We have implemented strict safety and confidentiality protocols to protect your data. Your privacy is our top priority, and we collect personal data only with your explicit consent. This Privacy Policy explains how and why we process your personal data on our Website and outlines your rights as a data subject.
We are committed to processing your personal data lawfully and for legitimate purposes. We prioritize your privacy and take measures to ensure the security of your data. Specifically, we handle your personal data in compliance with Regulation (EU) 2016/679, known as the General Data Protection Regulation (GDPR), which governs the protection of individuals' personal data and its free movement within the European Union. For more information, you can view the full text of the GDPR here.
The data controller of your personal data is Erysta Limited a company incorporated in Hong Kong under the number 76111914, and having its registered office at Unit 2A, 17/F, Glenealy Tower, Central, Hong Kong SAR.
Our contact details:
This privacy notice applies to individuals who access, browse, and use our Website. Its aim is to inform you how we collect and process your personal data through your use of the Website.
We receive and store any information you enter on our Website or provide to us in other ways, such as browsing our Website, registering an account, purchasing products, contacting us, or posting material. By doing so, you consent to our collection and use of this information for the specified purpose.
If we ask for your personal information for a secondary purpose, such as marketing, we will either ask you directly for your explicit consent or provide you with an opt-out option.
Your personal information will not be shared with third parties without your consent and only within the limits permitted by law.
You can always choose not to provide certain information, even though it might be necessary to make a purchase or use all Erysta services.
The information we gather from customers helps us personalize and continually improve your shopping experience at www.erysta.com. Here are the types of information we collect:
This includes personal details you provide when creating an account, browsing product pages, subscribing to newsletters, or making purchases. For example, this may include your name, email address, phone number, and payment information. We use this information to respond to your requests, personalize future shopping experiences, improve our services, and communicate with you. We handle personal data based on your implied or expressed consent, or as required by law.
We use "cookies" and collect certain types of information when your web browser accesses www.erysta.com. This includes your IP address, browser type, operating system, and browsing activity. Cookies help us simplify the login process, ensure the security of registered users, facilitate online shopping, and analyze website traffic to enhance user experience.
We may obtain data from third-party sources, including social media platforms, to offer you personalized content and services. For instance, if you log in using a third-party service like Google or Discord, additional data such as your profile information may be collected. We do not share or sell this data without your explicit consent. If you use third-party services to access our Website, be aware that additional data may be stored and subject to their privacy practices.
We collect personal data to provide and improve our services. The table below explains in detail the purposes of processing, the legal basis under the GDPR, and how long we keep your data.
Below is a summary of the personal data we collect, the purposes for which we process it, the legal basis under the GDPR, and the applicable retention periods. This table is intended to provide clear and transparent information in compliance with Articles 13 and 14 of the GDPR.
| Purpose | Legal Basis | Retention Period |
|---|---|---|
| Managing your account | Contract (Art. 6(1)(b)) | Until account deletion |
| Guest cart saving | Legitimate interest (Art. 6(1)(f)) | 5 days |
| Orders & Tax Compliance | Legal/contract (Art. 6(1)(c)/(b)) | 10 years or as required by law |
| Customer Support | Legitimate interest (Art. 6(1)(f)) | Until you ask for deletion |
| Newsletter and marketing | Consent (Art. 6(1)(a)) | Until you unsubscribe |
| Backups and system integrity | Legitimate interest (Art. 6(1)(f)) | 1 year |
| Security & Legal Compliance | Legal/legit. interest (Art. 6(1)(c)/(f)) | Up to 10 years |
| Legal Claims & Dispute Resolution | Legal obligation (Art. 6(1)(c)) | As long as required by law |
For any questions regarding your data or to request deletion, you can contact us at [email protected] or manage your privacy settings in your user account.
Under data protection laws, you have several important rights regarding your personal data. Below is a summary of these rights:
To exercise any of these rights, or if you have questions or concerns about how we process your personal data, please contact us at [email protected]. We will respond as promptly as possible, in accordance with applicable data protection laws.
We may use data obtained from external sources, including social media platforms, to provide you with personalized content and services. This data is never shared without your explicit consent. If you use third-party services to log in to or access our Website, additional data may be stored.
This data is used to enable or enhance features such as:
If you use a "Single Sign-On" (SSO) option from services such as Google, Discord, or Steam, the following data may be collected and stored:
We may use third-party providers—such as payment gateways, communication platforms, and technical service providers—who collect, use, and process your personal data strictly as necessary to deliver the services they offer on our behalf.
We use PayPal for payments and other services. When you use PayPal to make payments on our Website, PayPal may collect personal data you provide, such as payment and identifying information. PayPal uses this information to operate and improve its services, including for fraud detection, harm and loss prevention, authentication, and legal compliance. The processing of this information is subject to the PayPal Privacy Statement.
We encourage you to review the privacy policies of any third-party providers you interact with during transactions on our platform, to understand how they handle and safeguard your personal data.
We may share your personal data with the following categories of recipients:
Please note: when interacting with third-party services, your data may be subject to the laws of the jurisdictions in which these providers or their infrastructure operate.
Cookies are small text files stored on your device when you visit a website. They contain information about your preferences, settings, and interactions with the site, helping enhance and personalize your browsing experience. Our Website uses two main types of cookies:
You can manage your cookie preferences through your browser settings. However, disabling certain cookies may limit the functionality of www.erysta.com.
Cookies play an essential role in ensuring the proper functioning and enhanced usability of our Website. We use the following categories of cookies:
For more details about how we use cookies and your rights in relation to them, please refer to our Privacy Policy.
Our Website is operated by a company headquartered in Hong Kong, which is also the legal entity responsible for your personal data. However, the majority of our infrastructure, systems, and databases are hosted within the European Union (EU), meaning that your data is primarily stored and processed in the EU.
In certain cases, your personal data may be transferred to and processed in countries outside of the EU. This occurs when we rely on third-party providers — such as payment gateways, authentication platforms, or cloud services — who may be located outside the European Economic Area (EEA).
For example, if you log in using external platforms like Google, Discord, or Steam, or complete a payment via providers like PayPal or Apple Pay, your data may be transferred to and processed by these companies in their respective jurisdictions.
The main third-party services we use and their registered addresses include:
All transfers are conducted in accordance with applicable data protection laws, including the implementation of adequate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission or equivalent legal mechanisms.
Our Platform and services are intended exclusively for individuals aged 18 or older, or who meet the minimum legal age required in their country to enter into binding contracts and assume full legal responsibility.
We do not knowingly collect or process personal data from individuals under the age of 18. If we become aware that we have unintentionally collected such data without verifiable parental or guardian consent, we will promptly delete it upon confirmation.
If you believe that a minor has provided us with personal data, please contact us at [email protected]. We will investigate and take appropriate action without delay.
Our Website may include links to third-party websites, plug-ins, or applications. Clicking these links or enabling those features may allow third parties to collect or share data about you.
We do not control these third-party platforms and are not responsible for their privacy practices, terms, or content. We strongly encourage you to review their respective Privacy Policies and Terms & Conditions before interacting with them.
This Privacy Policy was last updated on June 23, 2025, and is effective as of that date.
We may modify this Privacy Policy periodically to reflect changes in our practices, legal obligations, or for other operational reasons. Updates will be posted on this page, and we may also notify you through other appropriate means.
Your continued use of our Website after any changes constitutes your acceptance of the revised Privacy Policy.