Privacy Policy

Last updated: March 11, 2025

1. Introduction and scope

This Privacy Policy ("Policy") describes how Shryxellshik ("we," "us," or "our") collects, uses, discloses, stores, and protects your personal data when you access or use our website https://shryxellshik.world (the "Site"), when you place orders for our products (including Dynavita), when you contact our customer service, or when you otherwise interact with us. This Policy applies to all visitors, users, and customers of the Site and our services, regardless of your location. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) where it applies to our processing, the UK GDPR, the California Consumer Privacy Act (CCPA) as amended by the CPRA, and other U.S. federal and state privacy laws, as well as any other applicable local legislation.

By using the Site or providing your personal data to us, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, you must not use the Site or provide us with your personal data. We may update this Policy from time to time; the "Last updated" date at the top indicates when the Policy was last revised.

2. Data controller and contact details

The data controller responsible for your personal data is:

Shryxellshik
122 W 146th St
New York, NY 10039
United States

Email: hello@shryxellshik.world
Phone: +12126753900

For any questions regarding this Policy, the processing of your personal data, or to exercise your rights, please contact us using the details above. We will respond to your request within the time frame required by applicable law (for example, within one month under the GDPR, or within the time limits set by other applicable regulations).

3. Definitions

In this Policy, the following terms have the meanings set out below:

  • Personal data means any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
  • Processing means any operation or set of operations performed on personal data (e.g., collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure, restriction, erasure, or destruction).
  • Data subject means the identified or identifiable natural person to whom the personal data relates (i.e., you).
  • Controller means the entity that determines the purposes and means of the processing of personal data (i.e., us).
  • Processor means a natural or legal person that processes personal data on behalf of the controller.
  • Consent means any freely given, specific, informed, and unambiguous indication of the data subject's agreement to the processing of his or her personal data.

4. Categories of personal data we collect

We may collect and process the following categories of personal data, depending on how you interact with the Site and our services:

4.1 Identity and contact data

This includes your full name, email address, telephone number (if you choose to provide it), and postal address (shipping and/or billing) when you place an order, create an account (where applicable), or contact us. We collect this data when you fill in our order form, contact form, or when you communicate with us by email or phone. This data is necessary to process your orders, deliver products, and respond to your inquiries.

4.2 Transaction and order data

This includes details of the products you have ordered (e.g., product name, quantity, price), order date, order status, delivery address, and payment-related information. Payment card details (e.g., card number, expiry date) are generally processed directly by our secure payment service providers and are not stored by us in full; we may receive only limited information (e.g., last four digits, brand) for reference and fraud prevention. We also keep records of your purchase history for the purposes of order fulfilment, customer support, and legal compliance.

4.3 Technical and usage data

When you visit the Site, we may automatically collect certain technical data, such as your IP address, browser type and version, operating system, device type, unique device identifiers, referring URL, pages visited on our Site, date and time of access, and the time spent on those pages. We collect this data only where you have consented to the use of analytics cookies or where we have a legitimate interest (e.g., for security and fraud prevention). For more detail on cookies and similar technologies, please see our Cookie Policy.

4.4 Communication data

This includes the content of messages you send to us (e.g., via contact form, email, or phone), your preferences regarding how you wish to be contacted, and records of our correspondence with you. We use this data to respond to your inquiries, provide customer support, and improve our services.

4.5 Consent and preference data

We record your choices in relation to cookies, marketing communications, and other preferences where required by law. This may include the date and time of your consent, the type of consent given, and any withdrawal of consent. We use this data to comply with our legal obligations and to respect your preferences.

4.6 Data you provide voluntarily

You may choose to provide additional information in free-text fields (e.g., "message" or "notes" in the order form). Such data is processed only for the purposes for which you provide it (e.g., to fulfil your order or respond to your request). Please do not include sensitive personal data (e.g., health information, racial or ethnic origin) unless strictly necessary; we do not request such data for our standard services.

