Products available exclusively on the waitlist - Register now to secure your spot
Products available exclusively on the waitlist - Register now to secure your spot
Products available exclusively on the waitlist
Register now to secure your spot
Products available exclusively on the waitlist - Register now to secure your spot
PRIVACY POLICY
PRIVACY POLICY EU
Natural Resistance AB
Last updated: 25-10-2025
1. Introduction
1.1 This privacy policy (the “Privacy Policy”) governs the collection, use, disclosure, storage, and protection of personal data in connection with the access to and use of the website available at www.naturalresistance.com (the “Website”), the creation and management of customer accounts, the purchase of weighted garments and related products offered for sale by Natural Resistance AB (the “Products”), and the provision of associated services, including marketing communications, after-sales support, warranty claims, voluntary refund programs, and all other activities carried out in connection with the Website or Natural Resistance’s business operations.
1.2 Natural Resistance AB (“Natural Resistance,” “we,” “us,” or “our”) is committed to safeguarding the privacy and security of all individuals who access or use the Website, place orders for Products, or otherwise engage with us. This Privacy Policy has been prepared in accordance with Regulation (EU) 2016/679 (the “General Data Protection Regulation” or “GDPR”), as well as applicable Swedish and European data protection laws, and it explains in detail how we process personal data, for what purposes, under which legal bases, and how Customers can exercise their rights as data subjects.
1.3 For the purposes of this Privacy Policy, “Personal Data” means any information relating to an identified or identifiable natural person (the “Customer” or “you”). “Processing” means any operation performed on Personal Data, such as collection, recording, storage, organization, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, combination, restriction, erasure, or destruction. “Controller” means the entity that determines the purposes and means of Processing Personal Data.
2. Identity of the Controller
2.1 The Controller responsible for the Processing of Personal Data in connection with the Website and the Products is:
Natural Resistance AB
Ringduvegatan 6
431 32 Mölndal
Sweden
Company registration number: 559462-9877
2.2 Natural Resistance has appointed a dedicated privacy contact who may be reached at Oscar.hallerod@naturalresistance.com for all questions, requests, or complaints relating to the Processing of Personal Data.
2.3 If required by law, Natural Resistance will also designate a Data Protection Officer (“DPO”), whose contact details will be made available on the Website.
3. Categories of Personal Data Collected
3.1 In the course of operating the Website, fulfilling orders, and providing services, Natural Resistance collects and processes different categories of Personal Data, including but not limited to:
Browsing and technical data: information automatically collected when a Customer visits the Website, including IP address, browser type, device identifiers, operating system, referring website, pages visited, access times, and other technical information. These data are collected primarily through cookies and similar technologies, in accordance with our Cookie Policy.
Account and registration data: information provided by the Customer when creating an account on the Website, such as name, email address, password, preferences, and communication settings.
Order and transaction data: information necessary to process orders, including shipping and billing address, contact details, order history, product preferences, payment method, and transaction details.
Payment data: details required to complete financial transactions. Natural Resistance does not store full credit card or payment information; such details are processed securely by authorized third-party payment providers.
Customer service data: correspondence with Natural Resistance, including inquiries, complaints, requests, warranty or refund claims, and other communications with our customer service team.
Marketing and communication data: preferences expressed by Customers in relation to receiving newsletters, promotions, or other marketing communications, and information about interactions with such communications.
Voluntary data: any other Personal Data voluntarily provided by Customers, for example in product reviews, surveys, contests, or when participating in promotional campaigns.
3.2 Natural Resistance does not intentionally collect sensitive categories of Personal Data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health data, or biometric identifiers). Customers are expressly requested not to provide such data when using the Website or purchasing Products.
3.3 In addition, Natural Resistance may collect and process Personal Data of job applicants, employees, and contractors. This may include identification details, contact information, curriculum vitae, employment history, references, and other information provided during recruitment or employment. Applicant data are processed exclusively for recruitment purposes and are retained for no longer than six (6) months after the conclusion of the recruitment process, unless longer retention is justified by law or explicit consent. Employee data are processed for the performance of the employment contract, compliance with labor, tax, and social security laws, and for internal administrative purposes.
