Privacy policy

Privacy Policy

Effective Date: May 27, 2026

Company: Storifayo LLC

Address: 75 E 3rd St, Sheridan, WY 82801, United States

Website: https://projectvilgatekaivenmorrick.com/

Email: contact@projectvilgatekaivenmorrick.com

1. Introduction

Storifayo LLC ("Storifayo," "Company," "we," "our," or "us") respects your privacy and is committed to protecting the personal data we collect, process, and store in connection with your use of our website located at https://projectvilgatekaivenmorrick.com/ (the "Website") and the services, features, content, and digital products we provide (collectively, the "Services").

This Privacy Policy explains in detail what information we collect, how and why we collect it, how we use and share it, how we protect it, and the rights and choices available to you regarding your personal data. It applies to all visitors, registered users, and customers of the Services, regardless of geographic location.

We process personal data in accordance with applicable data protection laws, including but not limited to the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR"), the United Kingdom General Data Protection Regulation ("UK GDPR"), the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act ("CCPA/CPRA"), and other applicable U.S. state privacy laws.

By accessing or using the Services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Services.

2. Data Controller and Contact Information

For the purposes of the GDPR, UK GDPR, and other applicable data protection laws, the data controller responsible for your personal data is:

Storifayo LLC

75 E 3rd St, Sheridan, WY 82801, United States

Website: https://projectvilgatekaivenmorrick.com/

Email: contact@projectvilgatekaivenmorrick.com

For any privacy-related questions, requests, or concerns, please contact us using the email address above. We will respond within the timeframes required by applicable law.

3. Definitions

For the purposes of this Privacy Policy, the following terms shall have the meanings set forth below:

• "Personal Data" or "Personal Information" means any information relating to an identified or identifiable natural person, such as a name, email address, IP address, payment information, or device identifier.

• "Processing" means any operation performed on personal data, including collection, recording, storage, use, disclosure, transmission, and deletion.

• "Data Subject" means the individual to whom the personal data relates.

• "Controller" means the entity that determines the purposes and means of processing personal data, in this case Storifayo LLC.

• "Processor" means a third party that processes personal data on behalf of the Controller.

• "Sub-processor" means a third party engaged by a Processor to assist in fulfilling its obligations.

• "Consent" means a freely given, specific, informed, and unambiguous indication of the data subject's wishes.

• "Cookies" means small text files placed on your device when you visit a website.

• "Services" means all products, content, tools, and features offered by Storifayo LLC.

• "GDPR" means the European Union General Data Protection Regulation (Regulation (EU) 2016/679).

• "CCPA/CPRA" means the California Consumer Privacy Act, as amended by the California Privacy Rights Act.

4. Categories of Personal Data We Collect

We collect personal data in the following categories, depending on how you interact with the Services:

4.1 Information You Provide Directly

• Account registration information: full name, email address, password (stored in encrypted form), and any additional details you choose to provide.

• Billing and payment information: billing name, billing address, postal code, country, and last four digits of the payment card. Full payment card numbers are processed directly by our payment processor and are not stored on our servers.

• Order and transaction information: products purchased, transaction amount, currency, date and time of purchase, transaction identifiers, and download history.

• Customer support communications: messages, inquiries, complaints, feedback, and any documents or attachments you share with us.

• Marketing preferences: subscription status for newsletters, promotional emails, and consent records.

• User-generated content: reviews, comments, ratings, and any other content you voluntarily submit through the Services.

4.2 Information Collected Automatically

• Device and technical information: IP address, browser type and version, operating system, device type, screen resolution, language preferences, and time zone.

• Usage data: pages visited, time spent on pages, referring and exit URLs, clickstream data, search queries within the Website, and interaction with features.

• Cookies and similar technologies: information collected via cookies, web beacons, pixel tags, and local storage. For full details, refer to our Cookie Policy.

• Log files: server logs containing access times, error messages, and diagnostic data.

• Approximate location data: country, region, and city, derived from IP address. We do not collect precise GPS location data.

4.3 Information from Third Parties

• Payment processors: confirmation of payment status, fraud risk indicators, and limited transaction metadata.