5. Legal basis for processing (GDPR and similar frameworks)

Where the GDPR or similar laws apply, we process your personal data only where we have a valid legal basis. The legal bases we rely on include the following:

  • Performance of a contract: Processing is necessary for the performance of a contract to which you are party (e.g., processing your order, delivering products, managing your account) or in order to take steps at your request prior to entering into such a contract.
  • Legitimate interests: Processing is necessary for the purposes of our legitimate interests (e.g., operating and improving the Site, preventing fraud, ensuring security, defending our legal rights, conducting internal analytics) where such interests are not overridden by your interests or fundamental rights and freedoms. We carry out a balancing assessment where required by law.
  • Legal obligation: Processing is necessary for compliance with a legal obligation to which we are subject (e.g., tax and accounting rules, retention of records for regulatory or judicial purposes).
  • Consent: You have given clear consent to the processing of your personal data for one or more specific purposes (e.g., non-essential cookies, marketing communications, optional data). You may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Where U.S. or other non-EEA law applies, we may rely on equivalent or additional bases (e.g., consent, contract, legitimate business interest) as permitted by applicable law.

6. Purposes of processing

We use your personal data for the following purposes:

  • To process and fulfil your orders (including Dynavita and any other products), to manage deliveries, and to communicate with you about your order status.
  • To provide customer support, respond to your inquiries, and resolve complaints or disputes.
  • To send you order confirmations, shipping notifications, and, where you have opted in, marketing communications (e.g., newsletters, offers). You may opt out of marketing at any time.
  • To improve our Site, products, and services (e.g., by analysing how the Site is used, when you have consented to analytics cookies).
  • To prevent and detect fraud, to ensure the security of our systems and your data, and to protect our rights and the rights of others.
  • To comply with legal and regulatory obligations (e.g., tax, accounting, responding to lawful requests from authorities).
  • To enforce our Terms of Service and other agreements, and to establish, exercise, or defend legal claims.

We do not use your personal data for automated decision-making that produces legal effects concerning you or similarly significantly affects you, except where permitted by law and with appropriate safeguards.

7. Data sharing and recipients

We may share your personal data with the following categories of recipients, only to the extent necessary for the purposes described in this Policy:

  • Service providers (processors): We engage third-party service providers to perform functions on our behalf, such as payment processing, order fulfilment, shipping and logistics, email delivery, hosting, and analytics. These providers are contractually bound to use your data only for the purposes we specify and to protect it in accordance with applicable law. Where required (e.g., under the GDPR), we enter into data processing agreements that impose appropriate technical and organisational measures.
  • Professional advisers: We may share data with lawyers, auditors, insurers, and other professional advisers where necessary for the purposes of providing advice, managing risk, or complying with legal obligations.
  • Public authorities: We may disclose your data to law enforcement, courts, regulators, or other public authorities when required by law, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

We do not sell your personal data to third parties. We do not share your personal data with third parties for their own marketing purposes unless you have given your explicit consent. If our practices change in this regard, we will update this Policy and, where required by law, obtain your consent.

If we transfer your personal data to countries outside the European Economic Area (EEA) or the United Kingdom, we ensure that appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission or the UK authorities, or other mechanisms recognised by applicable law. You may request a copy of the safeguards we use by contacting us at the details above.

8. Data retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal, regulatory, tax, or accounting obligations. Our retention periods are as follows (subject to any longer retention required by law):

  • Order and transaction data: We retain order and payment records typically for seven (7) years after the relevant transaction for tax and legal compliance purposes. Some jurisdictions may require longer retention.
  • Contact and customer support data: We retain correspondence and support records for the duration of our relationship with you and for a reasonable period thereafter (typically up to three (3) years) unless a longer period is required for legal or regulatory purposes.
  • Marketing and consent records: We retain records of your consent and marketing preferences until you withdraw consent or object, and for a short period thereafter to document your choice and comply with our obligations.
  • Analytics data: Where you have consented to analytics cookies, we retain such data for the period specified by our analytics provider (typically up to 26 months) or as otherwise disclosed in our Cookie Policy.
  • Technical and security logs: We retain server logs and security-related data as needed for security and fraud prevention, typically for up to twelve (12) months, unless a longer retention period is required by law or for the investigation of incidents.

After the applicable retention period has expired, we securely delete or anonymise your personal data so that it can no longer be associated with you. Where we anonymise data, we may retain it for statistical or analytical purposes indefinitely.

