Privacy Policy

Your privacy matters to us at Suplar, UAB ("Suplar", "we", "us", "our"). In line with our vision of "Crafting Tomorrow," we blend proven nutrition science with a touch of retro‑futurist optimism to help you become your best self. Safeguarding your privacy is an essential part of this commitment.

This Privacy Policy (the “Policy”) is designed in accordance with the European Union’s General Data Protection Regulation (GDPR) and applicable e-commerce laws.
Throughout this Policy, the terms “you” or “your” refer to any individual interacting with us, and “Site” refers to the website accessible at https://suplar.eu/.

Whenever you explore the Site, e-mail our Care Team or unwrap a Suplar supplement pack, you trust us with information about you. We handle that data with the same care and precision we use to formulate our products.

Below you’ll find, in plain language, how we treat your data and the choices you control. Suplar is the data controller of personal information collected through our Site.

This Privacy Policy is available in English. If you require assistance understanding any part of it in your native language, feel free to contact us.

Our Privacy Policy clearly outlines: (1) What personal information we collect; (2) How and why we use personal information; (3) How we share personal information; (4) Your rights regarding your personal data; and (5) Retention & Security.

We collect only the data needed to run our business and serve you. Below are typical situations in which we obtain personal information and the data involved.

Generally

• Product enquiries, support or downloads. When you request information about our supplements, use the “Contact Us” webpage, download content, we ask for contact details such as name, e‑mail, preferred language and, if relevant, company name and postal address.

• Newsletter sign‑up. To send you product news and offers, we collect your name and e‑mail address. You can unsubscribe at any time.
• Account registration. Creating a Suplar account means providing your name, e‑mail, password, shipping/billing addresses, and marketing preferences.
• Placing an order or subscription. At checkout we collect your name, postal and billing addresses, phone number and chosen payment method. Payments are processed by Shopify; we never see full card or bank details.
• Reporting a problem or asking a question. If you contact customer care by e‑mail, we receive your message and any information you include about your subscription or order.
• Surveys, contests and quizzes. If you take part in a survey, promotion or quiz and share feedback about your well‑being goals, we process the answers you choose to give. This may include optional lifestyle or dietary‑preference information, which we handle only with your explicit consent.
• Information about others. If you give us someone else’s personal data (for example, shipping an order to a friend), you confirm you have their permission to do so and that we may process it under this Policy.

Technical & usage data
When you browse the Site or open one of our e‑mails, we and certain independent third‑party analytics and advertising providers — use cookies, pixels, local‑storage objects and server logs to collect:

• Personal identifiers such as your IP address and unique cookie ID.
• Device details including browser type and version, operating‑system version, screen resolution, language settings, device model and advertising identifiers.
• Usage data such as pages or screens viewed, time spent, scroll depth, links clicked, referring URL or last URL visited, and interactions with our e‑mails.

We analyse this information to:
• understand how many visitors view particular pages or videos;
• keep the Site secure and prevent malicious conduct;
• improve layout, content and performance; and
• (with your consent) tailor marketing and measure the effectiveness of campaigns.

Certain cookies are set by analytics and advertising providers (e.g. Google Analytics 4 with IP‑anonymisation) and Meta Pixel who process data under contract with Suplar. Full details appear in our Cookie Policy section below. Content displayed on social‑media pages is also subject to those platforms’ own privacy and cookie rules. 

Opt‑out tools. You can install the Google Analytics opt‑out browser add‑on (https://tools.google.com/dlpage/gaoptout) or change your cookie preferences via the banner or “Cookie Settings” link. You may also block or delete cookies in your browser; basic Site features (e.g. cart, login) may stop working if essential cookies are disabled. The Site does not respond to “Do Not Track” (DNT) signals unless required by law. This is because there is no universally accepted standard for DNT signals, and our cookie preferences provide granular control over tracking.

Interactions with Suplar content on social media (e.g., liking, commenting, sharing) are governed by the privacy policies of those platforms (e.g., Meta, TikTok). We do not control how they process your data.

We use the personal information collected through our Site to provide, maintain, and enhance our services, to develop new products and offerings, and to ensure the security and integrity of both our business operations and your data. Additionally, we process your personal information in accordance with the specific business and commercial purposes for which it was originally collected or authorized by you.

We use your personal information for the following purposes:

To Perform a Contract:


• To create and manage your account;
• To process your payments and complete transactions;
• To fulfill and ship your orders;
• To manage and administer your subscriptions;
• To provide you with customer support and respond to your inquiries.


With Your Consent:


• To send newsletters, promotional materials, and marketing communications;
• To place marketing and analytical cookies on your device;
• To process data from optional surveys, quizzes, or feedback forms;


You may withdraw your consent at any time.

To Comply with Legal Obligations:


• To retain invoices and financial records for legally mandated periods (e.g., seven years);
• To honor your consumer rights, such as withdrawal or refund requests;
• To maintain records necessary for product safety compliance;
• To respond appropriately to lawful requests from governmental or regulatory authorities.


