Privacy policy

Last Updated: December 22, 2025

This Privacy Policy describes how Riser Brands LLC ("we," "us," "our," or "Bryt") collects, uses, discloses, and otherwise processes personal information in connection with your access to and use of the website located at https://www.brytme.com (the "Site") and the products and services offered through the Site (collectively, the "Services").

This Privacy Policy applies to all individuals whose personal information we process, including customers, website visitors, and individuals who communicate with us regarding the Services.

We are committed to protecting your privacy and complying with all applicable data protection laws, including the General Data Protection Regulation (GDPR). Please read this Privacy Policy carefully. By accessing or using the Site and Services, you consent to the collection, use, and disclosure of your personal information as described herein. If you do not agree with our privacy practices, you must discontinue use of the Site immediately.

1. Data Controller and Contact Information

Riser Brands LLC is the data controller responsible for the processing of personal information under this Privacy Policy.

Riser Brands LLC
16192 Coastal Highway
Lewes, DE 19958
Sussex County
United States
Contact Email: support@brytme.com
Contact Phone: +1 (575) 414-1608

If you have questions, concerns, or requests regarding our privacy practices, or if you wish to exercise your rights under applicable data protection laws, please contact us using the above information.

2. Categories of Personal Information We Collect

Information You Provide Directly

We collect personal information that you provide directly to us through the Site or otherwise, including:

Account Information: Name, email address, username, password, security questions, and other information used for account creation and authentication.
Contact Information: Email address, phone number, mailing address, and any other contact details provided.
Order Information: Billing address, shipping address, payment method information, product selections, purchase history, order date, order amount, and transaction confirmation details.
Payment Information: Credit card numbers, debit card numbers, PayPal account information, and other payment details processed by third-party payment processors.
Customer Service Communications: Content of emails, messages, or other communications you send to us, including inquiries, complaints, feedback, and support requests.
User-Generated Content: Reviews, testimonials, photographs, comments, and any other content you submit to the Site.
Loyalty and Promotional Information: Loyalty points, referral information, gift card information, and preferences for promotional communications.

Information Collected Automatically

When you access or use the Site, we automatically collect certain information about your device and usage patterns, including:

Device Information: Device type, operating system, unique device identifiers, mobile device IDs, and hardware model.
Browser Information: Browser type, version, and language settings.
Network Information: Internet Protocol (IP) address, Internet Service Provider (ISP), and connection type.
Usage Data: Pages and features accessed, links clicked, time spent on pages, search queries, referring/exit pages, and navigation patterns.
Location Data: Approximate geographic location based on IP address (not precise GPS coordinates).
Cookies and Tracking Technologies: Information collected through cookies, pixels, web beacons, software development kits (SDKs), and similar tracking technologies.

Information Received from Third Parties

We may receive personal information about you from third parties, including:

Payment Processors: Shopify Payments, Stripe, PayPal, and other payment processing providers who collect and process payment information.
Service Providers: Analytics providers, customer support platforms, email service providers, and other vendors who support our operations.
Advertising Partners: Data providers and advertising networks that supply information for marketing and analytics purposes.
Platform Operators: Shopify and other platform providers that host and support the Site.

3. Legal Basis for Processing Personal Information (GDPR)

Under the General Data Protection Regulation (GDPR), we process personal information on the following legal bases:

Contract Performance (GDPR Article 6(1)(b))

We process your personal information to perform our contractual obligations to you, including:

Processing your order and fulfilling your purchase
Processing payment and preventing fraud
Providing customer support and handling returns/refunds
Communicating about your account and transactions
Verifying your identity and preventing unauthorized access

Legitimate Interests (GDPR Article 6(1)(f))

We process personal information based on our legitimate interests, including:

Improving and optimizing the Site and Services
Understanding customer preferences and behavior
Preventing fraud, abuse, and unauthorized access
Conducting market research and analytics
Maintaining security and protecting against threats
Complying with legal obligations and defending legal claims
Direct marketing and promotional communications (where permitted)

Consent (GDPR Article 6(1)(a))

We may process personal information based on your explicit consent, including:

Marketing communications and newsletters
Cookies and tracking technologies beyond essential purposes
Any other processing requiring your affirmative consent

You may withdraw your consent at any time by contacting us or using unsubscribe mechanisms provided in communications.

Legal Obligation (GDPR Article 6(1)(c))

We may process personal information to comply with applicable laws, regulations, court orders, and other legal obligations.