4. Purposes of Processing and Legal Bases
4.1 Natural Resistance processes Personal Data exclusively for lawful purposes, in accordance with one or more of the legal bases under Article 6 of the GDPR.
4.2 The purposes of Processing and corresponding legal bases include:
Contractual necessity: to process and deliver orders; to provide and manage Customer accounts; to facilitate payments; to provide after-sales support, including returns, warranties, and refund programs; and to respond to Customer service requests.
Compliance with legal obligations: to comply with obligations under tax, accounting, customs, anti-money laundering, consumer protection, and product safety laws, as well as to respond to lawful requests from public authorities.
Legitimate interests: to ensure network and information security; to prevent and detect fraud; to analyze sales, Website performance, and Customer preferences; to improve the design and quality of our Products and services; and to defend our rights in legal proceedings. Natural Resistance balances these interests against the fundamental rights and freedoms of Customers.
Consent: to send newsletters, promotional communications, or targeted advertising; to analyze browsing behavior through non-essential cookies; and to conduct market research or surveys. Customers may withdraw their consent at any time without affecting the lawfulness of Processing prior to withdrawal.
5. Methods of Processing
5.1 Personal Data are processed primarily by automated means but may also be handled in paper form. Processing is carried out in compliance with principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
5.2 Natural Resistance implements appropriate technical and organizational measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, in accordance with Article 32 GDPR. Such measures include encryption, pseudonymization, restricted access, and regular monitoring of systems.
5.3 Personal Data are not subject to decisions based solely on automated Processing, including profiling, which produce legal effects or significantly affect Customers, unless explicit consent has been obtained or required by law.
6. Data Retention
6.1 Personal Data are retained only for as long as necessary to achieve the purposes for which they were collected or as required by applicable laws.
6.2 In particular: account and profile data are retained for the duration of the Customer’s account and deleted or anonymized upon closure, unless longer retention is required by law; order and transaction data are retained for up to ten (10) years from the date of the transaction, to comply with tax and accounting obligations; customer service data are retained for the time necessary to resolve the request, and in some cases up to three (3) years for training and quality control; marketing data collected with consent are retained until the Customer withdraws consent, or for a maximum of three (3) years after the last interaction; browsing data are retained in accordance with the Cookie Policy.
6.3 After the applicable retention period, Personal Data are either securely deleted or irreversibly anonymized.
7. Disclosure of Personal Data
7.1 Personal Data may be disclosed to internal staff, service providers, business partners, competent authorities, and in the context of corporate transactions. Employees and authorized personnel require access for the performance of their duties and are bound by confidentiality obligations. Service providers engaged by Natural Resistance process Personal Data only under contractual instructions and with adequate data protection commitments; such providers include payment processors, logistics companies, IT hosting and maintenance providers, analytics firms, and customer service tools. Business partners may receive Personal Data only with the Customer’s explicit consent for marketing or promotional purposes. Competent authorities, regulators, or courts may receive Personal Data where required by law or in order to protect the rights of Natural Resistance. In the event of mergers, acquisitions, restructuring, or other corporate transactions, prospective buyers, investors, or partners may receive Personal Data, subject to appropriate safeguards.
8. International Transfers
8.1 Personal Data may be transferred to recipients located outside the European Economic Area (“EEA”), including countries that may not provide the same level of data protection as within the EEA.
8.2 Where such transfers occur, Natural Resistance ensures that they are carried out in compliance with Chapter V of the GDPR, using one of the following mechanisms: transfers to countries subject to an adequacy decision by the European Commission; Standard Contractual Clauses adopted by the European Commission, supplemented by additional safeguards where necessary; or transfers necessary for the performance of a contract concluded in the interest of the Customer.
8.3 Where Personal Data are transferred to the United States, such transfers may rely on the EU–U.S. Data Privacy Framework, where applicable, or on Standard Contractual Clauses. Customers may request further information regarding safeguards for international transfers by contacting privacy@naturalresistance.com.
9. Rights of the Customer
9.1 Customers have the right of access, rectification, erasure, restriction, portability, objection, and withdrawal of consent, as provided under Articles 15–21 of the GDPR.