For Our Legitimate Interests:


• To secure and protect the integrity of our Site and services;
• To detect, investigate, and prevent fraud or misuse (e.g., flagging suspicious login attempts while minimizing data collection);
• To analyze Site usage, product demand, and customer preferences to enhance our offerings in ways that align with your expectations (e.g., improving product recommendations without profiling);
• To send a one-time post-purchase request for feedback, ratings, or reviews;
• To personalize your experience by delivering relevant content and recommendations;
• To administer contests, promotions, or special events, including communication and participation management;
• To improve our customer service and interaction methods (e.g., via live chat, email, text, or calls);
• To inform you about additional products, services, and special offers that may be of interest.


We carefully balance our legitimate interests against your privacy rights. For example, fraud detection measures are designed to minimize data collection to what is strictly necessary, and marketing personalization is based on broad preferences rather than intrusive profiling.

We do not use automated decision-making that significantly affects users.

We treat personal data confidentiality. Sharing happens only when necessary and under robust safeguards.

We only process your personal data when we have a valid legal basis to do so, as outlined below:

3.1 Within Suplar
Limited staff in operations, fulfillment, finance and compliance may access your data on a “need‑to‑know” basis and are bound by confidentiality.

3.2 Service providers (Processors)
We engage vetted third parties under GDPR‑compliant data‑processing agreements for:


• Infrastructure & hosting: secure cloud platforms within the European Economic Area (EEA).
• Payment processing: licensed payment service providers for handling transactions.
• Warehousing & logistics: regional fulfillment centers and delivery coordination tools.
• Customer‑support software: tools that help us manage inquiries and provide efficient service.
• Analytics & performance: services used to understand how people interact with our Site and improve performance.


Each provider must keep data secure, act solely on our instructions and delete data when the contract ends.

Advertising & social‑media partners
When — and only when — you consent to marketing cookies, we share hashed identifiers or cookie IDs with Meta, Google and TikTok to show you relevant Suplar ads and measure campaign reach. You can withdraw consent at any time via “Cookie Settings.”

Payment processors
We partner with licensed third-party payment service providers to handle transactions securely. Your payment details (such as card or bank information) are processed directly by these providers, in accordance with their own privacy and security standards. Suplar does not store full card numbers or banking credentials.

Professional advisers
Lawyers, auditors and insurers receive data only when necessary for audits, legal claims or risk management and are bound by professional secrecy.

Legal and safety disclosures
We may disclose information if required by EU or member‑state law, court order or governmental request, or to defend legal rights, investigate fraud or protect the safety of Suplar, you or others.

Business transfers
If we merge, acquire or sell assets, personal data may transfer to the new entity under the same privacy commitments. We will notify you of any change of controller.

Aggregated or de‑identified data
We may share statistical information that cannot reasonably be used to identify you (e.g., supplement reorder rates by region). This data is not subject to this Policy.
International transfers. Whenever data leaves the EEA/UK we rely on Standard Contractual Clauses 2021/914, the UK Addendum where appropriate, encrypted transit and strict access controls.

All third-party service providers are contractually obligated to process your data only in accordance with our instructions and applicable data protection laws.

You remain in control of your personal data. Under Articles 12–22 of the GDPR, you have the right to:


• Access – Request confirmation of whether we process your personal data and receive a copy.
• Rectification – Ask us to correct any inaccurate or incomplete information.
• Erasure – Request deletion of your data when it’s no longer necessary, if you withdraw consent, or if the processing is unlawful.
• Restriction – Request a temporary pause in processing while we verify data accuracy, review an objection, or where you prefer restriction over deletion.
• Objection – Object to processing based on legitimate interests (e.g., analytics or fraud prevention), or to any direct marketing. Clicking "unsubscribe" will stop marketing emails immediately.
• Data Portability – Obtain a machine-readable copy of the personal data you’ve provided, or request its transfer to another controller.
• Withdraw Consent – Withdraw your consent at any time for processing activities based on it, without affecting prior lawful use.



How to Exercise Your Rights
To submit a request, email us at privacy@suplar.eu with a clear subject line (e.g., “Erase my data”). We may ask for details — such as your order number or account email — to verify your identity. We will respond within 30 days, or within 90 days for complex requests (with prior notice).

Complaints
If you believe your rights have been violated, you have the right to lodge a complaint with your local data protection authority.

We only keep your personal data for as long as it’s needed — whether to fulfill the purpose it was collected for, meet legal or contractual obligations, or improve your experience with Suplar.

Some information (like order records or support history) may be kept for a period required by law or internal policies. Where data is no longer necessary, we securely delete or de-identify it.

We also retain certain types of technical or analytical data in a fully anonymized form to help us understand usage patterns and improve our services — without identifying you.

