Introduction to Our Commitment

At Klentoro LLC, operating slynto.com, we are deeply committed to protecting the privacy and security of your personal data. While Klentoro LLC is based in the United States, we recognize and respect the privacy rights of individuals residing in the European Economic Area (EEA) under the General Data Protection Regulation (GDPR). This statement outlines our practices for collecting, using, and safeguarding personal data of EEA residents who interact with our website.

Who We Are (Data Controller)

Klentoro LLC, located at 474 W Broadway, New York, NY 10012, United States, acts as the data controller for the personal data collected through slynto.com. This means we are responsible for determining the purposes and means of processing your personal data.

Scope of This Statement

This GDPR Compliance Statement specifically applies to the personal data of individuals located in the European Economic Area (EEA) that we collect, process, and store through your interactions with our website, slynto.com.

What Personal Data We Collect

When you visit slynto.com, make a purchase, or contact us, we may collect the following types of personal data:

  • Identity and Contact Data: Your first name, last name, billing address, shipping address, email address, and telephone number (+1 (212) 228-1133).
  • Financial and Transaction Data: Details about the prints and photos you have purchased and the payment methods used. Please note that Klentoro LLC does not directly store your full payment card details. These are processed securely by our trusted third-party payment processors, Stripe and PayPal. We accept Credit/Debit Cards (Visa, Mastercard, Amex).
  • Technical Data: Your internet protocol (IP) address, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to access our website.
  • Usage Data: Information about how you use our website, products, and services, including browsing patterns and pages visited.
  • Communication Data: Records of your communication with us, such as emails to support@klentoro.com.

How We Use Your Personal Data (Lawful Basis)

We process your personal data under the following lawful bases as required by GDPR:

  1. Performance of a Contract: To process your orders for prints and photos, manage payments, and fulfill our shipping obligations (Order Processing Time: 1-2 business days; Shipping Time: 3-5 business days; Free Shipping on orders over $0). This includes providing you with necessary service announcements and customer support related to your purchase.
  2. Legitimate Interests: To operate our business efficiently, improve our website (https://klentoro.com/), ensure the security of our services, prevent fraud, and conduct internal analytics. We ensure that these legitimate interests do not override your fundamental rights and freedoms.
  3. Legal Obligation: To comply with applicable laws and regulations, such as tax and accounting requirements in the United States.
  4. Consent: We will obtain your explicit consent for certain processing activities, such as sending marketing communications, where required by law. You have the right to withdraw your consent at any time.

Sharing Your Personal Data

We may share your personal data with the following categories of third parties to operate our business and provide our services:

  • Service Providers: Third-party companies that perform services on our behalf, such as payment processors (Stripe, PayPal), shipping carriers for prints and photos, website hosting providers (WooCommerce), and analytics providers. These providers are obligated to protect your data and only use it for the purposes for which we disclose it to them.
  • Law Enforcement and Legal Authorities: When required by law or to protect our rights, property, or safety, or the rights, property, or safety of others.

International Data Transfers

As Klentoro LLC is based in the United States, please be aware that any personal data we collect from EEA residents will be transferred to and processed in the United States. The United States currently does not have an adequacy decision from the European Commission. To ensure your data is treated securely and in accordance with GDPR, Klentoro LLC relies on appropriate safeguards, such as Standard Contractual Clauses (SCCs) issued by the European Commission, with our service providers to protect your data during these transfers. By using our website and providing us with your personal data, you acknowledge and agree to this transfer, storage, and processing of your data in the United States.

Data Security

We implement robust technical and organizational measures designed to protect your personal data from unauthorized access, disclosure, alteration, and destruction. These measures include encryption, access controls, and secure network architectures. However, no internet transmission or electronic storage is entirely secure, and we cannot guarantee absolute security.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. This typically means retaining transaction data for a minimum of 7 years for US tax purposes. When your data is no longer required, we will securely delete or anonymize it.

Your GDPR Rights

As an EEA resident, you have the following rights concerning your personal data:

  • The Right to Access: Request a copy of the personal data we hold about you.
  • The Right to Rectification: Request that any inaccurate or incomplete personal data be corrected.
  • The Right to Erasure ("Right to be Forgotten"): Request the deletion of your personal data under certain conditions.
  • The Right to Restriction of Processing: Request that we limit the processing of your personal data under certain conditions.
  • The Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another controller.
  • The Right to Object: Object to the processing of your personal data, particularly where it's based on legitimate interests or for direct marketing.
  • The Right to Withdraw Consent: Withdraw your consent at any time where we rely on consent to process your personal data.
  • The Right to Complain: Lodge a complaint with a supervisory authority in your EEA member state regarding our processing of your personal data.

Exercising Your Rights

To exercise any of your GDPR rights, or if you have any questions about this GDPR Compliance Statement, please contact us using the details below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Contact Information

If you have any questions or concerns regarding our GDPR compliance, please contact us:

Changes to This Statement

We may update this GDPR Compliance Statement from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post any changes on this page, so please review it periodically. The "last updated" date at the bottom of the statement will indicate when it was last revised.