Privacy Policy
Purpose and Scope
This Privacy Policy (“Policy”) describes how RST Innovations (“we,” “us,” “our”) collects, uses, discloses, and secures personal information when you interact with our website, mobile applications, and related services (collectively, the “Services”). By accessing or using the Services, you consent to the terms of this Policy. This Policy applies solely to data we gather directly; linked third-party sites are governed by their own policies. We may revise this Policy at any time—significant changes will be noted by updating the “Effective Date” and posting a notice.
Information You Provide
You may voluntarily supply personal data when registering an account, making a purchase, or contacting support. Such data can include your name, email address, mailing address, phone number, and payment details. You are responsible for ensuring the accuracy and completeness of the information you provide. You can review and update your personal data at any time via your account dashboard or by contacting us through the in-app help feature.
Automatically Collected Data
Each visit to our Services triggers the automatic collection of technical details such as IP address, browser type, operating system, and device identifiers. We use cookies, web beacons, and similar tracking technologies to monitor site usage patterns, maintain sessions, and gather analytics. This information, which does not directly identify you, helps us improve performance, personalize content, and diagnose technical issues. You may disable non-essential cookies in your browser settings, though this may reduce functionality.
Use of Collected Data
We use your personal information to process orders, manage subscriptions, and respond to inquiries. Additionally, your data enables us to deliver personalized content, make product recommendations, and send administrative notifications. With your consent, we may also send marketing communications about promotions, new features, or events. You can opt out of marketing messages at any time via your account settings or by using the unsubscribe link in our emails.
Legal Grounds for Processing
Where applicable (e.g., under GDPR), we process your personal data on one or more lawful bases: contract performance, legal compliance, consent, or our legitimate interests. Contract performance includes order fulfillment and customer support. Legal compliance covers obligations such as tax reporting and record-keeping. Legitimate interests allow us to secure the Services, prevent fraud, and analyze aggregated usage for continuous improvement.
Data Sharing and Third Parties
We disclose personal data only to trusted third-party service providers—such as payment processors, shipping carriers, and analytics partners—bound by confidentiality agreements. In the event of a corporate transaction (e.g., merger, acquisition), your data may transfer to a successor entity under similar privacy protections. We may also share data if legally required, such as in response to a subpoena or court order. We do not sell or rent your personal information to advertisers.
International Transfers
Your personal data may be processed and stored in countries outside your own, including jurisdictions with differing data-protection laws. We implement appropriate safeguards—such as standard contractual clauses—to ensure continuous protection for international transfers. By using our Services, you consent to these cross-border transfers. Local law in recipient countries may require disclosure to governmental authorities.
Security Measures
We employ a combination of administrative, technical, and physical safeguards to protect personal data against unauthorized access, alteration, or destruction. Measures include encryption of data in transit, secure network architecture, intrusion detection systems, and regular security audits. Access is restricted to authorized personnel who require data to perform their duties. Despite these efforts, no system is completely immune to breaches; you share data at your own risk.
Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this Policy or to comply with legal obligations. Transaction and billing records are typically retained for seven years to satisfy tax and audit requirements. If you request account deletion, we will remove active personal data except where retention is mandatory under applicable law. Aggregated, anonymized data may be stored indefinitely for statistical analysis.
Cookies and Similar Technologies
We use cookies, web beacons, and local storage to enable core functionality, remember preferences, and collect usage statistics. First-party cookies maintain session state, while third-party cookies (e.g., analytics providers) gather aggregate data about visitor behavior. You can manage cookie preferences through your browser settings or our cookie‐consent banner. Disabling non-essential cookies may impact user experience and available features.
Children’s Privacy
Our Services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from minors without verifiable parental consent. If we learn that we inadvertently collected data from a minor, we will promptly delete it. Parents or guardians who believe their child’s data has been collected can contact us to request its removal.
Your Rights
Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict, or portability of your personal data, as well as to object to certain processing activities. To exercise these rights, log in to your account and submit a request via the Privacy Center. We aim to respond within 30 days of receiving a valid request. If you remain dissatisfied, you may lodge a complaint with a competent data-protection authority.
Policy Updates and Notifications
We may update this Policy periodically to reflect changes in legal requirements, technology, or business practices. Material changes will be communicated via a site banner or email notification if you hold an account. Continued use of the Services after notice constitutes acceptance of the updated Policy. Non-material changes will be reflected solely by updating the “Effective Date.”
