Privacy Policy

How we collect, use, and protect your personal data

Last Updated: February 2026

Introduction

WRYSTA respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, store, and protect information when you interact with our website, products, or services.

This policy applies to all visitors, customers, and business partners who engage with WRYSTA through our website or business operations.

1. Data We Collect

1.1 Information You Provide

When you contact us, request a quote, or engage with our services, we may collect:

  • Name and contact details (email address, phone number)
  • Company name and business information
  • Business requirements and project details
  • Any other information you voluntarily provide in forms or correspondence

1.2 Information Collected Automatically

When you visit our website, we may automatically collect:

  • IP address and device identifiers
  • Browser type and operating system
  • Pages visited and time spent on our website
  • Referrer URL (the site you came from)
  • Date and time of access

2. How We Use Your Data

We use the personal data we collect for the following purposes:

  • To respond to inquiries and quote requests: Process your requests for information, quotes, or technical specifications
  • To process orders: Fulfill custom orders and manage supply chain operations
  • To provide product and service information: Share relevant updates, technical documentation, or product details
  • To improve our website and services: Analyze website usage and optimize user experience
  • To manage business relationships: Maintain records of business communications and transactions
  • To comply with legal obligations: Meet regulatory, accounting, and legal requirements

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Legitimate interests: To operate our business, respond to inquiries, and improve our services
  • Contractual necessity: To fulfill orders and meet our contractual obligations
  • Consent: Where you have explicitly provided consent (e.g., for marketing communications)
  • Legal obligations: To comply with applicable laws and regulations

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Service providers: Trusted third-party service providers who assist with hosting, email services, analytics, and IT infrastructure (subject to confidentiality agreements)
  • Legal authorities: When required by law or to protect our legal rights
  • Business transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred to the acquiring entity

All third-party service providers are required to implement appropriate security measures and use your data only as instructed by WRYSTA.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. These measures include:

  • Secure data storage and encryption
  • Access controls and authentication
  • Regular security assessments
  • Employee training on data protection

While we take reasonable steps to secure your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law:

  • Business inquiries and leads: Up to 3 years from the last interaction
  • Contractual and accounting records: Up to 7 years to comply with legal and regulatory obligations
  • Website analytics data: Typically retained for 12-24 months

After the retention period expires, we securely delete or anonymize your personal data.

7. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data (subject to legal obligations)
  • Right to restriction: Request restriction of processing in certain circumstances
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time (where processing is based on consent)

To exercise any of these rights, please contact us at privacy@wrysta.com.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies are small text files stored on your device that help us:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Improve website functionality and performance

Types of Cookies We Use:

  • Essential cookies: Required for website functionality (e.g., navigation, security)
  • Analytical cookies: Help us understand how visitors use our website (e.g., Google Analytics)

You can control cookie settings through your browser preferences. Please note that disabling cookies may affect website functionality.

We obtain your consent for non-essential cookies in accordance with applicable laws.

9. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) where our service providers are located.

When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions confirming equivalent data protection standards
  • Binding corporate rules or other approved mechanisms

10. Children's Privacy

Our website and services are directed at business users and are not intended for individuals under the age of 16. We do not knowingly collect personal data from children.

If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations.

Any updates will be posted on this page with a revised "Last Updated" date. We encourage you to review this policy periodically.

If we make material changes, we will provide additional notice as required by applicable law.

12. Contact Information

Data Controller

Sunny Sardine, Unipessoal Lda
NIF: 518766942
Address: Rua do Querido Nº 127, 3660-500 São Pedro do Sul, Viseu, Portugal

Privacy Inquiries

For questions, requests, or concerns regarding your personal data or this Privacy Policy, please contact us at:

Email: privacy@wrysta.com

Supervisory Authority

If you are located in the European Economic Area and have concerns about how we handle your personal data, you have the right to lodge a complaint with the relevant supervisory authority:

Portugal:
CNPD – Comissão Nacional de Proteção de Dados
Website: www.cnpd.pt

Other EU Member States:
Contact the data protection authority in your country of residence.