• Authentication providers: if you choose to register or log in using a third-party authentication service, we may receive your name, email, and profile identifier from that service.

• Analytics and advertising partners: aggregated or pseudonymized data about your interactions with our Services.

• Fraud prevention services: risk scores and flags associated with transactions or accounts.

4.4 Sensitive Data

We do not knowingly collect or process special categories of personal data (as defined under GDPR Article 9) or sensitive personal information (as defined under CCPA/CPRA), including data revealing racial or ethnic origin, political opinions, religious beliefs, genetic or biometric data, health information, or sexual orientation. Please do not submit such information through the Services.

5. How We Collect Personal Data

We collect personal data through the following channels:

• Direct interactions when you register an account, place an Order, contact customer support, subscribe to newsletters, or submit content.

• Automated technologies including cookies, server logs, and analytics tools when you access the Website.

• Third-party sources such as payment processors, authentication providers, fraud prevention services, and analytics partners.

• Publicly available sources where permitted by applicable law.

6. Purposes and Legal Bases for Processing

We process your personal data only when we have a valid legal basis under applicable law. Below is a detailed overview of the purposes for which we process your data and the corresponding legal bases under the GDPR:

6.1 Performance of a Contract (GDPR Article 6(1)(b))

• Creating and managing your Account.

• Processing Orders, delivering Digital Products, and providing access to purchased content.

• Providing customer support related to your purchases.

• Sending transactional emails such as Order confirmations, delivery notifications, and receipts.

6.2 Compliance with Legal Obligations (GDPR Article 6(1)(c))

• Maintaining accounting records for tax and regulatory purposes.

• Responding to legal requests, subpoenas, and court orders.

• Complying with anti-fraud, anti-money laundering, and consumer protection laws.

• Retaining records required by applicable U.S. federal, state, and international laws.

6.3 Legitimate Interests (GDPR Article 6(1)(f))

• Preventing, detecting, and investigating fraud, abuse, and security incidents.

• Improving and optimizing the Services, including analyzing usage patterns and performance metrics.

• Defending against legal claims and enforcing our Terms of Service.

• Conducting limited direct marketing to existing customers regarding similar products, subject to your right to object.

• Protecting the rights, property, and safety of Storifayo LLC, our users, and third parties.

Where we rely on legitimate interests, we have conducted balancing tests to ensure that our interests do not override your fundamental rights and freedoms.

6.4 Consent (GDPR Article 6(1)(a))

• Sending marketing communications, newsletters, and promotional emails where required by law.

• Placing non-essential cookies on your device.

• Processing data for purposes specifically disclosed at the time of collection.

You may withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

6.5 Vital Interests and Public Interest

In rare cases, we may process personal data to protect the vital interests of a data subject or another natural person, or to perform a task carried out in the public interest, where required by applicable law.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate the Website, remember user preferences, analyze traffic, and improve user experience. Cookies are categorized as follows:

• Strictly necessary cookies — required for the Website to function, including session management and security. These cannot be disabled.

• Functional cookies — remember your preferences and settings to enhance usability.

• Analytics cookies — help us understand how visitors interact with the Website, including page views, navigation paths, and engagement metrics.

• Marketing cookies — used to deliver relevant advertisements and measure campaign effectiveness, where applicable.

For visitors located in the European Union, the United Kingdom, and other jurisdictions requiring prior consent, we will display a cookie consent banner upon your first visit, allowing you to accept, reject, or customize your cookie preferences. You may update your preferences at any time.

For complete information regarding the specific cookies we use, their duration, and how to manage them, please refer to our Cookie Policy.

8. How We Use Personal Data

We use your personal data for the following specific purposes:

• Creating, maintaining, and securing your Account.

• Processing payments, delivering Digital Products, and managing Orders.

• Sending transactional and administrative communications, including Order confirmations, account notices, security alerts, and policy updates.

• Providing customer support and responding to inquiries, complaints, and requests.

• Personalizing your experience and recommending content relevant to your interests.

• Conducting analytics, market research, and performance analysis.

