Privacy policy

Effective Date: 24-01-2025

Welcome to Cyodor. Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website, use our services, or interact with us. We are committed to ensuring that your privacy is protected and that your personal information is handled with transparency, security, and respect for your rights.

Our privacy policy is designed to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) and UK GDPR. This document will provide detailed explanations about the types of personal data we collect, why we collect it, how we use it, and your rights concerning your personal information. We encourage you to read this policy carefully and contact us if you have any questions or concerns.

1. Important Information and Who We Are

Purpose of this Privacy Policy

This Privacy Policy is intended to inform you about how Cyodor ("we," "us," or "our") collects, processes, and protects your personal data. It applies when you visit our website, purchase our products, use our services, or otherwise interact with us. This policy provides a clear overview of our data handling practices, ensuring that you understand what personal data we collect, why we collect it, and how we use it.

We recognize the importance of privacy and take the responsibility of handling your personal data seriously. Our goal is to offer a secure and transparent experience to all users. Whether you are browsing our website, making a purchase, or subscribing to our marketing communications, we want to ensure that you are aware of how your data is used and protected.

This Privacy Policy supplements any other privacy-related notices or terms we may provide on specific occasions. It is not intended to override or replace any existing agreements you may have with us regarding data protection.

Controller

Cyodor, a company registered in the Netherlands, is the entity responsible for processing your personal data. As the data controller, we determine the purposes and means of processing your data and are accountable for ensuring that your data is handled in compliance with applicable laws.

If you have any questions or concerns about this Privacy Policy, or if you wish to exercise your rights under applicable data protection laws, you may contact us using the details provided below:

Email: support@cyodor.com

If you are located in the European Union (EU), United Kingdom (UK), or another jurisdiction with data protection laws, you have the right to lodge a complaint with the relevant Data Protection Authority (DPA) in your country. However, we encourage you to contact us first so we can resolve your concerns as efficiently as possible.

Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, legal requirements, or industry standards. When we make significant updates, we will notify you by posting a prominent notice on our website or sending you an email. We recommend that you review this Privacy Policy periodically to stay informed about how we protect your information.

Your continued use of our website or services after updates to this Privacy Policy indicates your acceptance of those changes. If you do not agree with the revised policy, you should discontinue using our services and contact us regarding any concerns you may have.

2. The Data We Collect About You

Personal Data We Collect

Personal data refers to any information that can directly or indirectly identify an individual. The type of personal data we collect depends on your interactions with us, such as whether you visit our website, place an order, or communicate with our customer support team.

We may collect, use, store, and transfer different categories of personal data, including but not limited to:

  • Identity Data – This includes your full name, title, username, and any other identifier you provide to us.
  • Contact Data – Your email address, phone number, billing address, and shipping address.
  • Financial Data – This includes payment details such as bank account information and credit/debit card details (processed securely by third-party payment providers; we do not store your full payment details).
  • Technical Data – Data related to your device and browsing activity, such as your IP address, browser type, time zone, operating system, and referral source.
  • Usage Data – Information about how you interact with our website, including page views, purchase history, and navigation behavior.
  • Marketing and Communications Data – Your preferences regarding receiving marketing communications from us and third parties.

Sensitive Personal Data

We do not collect special categories of personal data (also known as sensitive data) unless explicitly provided by you with your consent for a specific purpose. Sensitive data may include race, religious beliefs, political opinions, health information, or biometric data. If you choose to provide us with such data, we will handle it with the highest level of security and confidentiality.

Aggregated and Anonymized Data

In some cases, we may aggregate and anonymize your data for research, statistical, or business analysis purposes. This means that the data is processed in a way that prevents identification of individuals. Aggregated data helps us improve our products, services, and customer experience while ensuring that individual privacy is safeguarded.

3. How We Collect Your Data

We collect personal data through various methods, depending on how you interact with our website and services. The primary ways we collect data include:

Direct Interactions

You may provide personal data by:

  • Filling out forms on our website (e.g., when creating an account, subscribing to our newsletter, or contacting customer support).
  • Making a purchase and providing payment details.
  • Entering competitions, promotions, or surveys.
  • Communicating with us via email, phone, or live chat.

Automated Technologies and Interactions

As you interact with our website, we may automatically collect Technical and Usage Data through cookies, server logs, and analytics tools. This data helps us understand how visitors use our website, enabling us to improve performance, enhance security, and personalize the user experience.

Examples of automated data collection include:

  • Cookies – Small data files stored on your device that track browsing behavior.
  • Analytics tools – Such as Google Analytics, which help us analyze website traffic and trends.
  • Log files – Records of site activity, including error reports and system performance.

Third-Party Sources

We may receive personal data from third parties, including:

  • Payment processors – To confirm successful transactions and prevent fraud.
  • Marketing and advertising partners – To deliver personalized promotions.
  • Publicly available sources – To verify customer information where legally permitted.

