Privacy Policy | VitalWhys

VitalWhys ("we", "our", "us") operates vitalwhys.com. This policy explains what personal data we collect, why we collect it, and your rights under GDPR and CCPA. We do not sell personal data. Ever.

Questions? Email us at hello@vitalwhys.com

Data We Collect

Order data

Name, email, shipping address, product purchased, order total

Account data

Email, password hash (via Supabase Auth), display name

Browsing data

Pages viewed, time on site, device type (analytics only, with consent)

Email preferences

Newsletter subscription status, open/click events (Resend)

Affiliate data

Referral clicks, conversion events, payout records (if you are an affiliate)

Support data

Messages sent via our CS chat, return requests

Legal Basis for Processing (GDPR)

Contract — processing your order, sending shipping confirmations, managing returns.
Consent — analytics cookies, marketing pixels, personalization. You can withdraw consent at any time.
Legitimate interest — fraud prevention, security, improving our site.
Legal obligation — tax records, compliance with applicable law.

Cookies We Use

Purpose

Duration

Type

vw_consentStores your cookie preferences1 yearEssential

vw_vidAnonymous visitor identifier for consent records1 yearEssential

vw_cartPersists your shopping cart1 yearEssential

vw_refAffiliate referral attribution30 daysEssential

_ga, _ga_*Google Analytics — usage statistics2 yearsAnalytics

_fbpMeta Pixel — ad measurement90 daysMarketing

ttq_*TikTok Pixel — ad measurement13 monthsMarketing

You can manage cookie preferences at any time via the cookie banner or by to reopen the banner.

Third-Party Services

Shopify

Order processing, payment handling

Supabase

Database, authentication, user accounts

Printify

Print-on-demand fulfillment

Resend

Transactional email delivery

Vercel

Hosting and edge network

Meta (Facebook/Instagram)

Ad measurement (marketing consent required)

Google Analytics

Site analytics (analytics consent required)

TikTok

Ad measurement (marketing consent required)

Data Retention

Order records — retained for 7 years for tax and legal compliance.
Account data — retained until account deletion is requested.
Analytics data — retained per Google Analytics settings (default 14 months).
Email subscribers — retained until unsubscribed.
Support conversations — retained for 2 years.

Your Rights

Under GDPR (EU/UK) and CCPA (California), you have the following rights:

Access — request a copy of your personal data.
Rectification — request correction of inaccurate data.
Erasure — request deletion of your data ("right to be forgotten").
Restriction — request we limit processing of your data.
Portability — receive your data in a machine-readable format.
Objection — object to processing based on legitimate interests.
Consent withdrawal — withdraw consent at any time without affecting prior processing.

Submit a Data Request →

Contact & Complaints

Email: hello@vitalwhys.com
We aim to respond to all requests within 30 days. If you are located in the EU and believe we have not handled your data correctly, you have the right to lodge a complaint with your local data protection authority.

Changes to This Policy

We may update this policy as our practices evolve. Material changes will be communicated via email to subscribers or a notice on the site. The "Last updated" date at the top reflects the most recent revision.