Privacy policy

Last Updated: September 30, 2025

This Privacy Policy explains how Nuralisk (“Nuralisk”, “we”, “us”, or “our”) collects, uses, shares, and protects personal information when you visit www.Nuralisk.com (the “Site”), purchase products (including subscriptions), interact with our marketing (email/SMS), or contact us (collectively, the “Services”). By using the Services, you acknowledge this Policy, our Terms of Service and Refund Policy.

Changes to this Policy

We may update this Policy to reflect changes in law or our practices. We will post updates here with a new “Last Updated” date and will provide additional notice or seek consent where legally required.

What we collect

We collect information from you, automatically from your devices, and from service providers/partners.

Categories:

  • Identifiers: name, email, phone, billing/shipping address.

  • Commercial information: products viewed/purchased, subscription details, returns/refunds.

  • Payment data: processed by our payment processors (e.g., Shopify Payments, PayPal). We don’t store full card numbers.

  • Account data: username, hashed password, preferences.

  • Internet/usage data: IP address, device/browser, pages viewed, cookies/pixels, referral URLs.

  • Geolocation (coarse): derived from IP or device settings (no precise geolocation).

  • Support/communications: messages you send us, review content.

  • Marketing/SMS data: your marketing opt-ins/opt-outs, engagement.

We do not intentionally collect sensitive personal information (e.g., precise geolocation, government IDs, health data). If you provide such data, we will not use it to infer characteristics, and we will limit use as required by law.

Sources

  • You: checkout, account creation, support, reviews, marketing/SMS sign-ups.

  • Automatic means: cookies, pixels, SDKs, log files.

  • Service providers/partners: ecommerce platform, payment processors, shipping/logistics, analytics, advertising, SMS/email vendors.

Why we use your information

  • Fulfillment & operations: process payments, create orders for each successful payment, ship products, handle returns/exchanges, manage subscriptions.

  • Fraud prevention & security: detect/prevent fraud, chargebacks, abuse; secure our Services.

  • Customer support: respond to inquiries, troubleshoot.

  • Marketing & personalization: send promos (email/SMS), show tailored ads on our Site and others; you can opt out.

  • Analytics & improvement: measure performance, improve Site, products, and user experience.

  • Legal/compliance: tax/accounting, customs, regulatory obligations, dispute resolution, enforcement of our Terms.


Cookies, adtech & your choices

We use cookies and similar tech to remember your cart, run analytics, and deliver tailored ads. Some of this activity may be considered “sale” or “sharing” of personal information or “targeted advertising” under certain US state laws.

Controls

  • Browser controls to block/clear cookies (some features may break).

  • Marketing emails: Unsubscribe link in any email.

  • SMS: reply STOP to opt out; see our Mobile Terms.

  • Do Not Sell/Share / Targeted Ads Opt-Out: email support@Nuralisk.com with subject “Do Not Sell/Share Opt-Out”; if available, use our on-site preference tool.

  • Global Privacy Control (GPC): we treat GPC signals as valid opt-outs for that browser/device where applicable.

See also Shopify’s cookie policy for platform-level cookies.

How we share information

We share personal information with:

  • Service providers (processors): ecommerce platform (Shopify), payment processors, fraud tools, hosting/IT, analytics, email/SMS vendors, customer support tools, address verification, and shipping/logistics partners.

  • Advertising/marketing partners: to deliver and measure ads, subject to your opt-out rights.

  • Affiliates: within our corporate family for internal purposes consistent with this Policy.

  • Logistics & customs (including China-based fulfillment): we share only what’s necessary to deliver your order (e.g., recipient name, address, phone, email for delivery notifications, product details for customs). We do not provide manufacturers with broader customer data.

  • Legal/business transfers: to comply with law or in connection with corporate transactions.

We do not sell personal information for money. We may “share” data (e.g., identifiers and internet activity) for cross-context behavioral advertising; you can opt out as above.

International transfers

We are US-based; your data may be processed in the US and other countries. For EEA/UK data, we use lawful transfer mechanisms (e.g., Standard Contractual Clauses) where required. Where vendors are outside your country, we take steps to ensure appropriate safeguards.

Security

We apply reasonable technical and organizational measures (e.g., encryption in transit, access controls, vulnerability management, vendor due diligence). No method is 100% secure.

Retention

We keep data only as long as necessary for the purposes above and to meet legal obligations. Indicative periods (subject to change and legal requirements):

  • Order/transaction records: up to 7 years (tax/accounting).

  • Customer support: up to 3 years after last interaction.

  • Marketing consents & engagement: up to 24 months after last activity or until you opt out.

  • Fraud/chargeback records: up to 5 years.
    We delete or de-identify data when no longer needed.

Children’s privacy

Our Services are not directed to children under 13, and we do not knowingly collect their data. We do not knowingly sell or share personal information of minors under 16. If you believe a child has provided data, contact support@Nuralisk.com.

Your privacy rights

Depending on your location, you may have rights to:

  • Access/Know the categories and specific pieces of personal information we hold.

  • Delete personal information (subject to legal exceptions).

  • Correct inaccurate personal information.

  • Portability: obtain a copy in a portable format.

  • Opt out of sale/share/targeted advertising (where applicable).

  • Restrict/Object to certain processing (EEA/UK).

  • Withdraw consent (where processing is based on consent).

  • Appeal a denial of your request (VA/CO/CT and similar).

How to exercise: email support@Nuralisk.com. We will verify your identity (e.g., account email/order details) and respond within the legally required period. You may designate an authorized agent (we may ask you to confirm directly).

We will not discriminate against you for exercising your rights.

Email & SMS communications

  • Transactional: order confirmations, shipping updates, subscription notices.

  • Marketing: we send with your consent (where required).

  • Opt out: click Unsubscribe in emails; reply STOP to SMS.
    See our Mobile Terms for details. We share SMS opt-in status only with vendors necessary to deliver messages.

User-generated content

Reviews or other public submissions may be visible to others. Do not post sensitive information. We are not responsible for third-party use of information you disclose publicly.

Breach notifications

If we are required by law to inform you of a security breach involving your personal information, we will notify you without undue delay consistent with applicable law.

Regional supplements

A) California & other US state laws (notice at collection)

Categories collected (last 12 months): identifiers; customer records (contact/order info); commercial information; internet/usage data; coarse geolocation; customer support content; marketing/SMS preferences. We do not intentionally collect sensitive personal information; if incidentally collected, we do not use it to infer characteristics and we limit use as required.

Purposes: as listed in Section 4.
Retention: as in Section 9.
Sale/Share: no monetary sales; we may share for cross-context behavioral advertising; you may opt out (GPC honored where applicable).
Limit SPI: not applicable (we don’t use SPI for inferring; we will honor SPI limitation requests where required).
Appeals: available where required (e.g., VA/CO/CT).
Authorized agents: permitted with adequate authorization and verification.

B) EEA/UK (GDPR) – legal bases & transfers

Controller: Nuralisk, Wyoming, USA (contact below).
Legal bases:

  • Contract (Art. 6(1)(b)): order processing, subscriptions, returns.

  • Legitimate interests (Art. 6(1)(f)): security/fraud prevention, service improvement, basic analytics, limited direct marketing (opt-out).

  • Consent (Art. 6(1)(a)): email/SMS marketing, non-essential cookies/ad personalization.

  • Legal obligation (Art. 6(1)(c)): tax/accounting/compliance.
    Transfers: outside EEA/UK under SCCs or other lawful mechanisms.
    Rights: access, rectify, erase, restrict, object (including to direct marketing), portability, withdraw consent, lodge a complaint with your local DPA.

C) Canada (PIPEDA)

You may request access/correction and withdraw consent subject to legal/contractual limits and reasonable notice. Contact us to file a complaint; you may also contact the Office of the Privacy Commissioner of Canada.

D) Australia

You may request access/correction and complain to us; if unresolved, contact the Office of the Australian Information Commissioner.

Contact

Nuralisk
Email: support@Nuralisk.com
Jurisdiction: Wyoming, United States