At Vyronza LLC located at https://vyronza.com/, we are committed to protecting your privacy and personal data. This GDPR Compliance Statement outlines how we collect, use, process, and protect personal data for individuals located in the European Economic Area (EEA), in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

1. Data Controller Identification

Vyronza LLC, operating from 3367 Tates Creek Rd,, Lexington, KY 40502, United States, is the data controller responsible for the processing of your personal data. You can contact us regarding any data protection matters at:

2. Personal Data We Collect

We collect personal data that you provide to us directly, as well as data automatically collected when you visit our website. This includes:

  • Identity and Contact Data: Name, billing address, shipping address, email address, and telephone numbers.
  • Transaction Data: Details about products and services you have purchased from us.
  • Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. Lawful Basis for Processing Personal Data

We will only process your personal data when we have a lawful basis to do so, as defined by the GDPR. These include:

  • Performance of a Contract: Processing your data is necessary for the performance of a contract to which you are a party (e.g., fulfilling your order, providing customer support).
  • Legitimate Interests: Processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., improving our services, preventing fraud, direct marketing where permissible).
  • Consent: You have given clear consent for us to process your personal data for a specific purpose (e.g., sending marketing communications). You have the right to withdraw your consent at any time.
  • Legal Obligation: Processing is necessary for compliance with a legal obligation that we are subject to.

4. How We Use Your Personal Data

We use your personal data for the following purposes:

  • To Process and Fulfill Your Orders: Including processing payments via Afterpay / Klarna and arranging for the delivery of products.
  • To Manage Your Account: Providing access to your purchase history and managing your preferences.
  • To Communicate with You: Responding to your inquiries, providing customer support, and sending service-related notifications.
  • For Marketing Purposes: Sending you updates, promotions, and news about our products and services, only where you have provided consent.
  • To Improve Our Website and Services: Analyzing user behavior to enhance user experience and website functionality.
  • For Security and Fraud Prevention: Protecting our website and customers from fraudulent activities.
  • To Comply with Legal Obligations: Meeting our regulatory and legal requirements.

5. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

6. Sharing Your Personal Data

We may share your personal data with:

  • Service Providers: Third parties who provide services on our behalf, such as payment processors (Afterpay / Klarna), shipping companies, website hosting, and analytics providers. These providers are obligated to protect your data and only use it for the purposes for which it was provided.
  • Legal and Regulatory Authorities: When required to do so by law, court order, or governmental regulation, or if we believe such action is necessary to protect and defend the rights, property, or safety of Vyronza LLC our customers, or others.
  • Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.

We do not sell your personal data to third parties.

7. International Data Transfers

As a US-based company, your data will be primarily processed and stored in the United States. While the United States has not received an adequacy decision from the European Commission, we ensure that your personal data is protected by requiring all our third-party service providers to comply with GDPR standards, including implementing appropriate safeguards like Standard Contractual Clauses (SCCs) approved by the European Commission, or other legally recognized mechanisms for data transfers where applicable.

8. Your GDPR Rights

If you are an individual in the EEA, you have the following rights regarding your personal data:

  • The Right to Be Informed: To receive clear, transparent, and easily understandable information about how we use your data and your rights.
  • The Right of Access: To request access to your personal data and obtain a copy of the information we hold about you.
  • The Right to Rectification: To request that we correct any inaccurate or incomplete personal data we hold about you.
  • The Right to Erasure (“Right to Be Forgotten”): To request that we delete your personal data in certain circumstances.
  • The Right to Restrict Processing: To request that we limit the way we process your personal data in certain circumstances.
  • The Right to Data Portability: To request to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
  • The Right to Object: To object to the processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.
  • Rights in Relation to Automated Decision-Making and Profiling: To not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except in certain cases.

9. Exercising Your Rights

To exercise any of your GDPR rights, please contact us at:

We will respond to your request within one month, as required by GDPR. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

10. Right to Lodge a Complaint

If you are an EEA resident and believe that we have not complied with data protection laws, you have the right to lodge a complaint with your local data protection supervisory authority. While you have the right to do this at any time, we would appreciate it if you would contact us first to give us the opportunity to address your concerns.

11. Security Measures

We have implemented appropriate technical and organizational security measures to protect your personal data from accidental loss, unauthorized access, use, alteration, or disclosure. We also limit access to your personal data to employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

12. Changes to This GDPR Compliance Statement

We may update this GDPR Compliance Statement from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post any changes on this page and update the “Effective Date” at the top of this statement. We encourage you to review this statement periodically.