• Preventing and investigating fraudulent activity, security incidents, and violations of our Terms of Service.

• Complying with legal obligations and enforcing our rights and contracts.

• Sending marketing communications, where permitted by law and subject to your preferences.

• Developing new products, features, and services.

• Aggregating and anonymizing data for statistical and research purposes.

9. Disclosure of Personal Data to Third Parties

We do not sell your personal data. We may share your personal data with the following categories of recipients, subject to appropriate safeguards and only to the extent necessary:

9.1 Service Providers and Processors

• Payment processors (such as Stripe and similar PCI-DSS compliant providers) for the secure processing of payment transactions.

• Hosting and cloud infrastructure providers for storing and delivering the Services.

• Email delivery and communication platforms for sending transactional and marketing emails.

• Analytics and performance measurement tools for understanding usage patterns.

• Fraud prevention and security services for identifying and mitigating risks.

• Customer support platforms for managing inquiries and tickets.

• Content delivery networks for fast and reliable distribution of Digital Products.

All service providers are bound by contractual obligations to process personal data only on our instructions and in compliance with applicable data protection laws.

9.2 Legal and Regulatory Disclosures

• To comply with applicable laws, regulations, court orders, subpoenas, or governmental requests.

• To enforce our Terms of Service and other agreements.

• To investigate, prevent, or take action regarding suspected fraud, security violations, or illegal activity.

• To protect the rights, property, or safety of Storifayo LLC, our users, or third parties.

9.3 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, personal data may be transferred to the successor entity as part of the transaction. We will notify affected users where required by law and ensure that any successor entity is bound by privacy commitments at least as protective as those described in this Privacy Policy.

9.4 With Your Consent

We may disclose personal data to other third parties when you have provided explicit consent for such disclosure.

9.5 Affiliated Entities

We may share personal data with our affiliates and subsidiaries for purposes consistent with this Privacy Policy. All affiliated entities are bound by equivalent privacy and security obligations.

10. International Data Transfers

Storifayo LLC is based in the United States. Personal data collected through the Services may be transferred to, stored, and processed in the United States or other countries where our service providers operate. Some of these countries may not provide the same level of data protection as your country of residence.

When we transfer personal data from the European Economic Area (EEA), the United Kingdom, or Switzerland to a country not deemed to provide an adequate level of protection by the European Commission or relevant authority, we implement appropriate safeguards, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission.

• UK International Data Transfer Agreement (IDTA) or UK Addendum to the SCCs.

• Supplementary technical and organizational measures where required following a transfer impact assessment.

• Binding Corporate Rules or other approved transfer mechanisms, where applicable.

You may request a copy of the safeguards applicable to international transfers by contacting us at contact@projectvilgatekaivenmorrick.com.

11. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, tax, or reporting requirements. The retention periods we apply are determined based on the following criteria:

• The nature and sensitivity of the personal data.

• The purposes for which the data is processed and whether those purposes can be achieved by other means.

• Applicable legal, regulatory, contractual, and operational requirements.

• The potential risk of harm from unauthorized use or disclosure.

Typical retention periods include:

• Account data: retained for the duration of your Account plus a reasonable period (typically up to 24 months) after closure for legal, security, and operational reasons.

• Transaction and billing records: retained for a minimum of seven (7) years, or longer as required by applicable tax and accounting laws.

• Customer support communications: retained for up to 36 months after the last interaction.

• Marketing data: retained until you unsubscribe or withdraw consent, plus a short suppression period to honor your preferences.

• Cookies and analytics data: retained according to the durations specified in the Cookie Policy.

• Fraud and security logs: retained for up to five (5) years for legitimate security purposes.

When personal data is no longer required, we will securely delete, anonymize, or aggregate it in accordance with our internal data retention and disposal procedures.

12. Your Rights Under the GDPR and UK GDPR

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights with respect to your personal data, subject to certain conditions and exceptions under applicable law:

• Right of access (Article 15): obtain confirmation of whether we process your data and a copy of that data.

• Right to rectification (Article 16): request correction of inaccurate or incomplete personal data.

• Right to erasure (Article 17): request deletion of your personal data in certain circumstances, also known as the "right to be forgotten."

• Right to restriction of processing (Article 18): request that we limit the processing of your personal data.

• Right to data portability (Article 20): receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.

• Right to object (Article 21): object to processing based on legitimate interests, including direct marketing.

• Right not to be subject to automated decision-making (Article 22): not be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects.

• Right to withdraw consent (Article 7): withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing.

• Right to lodge a complaint: file a complaint with your local supervisory authority. In the EU, you can find your authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en. In the UK, the Information Commissioner's Office (ICO) at https://ico.org.uk.

To exercise any of these rights, please contact us at contact@projectvilgatekaivenmorrick.com. We will respond to your request within one (1) month of receipt, with possible extension by two (2) additional months for complex requests. We may require verification of your identity before processing requests.

We do not charge a fee for handling requests unless they are manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act.

13. Your Rights Under the CCPA and CPRA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

• Right to know: request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for collection, and the categories of third parties with whom we share it.

• Right to delete: request deletion of personal information we have collected, subject to certain exceptions.

• Right to correct: request correction of inaccurate personal information.

• Right to opt out of sale or sharing: opt out of the sale or sharing of your personal information. We do not sell personal information as defined under the CCPA/CPRA.

• Right to limit use of sensitive personal information: limit the use of sensitive personal information to purposes necessary for providing requested services.

• Right to non-discrimination: not be discriminated against for exercising your privacy rights, including denial of services, different prices, or reduced service quality.

• Right to portability: receive a copy of your personal information in a portable format.

To exercise these rights, please contact us at contact@projectvilgatekaivenmorrick.com. You may also designate an authorized agent to make requests on your behalf. We will verify your identity before responding to requests and will respond within forty-five (45) days, with a possible extension of an additional forty-five (45) days when reasonably necessary.

13.1 Categories of Personal Information Collected and Disclosed

In the preceding twelve (12) months, we have collected the following categories of personal information as defined under the CCPA/CPRA:

• Identifiers (e.g., name, email address, IP address, account identifiers).

• Commercial information (e.g., transaction history, purchases).

• Internet or other electronic network activity (e.g., browsing history, interactions with the Website).

• Geolocation data (approximate, derived from IP address).

• Inferences drawn from the above to create a profile reflecting preferences and behavior.

We have disclosed these categories to the categories of recipients described in Section 9 for the business purposes set forth in Section 8.

13.2 No Sale or Sharing of Personal Information

Storifayo LLC does not sell personal information for monetary consideration and does not share personal information for cross-context behavioral advertising as defined under the CPRA. If our practices change, we will update this Privacy Policy and provide appropriate notice and opt-out mechanisms.

14. Rights of Residents of Other U.S. States

Residents of other U.S. states, including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and other states with applicable privacy laws, may have rights similar to those described above, including the right to access, delete, correct, and opt out of certain processing activities. To exercise these rights, please contact us at contact@projectvilgatekaivenmorrick.com.

15. Data Security

We implement appropriate technical and organizational measures designed to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, alteration, or disclosure. Our security measures include, but are not limited to:

• Encryption of data in transit using TLS protocols.

• Encryption of sensitive data at rest where appropriate.

• Access controls limiting personal data access to authorized personnel on a need-to-know basis.

• Multi-factor authentication for administrative access.

• Regular security assessments, vulnerability scanning, and patch management.

• Use of PCI-DSS compliant payment processors for handling payment card data.

• Employee confidentiality obligations and security training.

• Incident response procedures for handling data breaches.

Despite our best efforts, no method of transmission over the internet or electronic storage is one hundred percent (100%) secure. While we strive to protect your personal data, we cannot guarantee absolute security.

16. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where feasible, no later than seventy-two (72) hours after becoming aware of the breach, in accordance with GDPR Article 33.

Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, in accordance with GDPR Article 34, unless one of the exceptions under that Article applies. We will comply with applicable breach notification requirements under U.S. federal and state laws as well.

