Cyntoria.com, (hereinafter also referred to as “Company”, “we”, “our” or “us”) operate https://cyntoria.com/ (“Website”) as well as any other related services (collectively, the “Services“). Our Privacy Policy (“Policy”) governs your visit to our Website and explains how we collect, safeguard and disclose information that results from your use of our Service.
We take your privacy very seriously. In this Policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this Policy that you do not agree with, please discontinue the use of our Services immediately.
We use your data to provide and improve Service. By using the Service, you agree to the collection and use of information in accordance with this policy. If this Policy is modified in any way, it will be updated here. Regularly checking and reviewing this page ensures that you are updated on the information which may be collected, used and shared with other parties. If we believe that the modifications are material, we will notify you of the changes by posting a notice on the Website, or emailing you at the email address provided to us by you, and as we may deem appropriate. What constitutes a material change will be determined by us, at our sole and absolute discretion. In this Policy “you”, “your”, “user” or “users” refers to the users of the Website.
INFORMATION WE COLLECT
Personal information you disclose to us
Cyntoria.com may collect personal information that you voluntarily provide to us when you register yourself on the Website or express an interest in obtaining information about us or our Services or otherwise when you contact us.
We may collect the first name; surname; e-mail address and other similar information. We may also collect additional information about you in order to provide relevant and effective services. All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.
Financial information
We may collect card type (for example visa/master card etc.); the card’s expiry year & the month and the last 4 digits of the card.
Information automatically collected
When you access our websites, we, our service providers and our partners may automatically collect information about you, your computer or mobile device, and your activity on our websites. Typically, this information includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier, browser type, screen resolution, IP address, the website you visited before browsing our website, general location information such as city, state or geographic area; and information about your use of and actions on or in our websites, such as pages or screens you accessed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access.
Our service providers and business partners may collect this type of information over time and across third-party websites. This information is collected via various mechanisms, such as via web beacons, embedded scripts, and similar technologies.
COOKIES AND OTHER TRACKING TECHNOLOGIES
We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy. For more information please refer to our Cookie Policy.
USE OF PERSONAL INFORMATION
Cyntoria.com uses personal information collected via our Website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.
We use the information we collect or receive:
- To send administrative information to you. We only use personal data for the sole purpose of billing. We may use your personal information to send you information about changes to our terms, conditions, and policies.
- To protect our Services. We may use your information as part of our efforts to keep our Website safe and secure (for example, for fraud monitoring and prevention).
- To enforce our terms and conditions. We may use your information to enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract.
- To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
- To respond to user inquiries. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services.
THIRD-PARTY LINKS
The Website may use third-party website links. We cannot guarantee the safety and privacy of the data you provide to any third parties. Any data collected by third parties is not covered by this Policy. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites or services that may be linked to or from the Website. We strongly advise you to review the Privacy Policy of every third-party service provider. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
WE HEREBY DISCLAIM LIABILITY FOR, ANY INFORMATION, MATERIALS, PRODUCTS, OR SERVICES POSTED OR OFFERED AT ANY OF THE THIRD-PARTY SITES LINKED TO THIS WEBSITE. BY CREATING A LINK TO A THIRD-PARTY WEBSITE, WE DO NOT ENDORSE OR RECOMMEND ANY PRODUCTS OR SERVICES OFFERED OR INFORMATION CONTAINED ON THAT WEBSITE, NOR ARE WE LIABLE FOR ANY FAILURE OF PRODUCTS OR SERVICES OFFERED OR ADVERTISED AT THOSE SITES. SUCH A THIRD PARTY MAY HAVE A PRIVACY POLICY DIFFERENT FROM THAT OF OURS AND THE THIRD-PARTY WEBSITE MAY PROVIDE LESS SECURITY THAN THIS SITE.
THIRD-PARTY SERVICE PROVIDERS
Cyntoria.com may use third-party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
GOOGLE ANALYTICS
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
GOOGLE RECAPTCHA
Cyntoria.com uses Google reCAPTCHA, which identifies bots by collecting hardware and software information and sending that data to Google for analysis.
To learn more about Google reCAPTCHA, please visit https://www.google.com/recaptcha/about/ and https://policies.google.com/privacy
SAFETY OF INFORMATION
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, the transmission of personal information to and from our Website is at your own risk. You should only access the Website within a secure environment.
YOUR DATA PROTECTION RIGHTS UNDER THE GENERAL DATA PROTECTION REGULATION (GDPR) AND THE UK DATA PROTECTION ACT (DPA).