Access to your data is restricted to authorized personnel only.

We may retain data for extended periods where required to fulfill legal obligations or to establish, exercise, or defend legal claims.

Security MeasuresAt Suplar, protecting your personal data is part of the care we put into everything we do. We apply a thoughtful mix of technical, organizational, and physical safeguards to help ensure your information remains protected.

Our security practices follow industry standards and are supported by trusted third-party technologies and partners. While no system is entirely immune to risk, we’re committed to ongoing improvements and handling your data with the same precision we apply to our products.

We also maintain incident response and data breach notification procedures in accordance with Articles  33 and 34 of the GDPR. In the event of a data breach posing a risk to your rights, we will notify relevant authorities within 72 hours and affected users without undue delay.

Our Site is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16 years of age. If we become aware that we have inadvertently collected personal information from a child under the age of 16 (or the applicable minimum age in a relevant jurisdiction), we will promptly take steps to delete such information from our records.

If you believe that we may have collected personal information from a child, please contact us at privacy@suplar.eu. Parents or legal guardians who become aware that their child has provided us with personal information may also contact us to request its removal.

We are committed to maintaining transparency as our practices evolve.
Any updates to this Privacy Policy will be reflected on this page. In cases where changes are substantial, we will ensure clear communication — whether through a prominent notice on our website, direct email (where applicable), or other appropriate channels. We encourage you to revisit this Policy periodically to stay informed about how we continue to protect and respect your personal data.


Your continued use of the Site after any updates to this Policy constitutes acceptance of those changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, feel free to reach out. You can contact us by email or by sending a letter to the address below:

E-mail: privacy@suplar.eu
Mailing Address:
„Suplar“, UAB
Perkūnkiemio g. 13‑91
LT‑12114 Vilnius, Lithuania

We’re here to help and will respond as promptly as possible.

We use cookies and similar technologies (“cookies”) on our website to provide essential functionality, improve performance, analyze usage patterns, personalize your experience, and deliver relevant marketing content. This policy outlines how and why we use cookies and the options available to you.

Cookies are small text files that are stored on your device when you visit a website. They help us remember your preferences, improve the usability of our website, and provide important security and analytics functions. Cookies may be set by us (“first-party cookies”) or by third parties (“third-party cookies”) that provide services on our behalf.

Essential Cookies

These cookies are strictly necessary for the functioning of our website. They enable core features such as page navigation, security, and access to protected areas. These cookies cannot be disabled through the cookie preference tool.

Functional Cookies

These cookies remember choices you make, such as your language or region, and provide enhanced, personalized features. Disabling them may affect your user experience.

Analytics and Performance Cookies

These cookies help us understand how visitors interact with our website by collecting anonymized data. We use this data to improve functionality and monitor performance.

Marketing and Social Media Cookies

These cookies are used to deliver advertising relevant to your interests, limit ad frequency, and measure campaign effectiveness. They may also be set by social media platforms when you engage with our content. These cookies require your consent.

We may occasionally update the categories of cookies used as our website evolves.

We may allow trusted third-party providers (such as Google and Meta) to place cookies on our site for analytics, fraud detection, marketing, and optimization purposes. These providers act either as processors under our instruction or as independent controllers. You can find more details in our Cookie List and our Privacy Policy.

Consent Management
When you first visit our site, you will see a cookie banner that allows you to accept or reject non-essential cookies. You can change your preferences at any time via the “Cookie Preferences” link at the bottom of the site.

Opt-outs
Most browsers allow you to block or delete cookies. Please be aware that disabling essential cookies may impair the functionality of the website. You can learn how to manage cookies via:


• www.allaboutcookies.org
Provides detailed guidance on adjusting cookie settings across various browsers, instructions for deleting cookies from your device, and general information about how cookies work.


• www.aboutcookies.org 
Provides extensive information on how to adjust cookie settings across different browsers, delete cookies from your device, and understand the general use and function of cookies.


• www.youronlinechoices.eu 
For users in the UK and Europe, this resource provides guidance on third-party cookies used by advertisers and explains how to disable them through the Internet Advertising Bureau’s (IAB) consumer platform.


Google Analytics Opt-Out:
You can prevent your data from being used by Google Analytics by installing the Google Analytics Opt-Out Browser Add-on, available at tools.google.com/dlpage/gaoptout.

Your Ad Choices (EU/UK):
To control interest-based advertising and manage your cookie preferences across many ad networks in Europe and the UK, you can visit www.youronlinechoices.eu.

Global Privacy Control (GPC)
If your browser is configured to send a Global Privacy Control (GPC) signal, we will respect this preference and treat it as an opt-out request in accordance with applicable data protection laws.

We may update this Cookie Policy occasionally to reflect changes in our cookie practices, applicable legal requirements, service offerings, or industry standards. We recommend reviewing this policy regularly to stay informed about how we use cookies and your related choices.