9.2 Customers wishing to exercise any of their rights must submit a written request to Natural Resistance by email or postal mail. Upon receipt of such a request, Natural Resistance will verify the identity of the individual making the request before proceeding. We will provide a response without undue delay and, in any case, within one month of receipt of the request, unless the request is complex or numerous, in which case this period may be extended by up to two additional months. Customers will be informed of any such extension and the reasons for the delay. Where requests are manifestly unfounded or excessive, Natural Resistance reserves the right to charge a reasonable fee or to refuse to act on the request.
9.3 Customers also have the right to lodge a complaint with their local supervisory authority if they believe that their rights under the GDPR have been violated. A list of supervisory authorities in the EEA is available on the website of the European Data Protection Board.
10. Data Breach Notification
10.1 In the unlikely event that a personal data breach occurs which is likely to result in a risk to the rights and freedoms of Customers, Natural Resistance shall notify the competent supervisory authority without undue delay and, where feasible, no later than seventy-two (72) hours after becoming aware of the breach.
10.2 Where the breach is likely to result in a high risk to the rights and freedoms of Customers, Natural Resistance shall also inform the affected Customers without undue delay, using the contact information available in its systems. Such communication will describe in clear and plain language the nature of the breach, the likely consequences, and the measures taken or proposed to mitigate possible adverse effects.
10.3 Customers are advised that while Natural Resistance implements robust safeguards, no method of transmission or storage is entirely secure, and absolute security cannot be guaranteed.
11. Cookies and Similar Technologies
11.1 The Website uses cookies and similar technologies to provide essential functionality, improve user experience, analyze Website traffic, and deliver personalized content and advertising. Cookies may be classified as essential, analytical, functional, or marketing.
11.2 Customers can manage or disable cookies through their browser settings or by using the cookie management tool available on the Website. For further information, Customers should refer to the Cookie Policy.
12. Governing Law and Jurisdiction
12.1 This Privacy Policy shall be governed by and construed in accordance with the laws of Sweden, without prejudice to mandatory provisions of EU data protection law and the local laws of the Customer’s country of residence.
12.2 Any dispute, claim, or controversy arising from or relating to this Privacy Policy shall first be addressed by contacting Natural Resistance’s privacy contact. If the dispute is not resolved amicably, Customers may escalate their concerns to the Data Protection Officer (if appointed), and subsequently lodge a complaint with their competent supervisory authority.
13. Changes and Superseding Prior Versions
13.1 Natural Resistance may amend or update this Privacy Policy at any time, for example to reflect changes in law, technology, or business operations. Updated versions of the Privacy Policy will be published on the Website with the date of the last update indicated at the top. Where required by law, Customers will be notified of material changes through reasonable means, such as email or Website notice.
13.2 This Privacy Policy supersedes and replaces any and all previous versions published by Natural Resistance. The date indicated at the top of this document reflects the current and authoritative version.
EU
US
PRIVACY POLICY EU
Natural Resistance AB
Last updated: 25-10-2025
1. Introduction
1.1 This privacy policy (the “Privacy Policy”) governs the collection, use, disclosure, storage, and protection of personal data in connection with the access to and use of the website available at www.naturalresistance.com (the “Website”), the creation and management of customer accounts, the purchase of weighted garments and related products offered for sale by Natural Resistance AB (the “Products”), and the provision of associated services, including marketing communications, after-sales support, warranty claims, voluntary refund programs, and all other activities carried out in connection with the Website or Natural Resistance’s business operations.
1.2 Natural Resistance AB (“Natural Resistance,” “we,” “us,” or “our”) is committed to safeguarding the privacy and security of all individuals who access or use the Website, place orders for Products, or otherwise engage with us. This Privacy Policy has been prepared in accordance with Regulation (EU) 2016/679 (the “General Data Protection Regulation” or “GDPR”), as well as applicable Swedish and European data protection laws, and it explains in detail how we process personal data, for what purposes, under which legal bases, and how Customers can exercise their rights as data subjects.
