Privacy Policy

The data controller responsible for processing personal data in connection with this website is:

“We”, “us”, and “our” refer to this controller unless a separate notice identifies a different entity for a specific product or service.

We run a website with general informational content about rhythm, routines, and related lifestyle topics. We collect limited personal data: mostly what you type into the contact form, technical data needed to operate the site, and—only if you consent—analytics or marketing cookies. We use data to reply to you, keep the site secure, respect your cookie choices, and improve structure over time. We do not sell personal data in the sense of exchanging lists of individuals for money. We retain data only as long as needed for these purposes or as law requires.

Depending on how you interact with us, we may process the following categories:

Identity and contact details

Name, email address, and any similar identifiers you provide through forms or email.

Message content

Text you submit when contacting us, including optional context about your interests or questions.

Technical and usage data

IP address (often truncated or aggregated), browser type and version, device category, operating system, referring URL, approximate geographic region derived from IP, timestamps, and pages viewed during a session.

Cookie and local storage identifiers

Values stored to remember your consent, session security, or—if you opt in—analytics and marketing preferences, as described in our Cookie Policy.

Communication metadata

Delivery status, thread identifiers, and similar data generated when we exchange email with you.

We ask you not to send special categories of data (such as detailed health information) through the general contact form. If you voluntarily include such information, we treat it with additional care and may delete or anonymize it if we cannot rely on a valid legal basis to retain it.

Under the GDPR and similar laws, we must identify a legal basis for each processing activity. The table below summarizes common activities. Where multiple bases could apply, we rely on the one most appropriate to the situation.

Where we rely on legitimate interests, we balance our interests against your rights. You may object to processing based on legitimate interests in certain circumstances by contacting us; we will explain any compelling grounds that may override your objection.

We do not sell your personal data. We may share data with:

• Hosting and infrastructure providers that store website files and logs.
• Email and communication services used to send and receive messages.
• Analytics or marketing vendors only when you have consented to the relevant cookies or tags.
• Professional advisers such as lawyers or accountants when required for compliance or defense of legal claims.
• Authorities when disclosure is required by law or a lawful request.

Processors are bound by contract to process data only on our instructions and to implement appropriate security measures. We review vendor practices periodically.

We are located in the United States. If you access the site from the European Economic Area, Switzerland, the United Kingdom, or other regions with data transfer rules, your information may be processed in the U.S. or other countries where our providers operate.

Where the GDPR applies and no adequacy decision covers the destination, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission (and the UK Addendum where relevant), supplemented by technical and organizational measures we assess as appropriate to the risk.

We keep personal data no longer than necessary for the purposes collected. Indicative periods:

After retention expires, we delete or irreversibly anonymize data where feasible. Backup copies may persist for a short additional period before automatic rotation.

We implement measures appropriate to the nature of the data and the risks involved, including HTTPS encryption for site traffic, access controls for administrative accounts, vendor due diligence, and confidentiality expectations for anyone who may see personal data while supporting our operations. No system is perfectly secure; we monitor and adjust practices as threats evolve.

Subject to applicable law and verification of your identity, you may have the right to access, rectify, erase, restrict processing, port data, object to certain processing, and withdraw consent where processing is consent-based. You may also lodge a complaint with a supervisory authority in your country.

To exercise rights, email touch@thorxianbloxaryn.world or write to our postal address. We respond within the timeframes required by law, typically within one month for GDPR requests, and may extend that period for complex cases with notice.

We do not make decisions about you based solely on automated processing, including profiling, that produce legal or similarly significant effects regarding this website.

The site is not directed at children under sixteen. We do not knowingly collect personal data from children. If you believe we have received such information, contact us and we will take appropriate steps, including deletion where required.

Cookies and similar storage help us run the site, remember your cookie choices, and—if you opt in—measure traffic or support relevant messaging. Full details appear in our Cookie Policy, including how to change or withdraw consent.

We do not add you to marketing lists based solely on a contact form about a specific question unless you clearly opt in to newsletters or updates and we record that consent. You can withdraw marketing consent at any time using the unsubscribe link in any marketing email or by contacting us.

Our pages may link to external websites. Their privacy practices are governed by their own policies. We encourage you to read those policies before submitting personal data elsewhere.

If the California Consumer Privacy Act (CCPA) as amended applies, you may have rights to know, delete, and correct personal information, and to opt out of certain sharing for cross-context behavioral advertising. We describe categories of data we collect in this policy. We do not “sell” or “share” personal information as those terms are defined in the CCPA in the course of operating this informational site in the manner described here. To submit a request, use the contact details above; we verify requests as required by law.

If you are in the European Economic Area or the United Kingdom, the GDPR or UK GDPR grants the rights summarized above. Our representative contact for supervisory correspondence is the controller address listed in this policy. You may contact your local data protection authority; a list of EU authorities is published by the European Data Protection Board.

We update this Privacy Policy when our practices, services, or legal requirements change. The “Last updated” date reflects the latest revision. For material changes, we may provide additional notice on the site or by email where appropriate.

If you arrive at this website through paid online advertising (for example, search or display ads), the same Privacy Policy applies. We do not change our data practices based solely on ad click data beyond measuring traffic and conversions where you have consented to analytics or marketing technologies. Advertisers and advertising platforms have their own policies; we do not control how platforms process data before you reach our site.

Our landing pages display the same business identity, contact details, and policy links regardless of traffic source. We do not use “cloaking” or show different substantive content to users versus advertising review systems.

For privacy-related questions or requests: touch@thorxianbloxaryn.world or write to Thorxianbloxaryn at the postal address at the top of this page.