If you are a resident of the United Kingdom (UK), European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR and DPA. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed of what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
Under certain circumstances, individuals in Europe have rights under data protection laws in relation to their personal data. If you are located in Europe, you may ask us to take the following actions regarding personal data that we hold:
- Access. You are entitled to ask us if we are processing your personal data and, if so, for a copy of the personal data we hold about you, as well as obtain certain other information about our processing activities.
- Correction. If any personal data we hold about you is incomplete or inaccurate, you can require us to correct it, though we may need to verify the accuracy of the new data you provide to us.
- Erasure. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.
- Object. Where our reason for processing your personal data is a legitimate interest you may object to the processing as you feel it impacts your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Restriction. You may ask us to suspend our use of your personal data in the following scenarios: if you want us to establish the data’s accuracy; where our use of your personal data is unlawful but you do not want us to erase it; where you need us to hold your data for a longer period than we usually would, because you need it to establish, exercise or defend legal claims; or you have objected to our use of your data but we need to verify whether we have to override legitimate grounds to use it.
- Transfer. Where it is possible, we will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to personal data provided by you which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent. Where our reason for processing is based on your consent, you may withdraw that consent at any time. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.
- Automated decision making. You have the right not to be subject to automated decision-making (e.g., profiling) that significantly affects you. The exercise of this right is not available to you in the following cases:
- The automated decision is required to enter into, or perform, a contract with you.
- We have your explicit consent to make such a decision.
- The automated decision is authorised by the local law of an EU member state.
However, in the first two cases set out above, you still have the right to obtain human intervention in respect of the decision, to express your point of view and to contest the decision.
There may be legal or other reasons why we cannot, or are not obliged to, fulfil a request to exercise your rights. We will use available lawful exemptions to your individual rights to the extent appropriate. If we decline your request, we will tell you why, subject to legal restrictions.
You will not have to pay a fee to exercise any of your rights relating to your personal data. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Please note that we may ask you to verify your identity before responding to such requests. Please note, that we may not be able to provide Service without some necessary data.
You also have the right to file a complaint with the supervisory authority in the EEA, and in the UK you can file a complaint with the Information Commissioner’s Office.
YOUR DATA PROTECTION RIGHTS UNDER CALIFORNIA CONSUMER PRIVACY ACT (CCPA)/CALIFORNIA PRIVACY RIGHTS ACT (CPRA).
“Shine the Light” and “Eraser” Laws: Residents of the State of California may request a list of all third parties to which we have disclosed certain information during the preceding year for those third parties direct marketing purposes.
California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA): The CCPA, as amended by the CPRA, provides California residents and/or their authorized agents with specific rights regarding the collection and storage of their personal information.
Your Right to Know: California residents have the right to request that we disclose the following information to you about our collection and use of your personal information over the past twelve (12) months. We may ask you to provide certain information to identify yourself so that we may compare it with our records in order to verify your request. Upon verification, we will disclose to you:
● The categories of personal information we have collected about you.
● The categories of sources for the personal information we have collected about you.
● The specific pieces of personal information we have collected about you.
● Our business or commercial purpose is to collect or sell your personal information.
● The categories of third parties to whom we have sold or shared your personal information if any, and the categories of personal information that we have shared with each third-party recipient.
Your Right to Opt-Out of Sharing of Personal Information: California residents have the right to opt-out of the sale of their personal information by submitting a request as directed on the homepage of our Website or by contacting us using the information in the “Contact Us” section below. Please note that we do not knowingly sell the personal information of any individuals under the age of 18.
Where we are sharing your personal information with third parties for the purposes of cross-context behavioural advertising or profiling, you may opt-out of such sharing at any time by submitting a request as directed on the homepage of our Website or by contacting us using the information in the “Contact Us” section below.
Your Right to Limit Use of Sensitive Personal Information: California residents have the right to request that we limit our use of any sensitive personal information to those uses which are necessary to perform the Services or for other specifically enumerated business purposes under the CCPA, as amended by the CPRA.
Your Right to Delete: California residents have the right to request that we delete any of the personal information collected from you and retained by us, subject to certain exceptions. We may ask you to provide certain information to identify yourself so that we may compare it with our records in order to verify your request. Once your request is verified and we have determined that we are required to delete the requested personal information in accordance with the CCPA, we will delete, and direct our third-party service providers to delete, your personal information from their records. Your request to delete personal information that we have collected may be denied if we conclude it is necessary for us to retain such personal information under one or more of the exceptions listed in the CCPA.