1.3 For the purposes of this Privacy Policy, “Personal Data” means any information relating to an identified or identifiable natural person (the “Customer” or “you”). “Processing” means any operation performed on Personal Data, such as collection, recording, storage, organization, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, combination, restriction, erasure, or destruction. “Controller” means the entity that determines the purposes and means of Processing Personal Data.
2. Identity of the Controller
2.1 The Controller responsible for the Processing of Personal Data in connection with the Website and the Products is:
Natural Resistance AB
Ringduvegatan 6
431 32 Mölndal
Sweden
Company registration number: 559462-9877
2.2 Natural Resistance has appointed a dedicated privacy contact who may be reached at Oscar.hallerod@naturalresistance.com for all questions, requests, or complaints relating to the Processing of Personal Data.
2.3 If required by law, Natural Resistance will also designate a Data Protection Officer (“DPO”), whose contact details will be made available on the Website.
3. Categories of Personal Data Collected
3.1 In the course of operating the Website, fulfilling orders, and providing services, Natural Resistance collects and processes different categories of Personal Data, including but not limited to:
Browsing and technical data: information automatically collected when a Customer visits the Website, including IP address, browser type, device identifiers, operating system, referring website, pages visited, access times, and other technical information. These data are collected primarily through cookies and similar technologies, in accordance with our Cookie Policy.
Account and registration data: information provided by the Customer when creating an account on the Website, such as name, email address, password, preferences, and communication settings.
Order and transaction data: information necessary to process orders, including shipping and billing address, contact details, order history, product preferences, payment method, and transaction details.
Payment data: details required to complete financial transactions. Natural Resistance does not store full credit card or payment information; such details are processed securely by authorized third-party payment providers.
Customer service data: correspondence with Natural Resistance, including inquiries, complaints, requests, warranty or refund claims, and other communications with our customer service team.
Marketing and communication data: preferences expressed by Customers in relation to receiving newsletters, promotions, or other marketing communications, and information about interactions with such communications.
Voluntary data: any other Personal Data voluntarily provided by Customers, for example in product reviews, surveys, contests, or when participating in promotional campaigns.
3.2 Natural Resistance does not intentionally collect sensitive categories of Personal Data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health data, or biometric identifiers). Customers are expressly requested not to provide such data when using the Website or purchasing Products.
3.3 In addition, Natural Resistance may collect and process Personal Data of job applicants, employees, and contractors. This may include identification details, contact information, curriculum vitae, employment history, references, and other information provided during recruitment or employment. Applicant data are processed exclusively for recruitment purposes and are retained for no longer than six (6) months after the conclusion of the recruitment process, unless longer retention is justified by law or explicit consent. Employee data are processed for the performance of the employment contract, compliance with labor, tax, and social security laws, and for internal administrative purposes.
4. Purposes of Processing and Legal Bases
4.1 Natural Resistance processes Personal Data exclusively for lawful purposes, in accordance with one or more of the legal bases under Article 6 of the GDPR.
4.2 The purposes of Processing and corresponding legal bases include:
Contractual necessity: to process and deliver orders; to provide and manage Customer accounts; to facilitate payments; to provide after-sales support, including returns, warranties, and refund programs; and to respond to Customer service requests.
Compliance with legal obligations: to comply with obligations under tax, accounting, customs, anti-money laundering, consumer protection, and product safety laws, as well as to respond to lawful requests from public authorities.
Legitimate interests: to ensure network and information security; to prevent and detect fraud; to analyze sales, Website performance, and Customer preferences; to improve the design and quality of our Products and services; and to defend our rights in legal proceedings. Natural Resistance balances these interests against the fundamental rights and freedoms of Customers.
Consent: to send newsletters, promotional communications, or targeted advertising; to analyze browsing behavior through non-essential cookies; and to conduct market research or surveys. Customers may withdraw their consent at any time without affecting the lawfulness of Processing prior to withdrawal.
5. Methods of Processing
5.1 Personal Data are processed primarily by automated means but may also be handled in paper form. Processing is carried out in compliance with principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
5.2 Natural Resistance implements appropriate technical and organizational measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, in accordance with Article 32 GDPR. Such measures include encryption, pseudonymization, restricted access, and regular monitoring of systems.