4. Legal Basis for Processing (GDPR Compliance)

Under the General Data Protection Regulation (GDPR) and UK GDPR, we must have a lawful basis to process your personal data. We rely on the following legal grounds:

  • Performance of a Contract – When processing is necessary to fulfill a purchase or service agreement.
  • Legitimate Interest – To operate and improve our business while ensuring that our interests do not override your rights.
  • Consent – When you explicitly agree to marketing or tracking activities (which you can withdraw at any time).
  • Legal Obligation – When we are required by law to retain or share data (e.g., for tax or fraud prevention purposes).

5. How We Use Your Information

We process personal data for the following purposes:

  • Order Processing – To fulfill purchases, process payments, and arrange deliveries.
  • Customer Support – To respond to inquiries and resolve issues.
  • Website Optimization – To improve usability, security, and performance.
  • Marketing Communications – To provide promotions and updates (only if you opt in).
  • Legal and Regulatory Compliance – To meet financial, security, and regulatory requirements.

We do not sell or share personal data with third parties for their own marketing purposes.

6. Sharing Your Information

We value your privacy and ensure that your personal data is not shared or sold to unauthorized third parties. However, in some instances, we may share your information with trusted partners and service providers in order to deliver our services efficiently. When we share your data, we take steps to ensure it is protected and only used for legitimate purposes.

We may share your personal data with the following categories of third parties:

  • Service Providers – These include payment processors (e.g., Multisafepay), shipping providers, website hosting companies, and analytics providers (e.g., Google Analytics). These entities help us manage transactions, deliver products, analyze traffic, and maintain security.
  • Marketing and Advertising Partners – If you have given consent, we may share your data with third-party marketing platforms (e.g., Meta, Instagram) to provide personalized advertising and promotional offers tailored to your interests.
  • Business Partners – In certain cases, we collaborate with third-party vendors who assist us in improving our products and services.
  • Legal and Regulatory Authorities – If required by law or legal proceedings, we may disclose personal data to government authorities, regulatory bodies, or law enforcement agencies to comply with legal obligations.
  • Corporate Transactions – If our company undergoes a merger, acquisition, sale, or business restructuring, your personal data may be transferred to the new entity, provided that appropriate safeguards remain in place.

Whenever we share data with third parties, we ensure they process it in accordance with applicable privacy laws and contractual obligations. We do not allow third parties to use your data for their own marketing purposes unless you have explicitly agreed to such use.

7. Cookies and Tracking Technologies

To enhance your browsing experience and improve our services, we use cookies and similar tracking technologies. Cookies are small text files that are placed on your device when you visit our website. They help us understand your behavior, preferences, and interactions with our platform.

Types of Cookies We Use

  • Essential Cookies – Necessary for the operation of our website, such as enabling secure logins, managing shopping cart functions, and preventing fraudulent activity.
  • Analytical and Performance Cookies – Collect data about website traffic, visitor behavior, and performance metrics to help us improve our website experience.
  • Functionality Cookies – Store your preferences, such as language settings or past interactions, to enhance usability.
  • Targeting and Advertising Cookies – Used by us and third-party advertisers to display personalized ads based on your browsing habits.

Managing Cookies

You have the ability to accept, reject, or customize your cookie preferences through your browser settings. You can also delete stored cookies at any time. However, disabling cookies may impact the functionality of our website and limit your access to certain features.

For more information on how to manage cookies, please visit your browser’s help section or review our detailed Cookie Policy (if applicable).

8. International Data Transfers

Since Cyodor operates in multiple regions, your personal data may be transferred to and processed in countries outside of your country of residence. Some of these countries may not have the same level of data protection laws as those in the European Economic Area (EEA) or UK. However, we ensure that any such transfers comply with applicable laws and include appropriate safeguards to protect your data.

How We Protect International Data Transfers

To ensure the safety of your personal data when transferred internationally, we take the following measures:

  • Adequacy Decisions – Where applicable, we transfer data only to countries that the European Commission or UK government has deemed to provide an adequate level of data protection.
  • Standard Contractual Clauses (SCCs) – If we transfer your data to a country without an adequacy decision, we implement contractual safeguards that bind the recipient to GDPR-level data protection standards.
  • Binding Corporate Rules (BCRs) – For intra-company transfers, we ensure that all subsidiaries adhere to the same stringent data protection principles.
  • Encryption and Security Measures – We apply industry-standard encryption and cybersecurity protocols to protect data during international transfers.

If you require further details regarding how we protect personal data during transfers, please contact us at support@cyodor.com.

9. Data Security

We take the security of your personal data seriously and implement stringent measures to prevent unauthorized access, alteration, disclosure, or destruction. Our security framework is designed to protect personal data from cyber threats, unauthorized access, and accidental loss.

Security Measures We Implement

  • Secure Socket Layer (SSL) Encryption – All data transmitted between your browser and our website is encrypted using SSL technology.
  • Access Controls – We limit access to personal data to authorized personnel only. Employees and third-party service providers must adhere to strict confidentiality agreements.
  • Firewalls and Intrusion Detection Systems – We use advanced security technologies to prevent unauthorized access to our servers.
  • Regular Security Assessments – We conduct periodic security audits and vulnerability assessments to strengthen our systems.
  • Incident Response Plan – In the event of a data breach, we have established procedures to contain and mitigate risks, notify affected individuals, and comply with regulatory reporting requirements.