Your Right to Correct: Under the CCPA, as amended by the CPRA, California residents have the right to request that we correct any inaccurate personal information we maintain about you, taking into account the nature of the personal information and the purposes for which we are processing such personal information. We will use commercially reasonable efforts to correct such inaccurate personal information about you.
Non-Discrimination: You will not receive any discriminatory treatment by us for the exercise of your privacy rights conferred by the CCPA.
We Don’t Sell Your Data: We don’t sell your data and we don’t share your data with third parties for cross-context behavioral advertising.
Verifying Your Request: Only you, or a person that you authorize to act on your behalf, may make a request related to your personal information. In the case of access and deletion, your request must be verifiable before we can fulfil such a request. Verifying your request will require you to provide sufficient information for us to reasonably verify that you are the person about whom we collected personal information or a person authorized to act on your behalf. We will only use the personal information that you have provided in a verifiable request in order to verify your request. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority. Please note that we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive or manifestly unfounded.
To exercise these rights, please contact us at the contact information mentioned in the “Contact Us” clause.
YOUR DATA PROTECTION RIGHTS UNDER THE LAWS OF OTHER STATES IN THE USA.
1. Nevada
-
- If you are a resident of Nevada, you have some additional rights:
- We do not sell your covered information, as defined under Chapter 603A of the Nevada Revised Statutes.
- If you are a resident of Nevada, you have some additional rights:
2. Virginia
-
- If you are a resident of Virginia, you have some additional rights:
- If we deny your rights request, you have the right to appeal that decision. We will provide you with the necessary information to submit an appeal at that time.
- You have the right to opt out of targeted advertising.
- You have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
- If you are a resident of Virginia, you have some additional rights:
3. Colorado
-
- If you are a resident of Colorado, you have some additional rights:
- If we deny your rights request, you have the right to appeal that decision. We will provide you with the necessary information to submit an appeal at that time.
- You have the right to opt out of targeted advertising.
- You have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
- If you are a resident of Colorado, you have some additional rights:
4. Connecticut
-
- If you are a resident of Connecticut, you have some additional rights:
- If we deny your rights request, you have the right to appeal that decision. We will provide you with the necessary information to submit an appeal at that time.
- You have the right to opt out of targeted advertising.
- You have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
- If you are a resident of Connecticut, you have some additional rights:
DATA PROTECTION RIGHTS FOR OTHER JURISDICTIONS
In Australia, data protection rights are governed by the Australian Privacy Principles (APPs). These principles outline the rights and obligations regarding the collection, use, and disclosure of personal information. Individuals have the right to know how their personal data is being handled, access their personal information held by organizations, request correction of inaccurate data, and make complaints about privacy breaches. The Office of the Australian Information Commissioner (OAIC) is the regulatory authority responsible for overseeing data protection in Australia. For more information on data protection rights in Australia, visit the website of the OAIC at https://www.oaic.gov.au/.
In Switzerland, data protection rights are protected by the Swiss Federal Act on Data Protection (FADP). Individuals have the right to know what personal data is being processed, access their personal information, request the correction or deletion of inaccurate or outdated data, and object to the processing of their data under certain circumstances. The Swiss Federal Data Protection and Information Commissioner (FDPIC) is the authority responsible for enforcing data protection regulations in Switzerland. For more information on data protection rights in Switzerland, refer to the official website of the FDPIC.
For data protection rights for other jurisdictions, please refer to your country-specific data protection laws.
CHILDREN’S PRIVACY
Cyntoria.com does not knowingly collect personally identifiable information from Children below the age of 18 (“Child” or “Children”) without the consent of the parents or legal guardian. If you become aware that a Child has provided us with Personal Data without the parent’s or legal guardian’s consent, please contact us. If we become aware that we have collected Personal Data from Children, we take steps to remove that information from our servers.
PAYMENTS
We provide paid products and services within the Service. We may use third-party services for payment processing (e.g. payment processors) like Paypal. Their Privacy Policy can be viewed at https://www.paypal.com/us/legalhub/privacy-full. In that case, the information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
UPDATES TO THIS POLICY
Cyntoria.com may update this privacy notice from time to time. The updated version will be indicated by an updated “Last updated” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
CONTACT US
After reviewing this policy, if you have any questions or queries, concerning this Privacy policy, please contact us at [email protected]
Effective Date: July 11, 2023
Last Updated: July 11, 2023