5.3 Personal Data are not subject to decisions based solely on automated Processing, including profiling, which produce legal effects or significantly affect Customers, unless explicit consent has been obtained or required by law.
6. Data Retention
6.1 Personal Data are retained only for as long as necessary to achieve the purposes for which they were collected or as required by applicable laws.
6.2 In particular: account and profile data are retained for the duration of the Customer’s account and deleted or anonymized upon closure, unless longer retention is required by law; order and transaction data are retained for up to ten (10) years from the date of the transaction, to comply with tax and accounting obligations; customer service data are retained for the time necessary to resolve the request, and in some cases up to three (3) years for training and quality control; marketing data collected with consent are retained until the Customer withdraws consent, or for a maximum of three (3) years after the last interaction; browsing data are retained in accordance with the Cookie Policy.
6.3 After the applicable retention period, Personal Data are either securely deleted or irreversibly anonymized.
7. Disclosure of Personal Data
7.1 Personal Data may be disclosed to internal staff, service providers, business partners, competent authorities, and in the context of corporate transactions. Employees and authorized personnel require access for the performance of their duties and are bound by confidentiality obligations. Service providers engaged by Natural Resistance process Personal Data only under contractual instructions and with adequate data protection commitments; such providers include payment processors, logistics companies, IT hosting and maintenance providers, analytics firms, and customer service tools. Business partners may receive Personal Data only with the Customer’s explicit consent for marketing or promotional purposes. Competent authorities, regulators, or courts may receive Personal Data where required by law or in order to protect the rights of Natural Resistance. In the event of mergers, acquisitions, restructuring, or other corporate transactions, prospective buyers, investors, or partners may receive Personal Data, subject to appropriate safeguards.
8. International Transfers
8.1 Personal Data may be transferred to recipients located outside the European Economic Area (“EEA”), including countries that may not provide the same level of data protection as within the EEA.
8.2 Where such transfers occur, Natural Resistance ensures that they are carried out in compliance with Chapter V of the GDPR, using one of the following mechanisms: transfers to countries subject to an adequacy decision by the European Commission; Standard Contractual Clauses adopted by the European Commission, supplemented by additional safeguards where necessary; or transfers necessary for the performance of a contract concluded in the interest of the Customer.
8.3 Where Personal Data are transferred to the United States, such transfers may rely on the EU–U.S. Data Privacy Framework, where applicable, or on Standard Contractual Clauses. Customers may request further information regarding safeguards for international transfers by contacting privacy@naturalresistance.com.
9. Rights of the Customer
9.1 Customers have the right of access, rectification, erasure, restriction, portability, objection, and withdrawal of consent, as provided under Articles 15–21 of the GDPR.
9.2 Customers wishing to exercise any of their rights must submit a written request to Natural Resistance by email or postal mail. Upon receipt of such a request, Natural Resistance will verify the identity of the individual making the request before proceeding. We will provide a response without undue delay and, in any case, within one month of receipt of the request, unless the request is complex or numerous, in which case this period may be extended by up to two additional months. Customers will be informed of any such extension and the reasons for the delay. Where requests are manifestly unfounded or excessive, Natural Resistance reserves the right to charge a reasonable fee or to refuse to act on the request.
9.3 Customers also have the right to lodge a complaint with their local supervisory authority if they believe that their rights under the GDPR have been violated. A list of supervisory authorities in the EEA is available on the website of the European Data Protection Board.
10. Data Breach Notification
10.1 In the unlikely event that a personal data breach occurs which is likely to result in a risk to the rights and freedoms of Customers, Natural Resistance shall notify the competent supervisory authority without undue delay and, where feasible, no later than seventy-two (72) hours after becoming aware of the breach.
10.2 Where the breach is likely to result in a high risk to the rights and freedoms of Customers, Natural Resistance shall also inform the affected Customers without undue delay, using the contact information available in its systems. Such communication will describe in clear and plain language the nature of the breach, the likely consequences, and the measures taken or proposed to mitigate possible adverse effects.
10.3 Customers are advised that while Natural Resistance implements robust safeguards, no method of transmission or storage is entirely secure, and absolute security cannot be guaranteed.
