At Slynto LLC, operating from https://slynto.com/, we are committed to protecting your privacy and handling your personal data with transparency and care. While Slynto LLC is based in the United States, the General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to all companies processing the personal data of individuals residing in the European Union (EU) or European Economic Area (EEA), regardless of the company's location. This statement outlines our commitment to GDPR principles and how we protect the data of any EU/EEA residents who interact with our services.

1. Who We Are – Data Controller 

Slynto LLC is the data controller responsible for your personal data.

2. What Personal Data We Collect 

We may collect and process various types of personal data, which may include:

  • Identity Data: First name, last name, title.
  • Contact Data: Billing address, shipping address, email address, telephone numbers.
  • Financial Data: Payment card details (processed securely by third-party payment processors like Stripe and PayPal, we do not store full card details), and bank account information for refunds.
  • Transaction Data: Details about payments to and from you, and other details of products (musical instruments and equipment) you have purchased from us.
  • Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Usage Data: Information about how you use our website, products, and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Collect Your Data 

We use different methods to collect data from and about you, including:

  • Direct Interactions: You may provide us with your Identity, Contact, and Financial Data by filling in forms or by corresponding with us by post, phone, email, or otherwise. This includes data you provide when you:
    • Purchase products from our website (musical instruments and equipment).
    • Create an account on our website.
    • Subscribe to our newsletter.
    • Request marketing to be sent to you.
    • Give us feedback or contact customer service.
  • Automated Technologies or Interactions: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies and other similar technologies. Please see our separate Cookie Policy for more details.
  • Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties, such as payment and delivery services.

4. Legal Basis for Processing Your Data 

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Performance of a Contract: This means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (e.g., to process your order and deliver your musical instruments and equipment).
  • Legitimate Interest: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., to improve our services, prevent fraud).
  • Consent: Where you have given explicit consent for us to process your personal data for a specific purpose (e.g., sending marketing communications). You have the right to withdraw consent at any time.
  • Legal Obligation: Where we need to comply with a legal or regulatory obligation.

5. How We Use Your Data 

We use the data we collect for various purposes, including:

  • To process and fulfill your orders for musical instruments and equipment, including processing payments and delivering products.
  • To manage your account and provide customer support.
  • To improve our website, products, and services.
  • To send you marketing communications, if you have opted in.
  • To detect and prevent fraud and other illegal activities.
  • To comply with legal obligations.

6. Sharing Your Data 

We may share your personal data with third parties in the following circumstances:

  • Service Providers: We work with trusted third-party service providers who assist us in operating our website, conducting our business, or serving our customers (e.g., payment processors like Stripe and PayPal, shipping carriers, IT and system administration services). These third parties are contractually bound to keep your information confidential and use it only for the purposes for which we disclose it to them.
  • Legal Compliance: We may disclose your data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity.

7. International Data Transfers 

Slynto LLC is based in the United States. Your personal data will primarily be processed and stored in the United States. If you are an EU/EEA resident, this means your data will be transferred outside the EU/EEA. We ensure that such transfers comply with GDPR by implementing appropriate safeguards, such as standard contractual clauses approved by the European Commission, where required, to ensure your data receives a similar level of protection.

8. Data Security 

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

9. Data Retention 

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

10. Your Data Protection Rights (for EU/EEA Residents under GDPR) 

If you are an EU/EEA resident, you have specific rights under GDPR concerning your personal data. We respect these rights and provide mechanisms for you to exercise them:

  • Right to Access: You have the right to request copies of your personal data.
  • Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data, under certain conditions.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • Right to Object: You have the right to object to our processing of your personal data, under certain conditions.
  • Rights related to Automated Decision Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless certain exceptions apply.
  • Right to Withdraw Consent: Where we are relying on consent to process your personal data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at support@slynto.com. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

11. Children's Privacy 

Our website is not intended for children under the age of 16. We do not knowingly collect personally identifiable information from children under 16. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we take steps to remove that information from our servers.

12. Changes to This GDPR Compliance Statement 

We may update this GDPR Compliance Statement from time to time. We will notify you of any changes by posting the new statement on this page and updating the "last updated" date. We encourage you to review this statement periodically for any changes.

13. Contact Us 

If you have any questions about this GDPR Compliance Statement, your data protection rights, or how we handle your personal data, please contact us: