnic origin, political opinions, religious beliefs, biometric data, or genetic data). Our product is a food supplement and we do not ask for or require health information to process an order.

4. Purposes and Legal Bases for Processing

Purpose Data Used Legal Basis (GDPR) Legal Basis (PIPEDA)
Processing and fulfilling your order Name, email, phone (optional), address, order details Performance of a contract (Art. 6(1)(b)) Necessary for the transaction
Sending order confirmation and shipping updates Name, email, order details Performance of a contract (Art. 6(1)(b)) Necessary for the transaction
Responding to customer enquiries Name, email, phone (optional), message content Legitimate interests (Art. 6(1)(f)) Legitimate business purpose
Compliance with legal obligations (tax, accounting) Name, address, order and payment records Legal obligation (Art. 6(1)(c)) Legal requirement
Website analytics and performance improvement IP address, usage data, cookie data Consent (Art. 6(1)(a)) or Legitimate interests (Art. 6(1)(f)) Consent or legitimate purpose
Fraud prevention and security IP address, order data, technical data Legitimate interests (Art. 6(1)(f)) Legitimate business purpose
Marketing communications (only with consent) Name, email Consent (Art. 6(1)(a)) Express or implied consent (CASL)

5. Data Retention Periods

We retain personal data only for as long as necessary for the purposes described in this policy, or as required by applicable law.

Data Category Retention Period Reason
Order records (name, address, order details) 7 years Canadian tax and accounting law requirements
Customer service communications 3 years from last interaction Legitimate business interest, dispute resolution
Consent records Until consent is withdrawn + 3 years Proof of consent (CASL, GDPR)
Website analytics data 26 months Analytics and performance improvement
Technical logs (IP, access logs) 12 months Security and fraud prevention
Marketing opt-out records Indefinitely To honour unsubscribe requests (CASL)

After the applicable retention period, personal data is securely deleted or anonymised.

6. Disclosure of Personal Data to Third Parties

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes. We may share your data with the following categories of recipients only to the extent necessary:

  • Shipping and logistics partners: To deliver your order (name, delivery address, contact number).
  • Payment processors: To process your payment securely. Payment card data is processed directly by our payment provider and is not stored on our servers.
  • Email service providers: To send transactional emails (order confirmations, shipping notifications).
  • Analytics providers: To analyse website usage and improve our services (anonymised or pseudonymised data where possible).
  • Legal and regulatory authorities: Where required by law, court order, or regulatory requirement.
  • Professional advisors: Lawyers, accountants, and auditors under obligations of confidentiality.

All third-party service providers are required to handle your data in accordance with applicable privacy laws and our data processing agreements.

7. International Data Transfers

Our primary operations are based in Canada. Some of our service providers may be located in other countries, including the United States and the European Union. Where personal data is transferred outside Canada, we ensure that appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission (for transfers to/from the EU/EEA);
  • Adequacy decisions where applicable;
  • Contractual protections consistent with PIPEDA Schedule 1 principles.

8. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

8.1 Rights Under PIPEDA (Canada)

  • Right of access: You may request access to the personal information we hold about you.
  • Right to correction: You may request that we correct inaccurate or incomplete personal information.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
  • Right to complain: You have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca.

8.2 Rights Under GDPR (EU/EEA Residents)

  • Right of access (Art. 15): Obtain a copy of your personal data and information about how it is processed.
  • Right to rectification (Art. 16): Have inaccurate data corrected or incomplete data completed.
  • Right to erasure / "right to be forgotten" (Art. 17): Request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to restriction of processing (Art. 18): Request that we restrict processing of your data in certain circumstances.
  • Right to data portability (Art. 20): Receive your data in a structured, commonly used, machine-readable format.
  • Right to object (Art. 21): Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent (Art. 7(3)): Withdraw consent at any time where processing is consent-based.
  • Right to lodge a complaint: With your national data protection supervisory authority.

To exercise any of these rights, please contact us at info@zlozarinnyshunis.world. We will respond within 30 days (or within the timeframe required by applicable law). We may need to verify your identity before processing your request.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our website. For detailed information about the types of cookies we use, their purposes, and how to manage your preferences, please refer to our Cookie Policy.

10. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

  • HTTPS encryption for all data transmitted between your browser and our website;
  • SSL/TLS certificates to protect data in transit;
  • Access controls limiting data access to authorised personnel only;
  • Regular security assessments and updates;
  • Secure data storage with encryption at rest where applicable;
  • Staff training on data protection and privacy obligations.

While we take all reasonable steps to protect your data, no method of transmission over the internet is 100% secure. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by law.

11. Children's Privacy

Our website and products are intended for adults aged 18 and over. We do not knowingly collect personal information from individuals under the age of 18. If you believe that a child has provided us with personal information, please contact us immediately and we will take steps to delete such information.

12. Links to Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will post the updated policy on this page with a revised "Last updated" date. For significant changes, we will provide more prominent notice (such as a banner on our website or an email notification where we have your contact details).

We encourage you to review this policy periodically. Your continued use of our website after changes are posted constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact our Privacy Officer:

You also have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca, or with your local data protection authority if you are located in the EU/EEA.