11. Cookies and Similar Technologies
11.1 The Website uses cookies and similar technologies to provide essential functionality, improve user experience, analyze Website traffic, and deliver personalized content and advertising. Cookies may be classified as essential, analytical, functional, or marketing.
11.2 Customers can manage or disable cookies through their browser settings or by using the cookie management tool available on the Website. For further information, Customers should refer to the Cookie Policy.
12. Governing Law and Jurisdiction
12.1 This Privacy Policy shall be governed by and construed in accordance with the laws of Sweden, without prejudice to mandatory provisions of EU data protection law and the local laws of the Customer’s country of residence.
12.2 Any dispute, claim, or controversy arising from or relating to this Privacy Policy shall first be addressed by contacting Natural Resistance’s privacy contact. If the dispute is not resolved amicably, Customers may escalate their concerns to the Data Protection Officer (if appointed), and subsequently lodge a complaint with their competent supervisory authority.
13. Changes and Superseding Prior Versions
13.1 Natural Resistance may amend or update this Privacy Policy at any time, for example to reflect changes in law, technology, or business operations. Updated versions of the Privacy Policy will be published on the Website with the date of the last update indicated at the top. Where required by law, Customers will be notified of material changes through reasonable means, such as email or Website notice.
13.2 This Privacy Policy supersedes and replaces any and all previous versions published by Natural Resistance. The date indicated at the top of this document reflects the current and authoritative version.
EU
US
PRIVACY POLICY EU
Natural Resistance AB
Last updated: 25-10-2025
1. Introduction
1.1 This privacy policy (the “Privacy Policy”) governs the collection, use, disclosure, storage, and protection of personal data in connection with the access to and use of the website available at www.naturalresistance.com (the “Website”), the creation and management of customer accounts, the purchase of weighted garments and related products offered for sale by Natural Resistance AB (the “Products”), and the provision of associated services, including marketing communications, after-sales support, warranty claims, voluntary refund programs, and all other activities carried out in connection with the Website or Natural Resistance’s business operations.
1.2 Natural Resistance AB (“Natural Resistance,” “we,” “us,” or “our”) is committed to safeguarding the privacy and security of all individuals who access or use the Website, place orders for Products, or otherwise engage with us. This Privacy Policy has been prepared in accordance with Regulation (EU) 2016/679 (the “General Data Protection Regulation” or “GDPR”), as well as applicable Swedish and European data protection laws, and it explains in detail how we process personal data, for what purposes, under which legal bases, and how Customers can exercise their rights as data subjects.
1.3 For the purposes of this Privacy Policy, “Personal Data” means any information relating to an identified or identifiable natural person (the “Customer” or “you”). “Processing” means any operation performed on Personal Data, such as collection, recording, storage, organization, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, combination, restriction, erasure, or destruction. “Controller” means the entity that determines the purposes and means of Processing Personal Data.
2. Identity of the Controller
2.1 The Controller responsible for the Processing of Personal Data in connection with the Website and the Products is:
Natural Resistance AB
Ringduvegatan 6
431 32 Mölndal
Sweden
Company registration number: 559462-9877
2.2 Natural Resistance has appointed a dedicated privacy contact who may be reached at Oscar.hallerod@naturalresistance.com for all questions, requests, or complaints relating to the Processing of Personal Data.
2.3 If required by law, Natural Resistance will also designate a Data Protection Officer (“DPO”), whose contact details will be made available on the Website.
3. Categories of Personal Data Collected
3.1 In the course of operating the Website, fulfilling orders, and providing services, Natural Resistance collects and processes different categories of Personal Data, including but not limited to:
Browsing and technical data: information automatically collected when a Customer visits the Website, including IP address, browser type, device identifiers, operating system, referring website, pages visited, access times, and other technical information. These data are collected primarily through cookies and similar technologies, in accordance with our Cookie Policy.
Account and registration data: information provided by the Customer when creating an account on the Website, such as name, email address, password, preferences, and communication settings.
Order and transaction data: information necessary to process orders, including shipping and billing address, contact details, order history, product preferences, payment method, and transaction details.
Payment data: details required to complete financial transactions. Natural Resistance does not store full credit card or payment information; such details are processed securely by authorized third-party payment providers.
