Effective date: August 15, 2025
Last updated: August 15, 2025
This Privacy Policy explains how Empyrean Athletics (“Empyrean,” “we,” “our,” or “us”) collects, uses, discloses, and protects personal information when you visit our websites, use our apps, shop in-store, interact with our social media, or otherwise engage with our products and services (collectively, the “Services”).
By using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.
This Policy applies to personal information we process about customers, website/app visitors, newsletter subscribers, business partners, and job applicants. This Policy does not apply to employees and contractors, who are covered by a separate notice.
Identifiers & contact data (e.g., name, email, phone number, shipping/billing address, account credentials).
Commercial information (e.g., products viewed, cart activity, orders, returns, store interactions, customer support messages).
Payment information processed by our payment providers (e.g., card type, last 4 digits, transaction ID). We do not store full card numbers.
Device & usage data (e.g., IP address, cookie IDs, device identifiers, browser type, pages viewed, timestamps, referral/UTM data, approximate location).
Preferences (e.g., size, style, sport interests, marketing choices, language).
User content (e.g., reviews, photos you upload, survey responses, social media interactions).
Fitness & wellness inputs (optional) you choose to provide in our apps or events (e.g., training goals, activity logs). Do not submit sensitive medical data.
Job applicant data (e.g., CV, work history, qualifications) if you apply for a role.
Sources. We collect information directly from you, automatically via cookies and similar technologies, from our service providers (e.g., payment, analytics, shipping), from publicly available sources, and—where permitted—from partners such as advertising networks and social platforms.
Provide, maintain, and improve the Services and our products.
Process orders, payments, shipping, returns, and account administration.
Personalize your experience (e.g., product recommendations, saved sizes).
Communicate with you about purchases, support, and updates.
Send marketing and promotional messages (you can opt out anytime).
Measure performance, conduct analytics, and understand audience trends.
Prevent fraud, secure the Services, and comply with legal obligations.
Run events, contests, loyalty programs, and surveys.
Recruiting and hiring where you apply for a job.
Where GDPR/UK GDPR applies, we process personal data on the following legal bases:
Contract (Article 6(1)(b)): to provide the Services you request.
Consent (Article 6(1)(a)): for activities like certain marketing, cookies, or optional wellness inputs. You may withdraw consent at any time.
Legitimate interests (Article 6(1)(f)): to secure and improve our Services, prevent fraud, and understand usage—balanced against your rights.
Legal obligation (Article 6(1)(c)): to comply with tax, accounting, and regulatory requirements.
Your information may be processed in countries other than where you reside. Where required, we use appropriate safeguards (e.g., standard contractual clauses) to protect cross-border transfers.
We retain personal information for as long as necessary to fulfill the purposes outlined in this Policy, comply with our legal obligations, resolve disputes, enforce agreements, and maintain business records. Retention periods vary depending on data type and context (e.g., tax and accounting records may be kept for legally mandated periods).
We implement administrative, technical, and physical safeguards designed to protect personal information. However, no security measure is perfect; transmission and storage carry risks.
Depending on your location, you may have rights over your personal information, such as:
Access to the information we hold about you.
Correction of inaccurate or incomplete data.
Deletion (erasure), subject to legal exceptions.
Restriction or objection to certain processing.
Portability of your data (EEA/UK/other jurisdictions where applicable).
Opt-out of targeted advertising and certain profiling.
Withdraw consent where processing is based on consent.
To exercise rights, use the methods in Contact Us. We may verify your identity. Authorized agents may submit requests where permitted by law.
California residents (CPRA). You have rights to know, correct, delete, and opt-out of sale/sharing. We do not process “sensitive personal information” for the purpose of inferring characteristics. We honor global privacy control (GPC) signals where required. You have the right not to receive discriminatory treatment for exercising rights.
EEA/UK. You may lodge a complaint with your local supervisory authority (e.g., ICO in the UK). Our lead supervisory authority (if applicable) will be disclosed upon request.
We may send emails, SMS, push notifications, or in-app messages. You can opt out by following unsubscribe links, updating account settings, replying “STOP” to SMS (where available), or disabling notifications in device settings. We may still send transactional or service messages (e.g., order confirmations).
Our Services are not directed to children under the age where parental consent is required by applicable law (e.g., 13 in the U.S., 16 in parts of the EEA). We do not knowingly collect personal information from such children. If you believe a child has provided personal information, please contact us so we can delete it.
The Services may link to third-party websites, apps, or integrations (e.g., social sign-in, maps, payment processors). Their privacy practices are governed by their own policies. We encourage you to review them.
We may use limited profiling to personalize content and offers. We do not make decisions producing legal or similarly significant effects solely by automated means without human review.
Some browsers transmit “Do Not Track” signals. Because there is no industry consensus, we do not respond to DNT. We honor legally required browser-based opt-out signals (e.g., GPC) where applicable.
We may update this Policy from time to time. We will post the updated version and revise the “Last updated” date. If changes are material, we will provide additional notice as required by law.
If you have questions or wish to exercise your rights, contact us at:
Empyrean Athletics
[Company Address Line 1]
[City, State/Province, Postal Code, Country]
Email: privacy@empyreanathletics.com
Data Protection Officer (if applicable): [DPO Name], dpo@empyreanathletics.com
California (CPRA). We collect the categories described in “Information We Collect.” We use and disclose them for the purposes described in this Policy. We do not sell personal information for money. You may opt out of “sharing”/targeted advertising via our cookie banner or by contacting us.
EEA/UK. Where required, we offer choices regarding cookies and marketing and provide data protection rights as set out above. Our lawful bases are listed in “Legal Bases for Processing.” For international transfers, we rely on appropriate safeguards.
Other regions. Depending on your local laws, additional rights or disclosures may apply. Contact us for details relevant to your jurisdiction.
Personal information/personal data: Information that identifies, relates to, describes, or could reasonably be linked with an individual.
Controller: The entity that determines the purposes and means of processing personal data (EEA/UK term).
Processor: An entity that processes data on behalf of a controller.
Targeted advertising: Displaying ads based on personal information obtained from your activities across non-affiliated websites or apps over time.