Privacy Policy — VitalEdge

1 Information We Collect

We collect information you provide directly to us, information collected automatically when you use our site, and information from third parties.

Information you provide:

Account and contact information: Name, email address, and password if you create an account
Order information: Billing address, shipping address, and payment information (processed and stored by Stripe — we never store full card numbers)
Communications: Messages you send us through our contact form or email
Marketing preferences: Your preferences for receiving marketing communications

Information collected automatically:

Usage data: Pages visited, time spent, links clicked, referring URLs, and other browsing behavior on our site
Device and browser information: IP address, browser type and version, operating system, device identifiers
Transaction data: Purchase history, cart activity, and order status
Cookies and similar technologies: See Section 5 for full details

2 How We Use Your Information

We use the information we collect to operate our business and provide you with a better experience:

Order fulfillment: Processing transactions, coordinating shipping, sending order confirmations and tracking updates
Customer support: Responding to your questions, returns requests, and service issues
Account management: Creating and maintaining your account, authenticating logins
Personalization: Showing relevant products and content based on your browsing history and purchase behavior
Marketing communications: Sending promotional emails if you've opted in (you may opt out at any time)
Analytics and improvement: Understanding how our site is used so we can improve the experience
Legal obligations: Complying with applicable laws, regulations, and lawful requests
Fraud prevention: Detecting and preventing fraudulent transactions and abuse

We do not sell your personal information to third parties for their own marketing purposes.

3 Information Sharing

We share your information only as necessary to run our business or as required by law. We do not sell your data.

Service providers: We share data with trusted third-party vendors who help us operate our business, including:

Stripe — Payment processing. Stripe handles all card data and is PCI-DSS Level 1 compliant.
UPS, FedEx, USPS — Shipping carriers who receive your name and address to fulfill deliveries
Email service providers — For transactional and marketing emails
Analytics providers — For aggregated, anonymized usage analytics
Customer support tools — For managing support communications

All service providers are contractually bound to use your information only to provide services on our behalf and may not use it for their own purposes.

Legal requirements: We may disclose your information if required to do so by law, court order, or in response to a valid request from a government authority. We will notify you of such requests where legally permitted.

Business transfers: In the event of a merger, acquisition, or sale of all or part of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.

4 Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information from unauthorized access, use, alteration, and disclosure. Specific measures include:

TLS/SSL encryption for all data transmitted between your browser and our servers
Payment card data is processed and tokenized by Stripe — we do not store full card numbers
Access to customer data is restricted to employees and contractors who need it to perform their duties
Regular security reviews and monitoring of our systems

No method of transmission over the internet or method of electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify affected users in accordance with applicable law.

5 Cookies & Tracking Technologies

We use cookies and similar tracking technologies to operate our site, remember your preferences, and understand how people use our store.

Types of cookies we use:

Essential cookies: Required for core site functionality, including cart session management, checkout, and account authentication. These cannot be disabled.
Analytics cookies: Used to collect anonymized data about how visitors interact with our site (e.g., pages viewed, time on site). This helps us improve the shopping experience.
Marketing cookies: Used to show relevant ads and measure the effectiveness of our advertising campaigns on third-party platforms such as Meta and Google.
Preference cookies: Remember your settings and preferences (e.g., currency, region) to personalize your experience.

You can control cookies through your browser settings. Disabling certain cookies may affect site functionality. We honor global privacy control (GPC) signals where applicable.

6 Data Retention

We retain your personal information for as long as necessary to provide our services, maintain your account, comply with legal obligations, resolve disputes, and enforce our agreements.

Specifically:

Order and transaction data is retained for a minimum of 7 years to comply with financial and tax regulations
Account information is retained until you request deletion, plus an additional 30-day grace period
Marketing preferences and communications history are retained until you opt out or request deletion
Analytics data is retained in aggregated, anonymized form indefinitely and individually for up to 26 months

7 Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal information:

Access: Request a copy of the personal data we hold about you
Correction: Request that we correct inaccurate or incomplete data
Deletion: Request that we delete your personal data (subject to certain legal exceptions)
Portability: Receive your data in a structured, machine-readable format
Opt-out of marketing: Unsubscribe from marketing emails at any time via the link in any email or by contacting us
Restriction: Request that we restrict the processing of your data in certain circumstances

California residents may also have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to deletion, and the right to opt out of the sale of personal information (we do not sell personal information).

To exercise any of these rights, contact us at support@vitaledge.com. We will respond to verified requests within 30 days.

8 Children's Privacy

Our website and products are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us immediately at support@vitaledge.com and we will delete it promptly.

9 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via email.

Your continued use of our site after any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically to stay informed about how we protect your information.

10 Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:

VitalEdge Customer Support
Email: support@vitaledge.com
Support hours: Monday–Friday, 9:00 AM–6:00 PM ET

You can also submit a message through our contact page. We take all privacy concerns seriously and will respond within 5 business days.