Customer service data: correspondence with Natural Resistance, including inquiries, complaints, requests, warranty or refund claims, and other communications with our customer service team.
Marketing and communication data: preferences expressed by Customers in relation to receiving newsletters, promotions, or other marketing communications, and information about interactions with such communications.
Voluntary data: any other Personal Data voluntarily provided by Customers, for example in product reviews, surveys, contests, or when participating in promotional campaigns.
3.2 Natural Resistance does not intentionally collect sensitive categories of Personal Data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health data, or biometric identifiers). Customers are expressly requested not to provide such data when using the Website or purchasing Products.
3.3 In addition, Natural Resistance may collect and process Personal Data of job applicants, employees, and contractors. This may include identification details, contact information, curriculum vitae, employment history, references, and other information provided during recruitment or employment. Applicant data are processed exclusively for recruitment purposes and are retained for no longer than six (6) months after the conclusion of the recruitment process, unless longer retention is justified by law or explicit consent. Employee data are processed for the performance of the employment contract, compliance with labor, tax, and social security laws, and for internal administrative purposes.
4. Purposes of Processing and Legal Bases
4.1 Natural Resistance processes Personal Data exclusively for lawful purposes, in accordance with one or more of the legal bases under Article 6 of the GDPR.
4.2 The purposes of Processing and corresponding legal bases include:
Contractual necessity: to process and deliver orders; to provide and manage Customer accounts; to facilitate payments; to provide after-sales support, including returns, warranties, and refund programs; and to respond to Customer service requests.
Compliance with legal obligations: to comply with obligations under tax, accounting, customs, anti-money laundering, consumer protection, and product safety laws, as well as to respond to lawful requests from public authorities.
Legitimate interests: to ensure network and information security; to prevent and detect fraud; to analyze sales, Website performance, and Customer preferences; to improve the design and quality of our Products and services; and to defend our rights in legal proceedings. Natural Resistance balances these interests against the fundamental rights and freedoms of Customers.
Consent: to send newsletters, promotional communications, or targeted advertising; to analyze browsing behavior through non-essential cookies; and to conduct market research or surveys. Customers may withdraw their consent at any time without affecting the lawfulness of Processing prior to withdrawal.
5. Methods of Processing
5.1 Personal Data are processed primarily by automated means but may also be handled in paper form. Processing is carried out in compliance with principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
5.2 Natural Resistance implements appropriate technical and organizational measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, in accordance with Article 32 GDPR. Such measures include encryption, pseudonymization, restricted access, and regular monitoring of systems.
5.3 Personal Data are not subject to decisions based solely on automated Processing, including profiling, which produce legal effects or significantly affect Customers, unless explicit consent has been obtained or required by law.
6. Data Retention
6.1 Personal Data are retained only for as long as necessary to achieve the purposes for which they were collected or as required by applicable laws.
6.2 In particular: account and profile data are retained for the duration of the Customer’s account and deleted or anonymized upon closure, unless longer retention is required by law; order and transaction data are retained for up to ten (10) years from the date of the transaction, to comply with tax and accounting obligations; customer service data are retained for the time necessary to resolve the request, and in some cases up to three (3) years for training and quality control; marketing data collected with consent are retained until the Customer withdraws consent, or for a maximum of three (3) years after the last interaction; browsing data are retained in accordance with the Cookie Policy.
6.3 After the applicable retention period, Personal Data are either securely deleted or irreversibly anonymized.
7. Disclosure of Personal Data
7.1 Personal Data may be disclosed to internal staff, service providers, business partners, competent authorities, and in the context of corporate transactions. Employees and authorized personnel require access for the performance of their duties and are bound by confidentiality obligations. Service providers engaged by Natural Resistance process Personal Data only under contractual instructions and with adequate data protection commitments; such providers include payment processors, logistics companies, IT hosting and maintenance providers, analytics firms, and customer service tools. Business partners may receive Personal Data only with the Customer’s explicit consent for marketing or promotional purposes. Competent authorities, regulators, or courts may receive Personal Data where required by law or in order to protect the rights of Natural Resistance. In the event of mergers, acquisitions, restructuring, or other corporate transactions, prospective buyers, investors, or partners may receive Personal Data, subject to appropriate safeguards.