Despite our best efforts, no system can guarantee absolute security. Therefore, we encourage users to take precautions, such as using strong passwords and enabling two-factor authentication where applicable.

10. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including meeting legal, accounting, and regulatory obligations.

Retention Periods

  • Transactional Data – Retained for a period required to fulfill contracts and comply with tax and financial reporting laws (typically 6 to 10 years).
  • Marketing Data – Retained until you withdraw consent or opt out of marketing communications.
  • User Accounts – If you delete your account, we will remove your data unless legal obligations require us to retain it.
  • Legal and Compliance Data – Retained as necessary to fulfill regulatory and compliance requirements.

When the retention period expires, your data will be securely deleted or anonymized so it can no longer be linked to you. If you have any questions about our data retention practices, please contact support@cyodor.com.

11. Your Rights Under GDPR & UK GDPR

If you are located in the European Union (EU), United Kingdom (UK), or other jurisdictions with comprehensive data protection laws, you have specific rights concerning your personal data. These rights are intended to provide transparency and control over how your data is processed. Below are the rights you may exercise:

  • Right to Access – You have the right to request a copy of the personal data we hold about you. This enables you to verify how your information is being used and ensure compliance with data protection regulations.
  • Right to Rectification – If your personal data is inaccurate, outdated, or incomplete, you have the right to request corrections to ensure that all information we store is up to date.
  • Right to Erasure (Right to Be Forgotten) – In certain circumstances, you can request that we delete your personal data. This applies when data is no longer necessary for its original purpose, when you withdraw consent, or when data has been unlawfully processed. However, we may be required to retain some data for legal compliance.
  • Right to Restrict Processing – You have the right to request that we temporarily or permanently stop processing your data under certain conditions, such as when you contest the accuracy of your data or object to its processing.
  • Right to Data Portability – You can request that we transfer your personal data to you or another organization in a structured, commonly used, and machine-readable format.
  • Right to Object – You can object to our processing of your data, particularly if we rely on legitimate interests or if we use your data for direct marketing purposes.
  • Right to Withdraw Consent – If we process your data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing that took place before consent was withdrawn.
  • Right to Lodge a Complaint – If you believe we have not handled your data in accordance with this policy, you have the right to file a complaint with your local data protection authority.

To exercise any of these rights, please contact us at support@cyodor.com. We will respond to your request within one month unless an extension is required due to the complexity of the request.

12. Third-Party Links

Our website may contain links to external websites, plugins, or applications that are not operated by Cyodor. These third-party services may collect data about you independently, and their privacy policies will apply to your interactions with them.

We do not have control over how third-party websites handle your personal data. We encourage you to review their privacy policies before providing any information. Cyodor is not responsible for the privacy practices or data security of third-party websites, even if you access them through our platform.

Additionally, third-party integrations, such as social media buttons (e.g., Facebook, Instagram, Twitter), may allow those platforms to collect data about you based on your browsing activities. If you do not want these third-party services to collect information about your interactions, you should log out of those platforms before visiting our website or adjust your privacy settings directly with them.

13. Children’s Privacy

Cyodor is committed to protecting the privacy of children. Our website and services are not intended for individuals under the age of 16. We do not knowingly collect, store, or process personal data from children under 16 without verified parental consent.

If we become aware that we have collected personal data from a minor without appropriate parental consent, we will take immediate steps to delete such information. If you believe that a child has provided us with their personal data without parental consent, please contact us at support@cyodor.com, and we will take the necessary actions to remove it.

Parents and guardians are encouraged to monitor their children's online activities and take steps to ensure their children do not share personal data on websites without supervision.

14. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy from time to time to reflect changes in our business practices, legal requirements, or technological advancements. Any significant changes will be communicated via email, a website notice, or other means deemed appropriate.

How We Notify You of Changes

  • If we make minor updates that do not materially impact your rights, we will update the policy on our website with a new effective date.
  • If substantial changes affect how we collect, use, or share your personal data, we will notify you directly through your registered email or a prominent notice on our homepage.

We recommend checking this policy periodically to stay informed about how we protect your privacy. If you do not agree with any updates, you should discontinue using our services. Your continued use of our website and services after any modifications indicates your acceptance of the revised policy.

15. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or how your personal data is handled, please contact us using the details below:

Cyodor
Email: support@cyodor.com

We take your privacy concerns seriously and strive to resolve any issues efficiently. If you feel that your data protection rights have been violated, we encourage you to contact us first so we can address the issue. However, you also have the right to escalate the matter by lodging a complaint with your national Data Protection Authority.

Final Statement

We appreciate your trust in Cyodor and are committed to ensuring your personal data remains protected. Our goal is to provide transparency and empower you with control over your personal information. By using our website and services, you acknowledge and agree to the terms outlined in this Privacy Policy.

If you have any concerns, need further clarification, or wish to exercise your data protection rights, please reach out to us. We value your privacy and continuously work to enhance our policies and practices to better serve our customers.

Thank you for choosing Cyodor. Your privacy matters to us.