4. How We Use Your Personal Information

We use the personal information we collect for the following purposes:

Order Processing and Fulfillment: Creating and managing your account, processing purchases, collecting payment, arranging shipping, and handling returns or refunds.
Communication: Responding to inquiries, providing customer support, sending order confirmations and updates, and communicating about account changes.
Payment Processing: Authorizing and processing payments through third-party payment processors, detecting and preventing fraudulent transactions, and managing chargebacks.
Marketing and Promotion: Sending marketing emails, promotional offers, and newsletters (only where you have consented or where otherwise permitted by law).
Site Improvement and Analytics: Analyzing usage patterns, user behavior, and Site performance; conducting market research; and optimizing Site functionality.
Security and Fraud Prevention: Detecting, preventing, and addressing fraud, abuse, security incidents, and other malicious activities.
Legal Compliance: Complying with applicable laws, regulations, court orders, and other legal obligations; establishing, exercising, or defending legal claims; and protecting our rights and the rights of others.
Aggregate Analytics: Creating anonymized and aggregated data for statistical analysis and business intelligence purposes.

5. Cookies and Tracking Technologies

Essential Cookies

We use essential cookies to enable core Site functionality, including:

User authentication and session management
Shopping cart functionality
Security and fraud prevention
Remembering user preferences

Essential cookies are necessary for the Site to function and cannot be disabled without impairing Site functionality.

Analytics and Performance Cookies

We use analytics cookies to understand how users interact with the Site, including:

Google Analytics for tracking user behavior and Site performance
Conversion tracking and funnel analysis
Performance metrics and error monitoring

Marketing and Targeting Cookies

We use marketing cookies to deliver targeted advertising and promotional content based on user interests and behavior. These cookies are set by advertising networks and partners, including:

Facebook and Meta platforms
Google Ads and Display Network
Other third-party advertising partners

Managing Cookies

You may control cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that disabling certain cookies may impair Site functionality.

6. Third-Party Service Providers and Data Sharing

We may disclose your personal information to third-party service providers who process data on our behalf under confidentiality obligations and data protection agreements, including:

Payment Processors

Shopify Payments
Stripe
PayPal

Platform Providers

Shopify (Site hosting and e-commerce platform)
Shopify's approved service providers and integrations

Customer Support and Communication

Customer support platforms and ticketing systems
Email service providers
Communication and messaging platforms

Analytics and Marketing

Google Analytics
Facebook/Meta for conversion tracking and audience creation
Advertising networks and marketing partners
Review and rating platforms (e.g., Loox)
Customer loyalty programs

Other Service Providers

Shipping and logistics carriers
Fraud prevention and verification services
Data analytics and business intelligence providers

We require all third-party service providers to implement appropriate technical and organizational security measures and to process personal information only in accordance with our instructions.

Legal Requirements and Enforcement

We may disclose personal information if required by law, court order, government request, or other legal process. We may also disclose information if we believe in good faith that such disclosure is necessary to protect our rights, your safety or the safety of others, investigate fraud, or respond to a government request.

7. International Data Transfers

Riser Brands LLC is established in the United States. However, your personal information may be transferred to, stored in, and processed in countries outside the European Union, including the United States, where privacy laws may differ from those in the EU.

When we transfer personal information internationally, we implement appropriate safeguards to protect your data, including:

Standard Contractual Clauses (SCCs): We use European Commission-approved Standard Contractual Clauses with service providers and partners to ensure adequate protection for international transfers.
Adequacy Decisions: Where applicable, we rely on European Commission adequacy decisions recognizing equivalent data protection standards.
Your Explicit Consent: Where necessary, we obtain your explicit consent for specific international transfers.

By using the Site and Services, you consent to the transfer of your personal information to countries outside the European Union as described in this Privacy Policy.

8. Data Retention

We retain personal information for as long as necessary to achieve the purposes for which it was collected and to comply with applicable legal obligations. Retention periods vary depending on the context of processing and our legal obligations:

Order Information: Retained for at least 5-7 years for tax, accounting, and legal purposes, or as required by law.
Account Information: Retained while your account is active and for a reasonable period thereafter for dispute resolution and compliance purposes.
Payment Information: Processed by third-party payment processors who maintain their own retention policies; we do not store complete payment card information.
Marketing Communications: Retained until you unsubscribe or we cease marketing activities.
Analytics Data: Retained for 26 months or as required by the analytics provider's retention policy.
Customer Support Communications: Retained for 12-24 months for dispute resolution and service improvement.