8. International Transfers
8.1 Personal Data may be transferred to recipients located outside the European Economic Area (“EEA”), including countries that may not provide the same level of data protection as within the EEA.
8.2 Where such transfers occur, Natural Resistance ensures that they are carried out in compliance with Chapter V of the GDPR, using one of the following mechanisms: transfers to countries subject to an adequacy decision by the European Commission; Standard Contractual Clauses adopted by the European Commission, supplemented by additional safeguards where necessary; or transfers necessary for the performance of a contract concluded in the interest of the Customer.
8.3 Where Personal Data are transferred to the United States, such transfers may rely on the EU–U.S. Data Privacy Framework, where applicable, or on Standard Contractual Clauses. Customers may request further information regarding safeguards for international transfers by contacting privacy@naturalresistance.com.
9. Rights of the Customer
9.1 Customers have the right of access, rectification, erasure, restriction, portability, objection, and withdrawal of consent, as provided under Articles 15–21 of the GDPR.
9.2 Customers wishing to exercise any of their rights must submit a written request to Natural Resistance by email or postal mail. Upon receipt of such a request, Natural Resistance will verify the identity of the individual making the request before proceeding. We will provide a response without undue delay and, in any case, within one month of receipt of the request, unless the request is complex or numerous, in which case this period may be extended by up to two additional months. Customers will be informed of any such extension and the reasons for the delay. Where requests are manifestly unfounded or excessive, Natural Resistance reserves the right to charge a reasonable fee or to refuse to act on the request.
9.3 Customers also have the right to lodge a complaint with their local supervisory authority if they believe that their rights under the GDPR have been violated. A list of supervisory authorities in the EEA is available on the website of the European Data Protection Board.
10. Data Breach Notification
10.1 In the unlikely event that a personal data breach occurs which is likely to result in a risk to the rights and freedoms of Customers, Natural Resistance shall notify the competent supervisory authority without undue delay and, where feasible, no later than seventy-two (72) hours after becoming aware of the breach.
10.2 Where the breach is likely to result in a high risk to the rights and freedoms of Customers, Natural Resistance shall also inform the affected Customers without undue delay, using the contact information available in its systems. Such communication will describe in clear and plain language the nature of the breach, the likely consequences, and the measures taken or proposed to mitigate possible adverse effects.
10.3 Customers are advised that while Natural Resistance implements robust safeguards, no method of transmission or storage is entirely secure, and absolute security cannot be guaranteed.
11. Cookies and Similar Technologies
11.1 The Website uses cookies and similar technologies to provide essential functionality, improve user experience, analyze Website traffic, and deliver personalized content and advertising. Cookies may be classified as essential, analytical, functional, or marketing.
11.2 Customers can manage or disable cookies through their browser settings or by using the cookie management tool available on the Website. For further information, Customers should refer to the Cookie Policy.
12. Governing Law and Jurisdiction
12.1 This Privacy Policy shall be governed by and construed in accordance with the laws of Sweden, without prejudice to mandatory provisions of EU data protection law and the local laws of the Customer’s country of residence.
12.2 Any dispute, claim, or controversy arising from or relating to this Privacy Policy shall first be addressed by contacting Natural Resistance’s privacy contact. If the dispute is not resolved amicably, Customers may escalate their concerns to the Data Protection Officer (if appointed), and subsequently lodge a complaint with their competent supervisory authority.
13. Changes and Superseding Prior Versions
13.1 Natural Resistance may amend or update this Privacy Policy at any time, for example to reflect changes in law, technology, or business operations. Updated versions of the Privacy Policy will be published on the Website with the date of the last update indicated at the top. Where required by law, Customers will be notified of material changes through reasonable means, such as email or Website notice.
13.2 This Privacy Policy supersedes and replaces any and all previous versions published by Natural Resistance. The date indicated at the top of this document reflects the current and authoritative version.
EU
US
NATURAL RESISTANCE
© 2026
NATURAL RESISTANCE
© 2026
NATURAL RESISTANCE
© 2026
NATURAL RESISTANCE
© 2026