17. Children's Privacy

The Services are not intended for, directed at, or marketed to children under the age of sixteen (16). We do not knowingly collect personal data from children under this age.

In compliance with the U.S. Children's Online Privacy Protection Act ("COPPA"), we do not knowingly collect personal information from children under the age of thirteen (13) without verifiable parental consent.

If we become aware that we have inadvertently collected personal data from a child under the applicable minimum age, we will take prompt steps to delete such information. If you are a parent or guardian and believe that your child has provided personal data to us, please contact us immediately at contact@projectvilgatekaivenmorrick.com.

18. Automated Decision-Making and Profiling

We do not make decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you. Limited automated processing may occur for fraud detection, security monitoring, and personalization of content recommendations; however, these activities do not result in decisions that produce significant adverse effects without human review.

If automated decision-making is introduced in the future, we will update this Privacy Policy and, where required by applicable law, obtain your explicit consent and provide additional safeguards including the right to obtain human intervention, express your point of view, and contest the decision.

19. Marketing Communications

With your consent, where required by applicable law, we may send you marketing communications, including newsletters, promotional emails, and announcements about new Digital Products or features. We use the following practices for marketing communications:

• Obtaining your explicit consent before sending marketing emails to new subscribers, where required by law.

• Including a clear and accessible unsubscribe link in every marketing email.

• Honoring opt-out requests promptly, typically within ten (10) business days.

• Maintaining suppression lists to prevent further marketing communications to users who have opted out.

You may opt out of marketing communications at any time by clicking the unsubscribe link in our emails or by contacting us at contact@projectvilgatekaivenmorrick.com. Even if you opt out of marketing communications, we may still send you transactional and service-related communications necessary for the operation of your Account.

20. Third-Party Websites and Services

The Services may contain links to third-party websites, applications, or services that are not operated by Storifayo LLC. This Privacy Policy does not apply to those third parties. We are not responsible for the privacy practices or content of any third-party websites or services.

We encourage you to review the privacy policies of any third-party websites or services you visit. The use of third-party services is at your own discretion and subject to those third parties' terms and policies.

21. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) signal that allows users to indicate they do not wish to be tracked. Because there is currently no industry standard for how websites should respond to DNT signals, we do not currently respond to DNT signals. However, we honor the privacy preferences and choices you communicate to us through other means, including cookie consent management and opt-out requests.

22. Global Privacy Control (GPC)

We recognize and honor the Global Privacy Control (GPC) signal as a valid opt-out preference signal from California residents and other users where required by applicable law. When we detect a GPC signal from your browser, we treat it as an opt-out request for the sale or sharing of personal information.

23. Data Protection Officer

Storifayo LLC has not appointed a formal Data Protection Officer (DPO), as we are not required to do so under GDPR Article 37. However, all privacy-related inquiries are handled by our designated privacy contact, who can be reached at contact@projectvilgatekaivenmorrick.com.

24. EU and UK Representative

If applicable, Storifayo LLC will appoint a representative in the European Union and the United Kingdom in accordance with GDPR Article 27 and UK GDPR. Where a representative has been appointed, contact details will be provided in this Privacy Policy. Until such time, all inquiries from EU and UK data subjects should be directed to contact@projectvilgatekaivenmorrick.com.

25. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational developments. When we make changes, we will:

• Update the "Effective Date" at the top of this Privacy Policy.

• Post the revised Privacy Policy on the Website.

• Where required by law, provide additional notice such as email notification or a prominent notice on the Website.

• For material changes affecting your rights, obtain your renewed consent where required by law.

We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of the Services after changes become effective constitutes acceptance of the updated Privacy Policy.

26. Severability

If any provision of this Privacy Policy is found by a court of competent jurisdiction to be invalid, illegal, or unenforceable, the remaining provisions shall continue in full force and effect. The invalid provision shall be modified to the minimum extent necessary to make it enforceable, consistent with the original intent.

27. Language

This Privacy Policy is written in English. Any translations are provided for convenience only. In the event of any conflict or discrepancy between the English version and any translation, the English version shall prevail.

28. Contact Us

If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our data practices, please contact us:

Storifayo LLC