9. Your rights

Depending on your location and applicable law, you may have the following rights in relation to your personal data:

  • Right of access: You may request a copy of the personal data we hold about you, together with information about the purposes of processing, the categories of data, the recipients (or categories of recipients), the retention period (or criteria used to determine it), and the existence of automated decision-making. We may need to verify your identity before responding.
  • Right to rectification: You may request that we correct any inaccurate or incomplete personal data we hold about you.
  • Right to erasure ("right to be forgotten"): You may request that we delete your personal data in certain circumstances, for example where the data is no longer necessary for the purposes for which it was collected, where you have withdrawn consent (and there is no other legal basis), or where you have validly objected to the processing. This right is not absolute and may be subject to exceptions (e.g., where we are required to retain data for legal compliance).
  • Right to restriction of processing: You may request that we restrict the processing of your personal data in certain situations (e.g., where you contest the accuracy of the data, where the processing is unlawful but you prefer restriction to erasure, or where we no longer need the data but you need it for the establishment, exercise, or defence of legal claims).
  • Right to data portability: Where the processing is based on your consent or on a contract, and the processing is carried out by automated means, you may have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.
  • Right to object: You may object at any time to processing of your personal data based on legitimate interests, including profiling. You also have the right to object at any time to processing of your data for direct marketing purposes. Where you object to processing for direct marketing, we will cease such processing without delay.
  • Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority in the country of your residence, place of work, or place of the alleged infringement. In the European Union, you may find your supervisory authority at the European Data Protection Board website. In the UK, the supervisory authority is the Information Commissioner's Office (ICO).

If you are a California resident, you may have additional rights under the CCPA/CPRA, including the right to know what personal information we collect and how we use it, the right to delete personal information, the right to correct inaccurate personal information, the right to opt out of the "sale" or "sharing" of personal information (we do not sell personal information as defined under the CCPA), and the right to non-discrimination for exercising your rights. You may also have the right to limit the use of sensitive personal information. To exercise these rights, please contact us using the details in Section 2. We will not discriminate against you for exercising your privacy rights. You may designate an authorised agent to submit requests on your behalf; we may require verification of the agent's authority and your identity.

To exercise any of the above rights, please contact us at hello@shryxellshik.world or at our postal address set out in Section 2. We will respond within the time limit required by applicable law (e.g., one month under the GDPR, with a possible extension of two further months where necessary). If we do not take action on your request, we will inform you of the reasons and of your right to lodge a complaint with a supervisory authority.

10. Security measures

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include, but are not limited to:

  • Use of HTTPS (TLS/SSL encryption) for all data transmitted between your browser and our Site to protect data in transit.
  • Secure storage of data at rest, with access restricted to authorised personnel on a need-to-know basis.
  • Regular review and updating of our security practices, including access controls, password policies, and secure development practices.
  • Contractual obligations requiring our service providers and processors to implement appropriate security measures and to process personal data only in accordance with our instructions.
  • Procedures for assessing and responding to potential data breaches, including notification to supervisory authorities and affected individuals where required by law.

Despite our efforts, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee the absolute security of your personal data; however, we are committed to protecting it in line with industry standards and applicable legal requirements.

11. Data breach notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where required by law, within the time frame specified by applicable regulation (e.g., 72 hours under the GDPR where feasible). Where the breach is likely to result in a high risk to you, we will also communicate the breach to you without undue delay, unless we are required by law to delay such communication or have taken subsequent measures that ensure the risk is no longer likely to materialise. Our notification will describe the nature of the breach, the likely consequences, and the measures we have taken or propose to take to address it.

12. Children

Our Site and services are not directed to individuals under the age of 16 (or a higher age where required by local law). We do not knowingly collect personal data from children. If you are a parent or guardian and believe that your child has provided us with personal data without your consent, please contact us at the details in Section 2, and we will take steps to delete such information from our systems as soon as reasonably practicable.

13. Third-party links

Our Site may contain links to third-party websites (e.g., social media, payment providers). This Policy does not apply to those websites. We are not responsible for the privacy practices of third parties. We encourage you to read the privacy policies of any third-party sites you visit.

14. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will post the revised Policy on this page and update the "Last updated" date at the top. Where required by law (e.g., for material changes that affect how we use your data), we may notify you by email or by a prominent notice on the Site and, where necessary, obtain your consent. We encourage you to review this Policy periodically to stay informed about how we protect your information.

15. Contact

For any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data, please contact us:

Shryxellshik
122 W 146th St
New York, NY 10039
United States

Email: hello@shryxellshik.world
Phone: +12126753900