When information is no longer necessary, we delete or anonymize it. Where deletion is not possible due to technical or legal constraints, we securely store the information and restrict its processing.

9. Your Rights Under Applicable Data Protection Laws

GDPR Rights (EU Residents)

If you are located in the European Union, you have the following rights under the GDPR:

Right to Access (Article 15): You may request confirmation of whether we process your personal information and obtain a copy of that information.
Right to Rectification (Article 16): You may request correction of inaccurate or incomplete personal information.
Right to Erasure (Article 17): You may request deletion of your personal information under certain circumstances (the "right to be forgotten").
Right to Restrict Processing (Article 18): You may request that we limit how we use your personal information while we consider another request (such as a dispute).
Right to Data Portability (Article 20): You may request a copy of your personal information in a structured, commonly used, machine-readable format.
Right to Object (Article 21): You may object to processing based on legitimate interests or direct marketing.
Right to Withdraw Consent (Article 7(3)): You may withdraw consent to processing at any time.
Right to Lodge a Complaint: You may lodge a complaint with your local data protection authority.

California Resident Rights (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

Right to Know: You may request disclosure of the categories and specific pieces of personal information collected, the sources of information, and the purposes for collection.
Right to Delete: You may request deletion of personal information collected from you, subject to certain exceptions.
Right to Opt-Out: You may opt out of the sale or sharing of your personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising your rights under the CCPA.

How to Exercise Your Rights

To exercise any of the above rights, please submit a written request to us at:

Email: support@brytme.com
Mailing Address: Riser Brands LLC, 16192 Coastal Highway, Lewes, DE 19958, Sussex County, USA
Phone: +1 (575) 414-1608

We will verify your identity before fulfilling your request and respond within the timeframe required by applicable law (typically 30 days for GDPR requests, 45 days for CCPA requests).

10. Security Measures

We implement comprehensive technical and organizational security measures to protect personal information against unauthorized access, alteration, disclosure, and destruction, including:

Encryption of data in transit and at rest using industry-standard protocols (SSL/TLS)
Secure authentication mechanisms (passwords, multi-factor authentication)
Access controls limiting employee access to personal information on a need-to-know basis
Regular security assessments, penetration testing, and vulnerability management
Firewalls, intrusion detection systems, and network monitoring
Employee training and data protection policies
Incident response and breach notification procedures

However, no security system is impenetrable. While we strive to protect your personal information using reasonable security measures, we cannot guarantee absolute security. You use the Site at your own risk.

11. Data Breach Notification

In the event of a data breach involving personal information, we will:

Notify affected individuals without undue delay where required by law
Notify relevant data protection authorities as required under applicable law
Provide information about the nature of the breach, remediation steps, and contact information for inquiries

Notifications will be provided through email or other available means as permitted by applicable law.

12. Children's Privacy

The Site and Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children under 18 without parental consent. If we learn that we have collected personal information from a child without parental consent, we will delete such information promptly.

If you believe we have collected information from a child, please contact us immediately at support@brytme.com.

13. Third-Party Links and Services

The Site may contain links to third-party websites and services that are not operated by us. This Privacy Policy applies only to the Site and Services provided by Riser Brands LLC. We are not responsible for the privacy practices of third-party websites or services.

We encourage you to review the privacy policies of any third-party services before providing personal information or using their services.

14. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, legal requirements, or other factors. The date of the most recent update is provided at the beginning of this Privacy Policy.

We will notify you of material changes to this Privacy Policy by posting the updated version on the Site or by sending you an email notification. Your continued use of the Site and Services following any updates constitutes your acceptance of the updated Privacy Policy.

15. Governing Law and Dispute Resolution

This Privacy Policy is governed by and construed in accordance with the laws of the Republic of Lithuania, without regard to its conflict of law principles.

Any dispute, claim, or controversy arising out of or relating to this Privacy Policy or our processing of personal information shall be subject to the exclusive jurisdiction of the courts of the Republic of Lithuania.

Notwithstanding the foregoing, nothing in this Privacy Policy shall limit your rights under GDPR, CCPA, or other mandatory data protection laws of your jurisdiction.

16. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: support@brytme.com
Phone: +1 (575) 414-1608
Mailing Address: Riser Brands LLC, 16192 Coastal Highway, Lewes, DE 19958, Sussex County, USA
Website: https://www.brytme.com

If you are an EU resident and have concerns about our data processing practices, you may lodge a complaint with your local data protection authority.

Acknowledgment

By using the Site and Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.