Privacy policy

Last updated: April 29, 2026

This Privacy Policy describes how ANATOMICA LABS PTY LTD, trading as STAYR ("STAYR", "we", "us", or "our"), collects, uses, discloses, and protects your personal information when you visit, use our services, or make a purchase from stayr-men.com (the "Site"), or otherwise communicate with us regarding our products and Services (collectively, the "Services").

For the purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose personal information we have collected.

STAYR products are intended for adults aged 18 and over only. We do not knowingly market to, or collect personal information from, individuals under 18 years of age.

Please read this Privacy Policy carefully. By using our Services, you acknowledge that you have read and understood this Privacy Policy.

Section 1 — Who We Are (Data Controller)

For the purposes of applicable data protection laws, including the Australian Privacy Act 1988, the UK GDPR, the EU GDPR, and the California Consumer Privacy Act (CCPA/CPRA), the data controller of your personal information is:

ANATOMICA LABS PTY LTD ABN: 18 695 087 631 Level 2, 1341 Dandenong Road, Chadstone, VIC 3148, Australia Email: info@stayr-men.com Website: https://stayr-men.com

If you have any questions, complaints, or requests regarding this Privacy Policy or our handling of your personal information, please contact us at info@stayr-men.com.

Section 2 — Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal obligations, or for other operational reasons. When we do, we will:

  • Post the revised Privacy Policy on the Site;

  • Update the "Last updated" date at the top of this page;

  • Where required by applicable law, notify you directly of material changes (e.g., by email or prominent notice on the Site).

We encourage you to review this Privacy Policy periodically.

Section 3 — Personal Information We Collect

The types of personal information we collect depend on how you interact with the Site and our Services.

3.1 Information You Provide Directly

  • Contact details: name, email address, phone number, billing and shipping address.

  • Account information: username, password, security questions, and other account security data.

  • Order information: products purchased, payment confirmation, order history.

  • Customer support information: content of messages, inquiries, complaints, or chat conversations you send us.

  • Quiz and survey responses: when you voluntarily complete a product recommendation quiz, onboarding questionnaire, or post-purchase survey, we collect the answers you provide. These may include preferences, product usage feedback, and general wellness-related responses. We do not request medical diagnoses or clinical health data.

  • User-generated content: product reviews, testimonials, and feedback you choose to submit, which may include personal experiences.

  • Age confirmation: a declaration that you are 18 years of age or older.

3.2 Information Collected Automatically

When you use the Site, we automatically collect certain information using cookies, pixels, tags, and similar tracking technologies ("Cookies"):

  • Device and technical data: IP address, browser type and version, operating system, device identifiers, screen resolution, language settings.

  • Usage data: pages viewed, links clicked, time spent on pages, referring URLs, navigation paths, search queries on the Site.

  • Location data: approximate geographic location inferred from your IP address.

3.3 Information from Third Parties

We may receive information about you from third parties, including:

  • Payment processors (e.g., Shopify Payments, PayPal, Stripe, Airwallex) who confirm transaction status;

  • Shipping and fulfillment partners who confirm delivery status;

  • Advertising partners (e.g., Meta, Google) who share conversion and engagement data;

  • Analytics providers who help us understand Site usage.

3.4 Sensitive Category Note

Although STAYR operates in the intimate wellness category, we do not intentionally collect special category data as defined under Article 9 of the GDPR (e.g., health data, sexual orientation). Information you provide through quizzes, surveys, or reviews is treated as personal information and handled with additional care given the nature of our product category. We recommend you avoid sharing any medical or diagnostic information in free-text fields.

Section 4 — How We Use Your Personal Information

We use your personal information for the following purposes and legal bases:

  • Processing and fulfilling your orders, including shipping and returns

  • Creating and managing your customer account

  • Providing customer support and responding to inquiries

  • Sending transactional communications (order confirmations, shipping updates)

  • Sending marketing emails, SMS, and promotional content

  • Personalising product recommendations based on quiz/survey responses

  • Displaying targeted advertising on third-party platforms (Meta, Google)

  • Measuring advertising performance and conversion tracking

  • Detecting, investigating, and preventing fraud, chargebacks, and abuse

  • Complying with legal, tax, and accounting obligations

  • Improving the Site, Services, and product offering

  • Verifying that users are 18 or older

For users in Australia, we handle personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

Section 5 — Cookies and Tracking Technologies

We use Cookies and similar technologies on the Site to:

  • Enable essential Site functionality (cart, checkout, login);

  • Remember your preferences and settings;

  • Analyse Site traffic and user behaviour;

  • Measure the effectiveness of our marketing campaigns;

  • Deliver personalised advertising on third-party platforms.

Categories of cookies we use:

  • Strictly necessary cookies (always active): required for the Site to function.

  • Functional cookies: remember preferences (language, currency).

  • Analytics cookies: Google Analytics, Shopify Analytics — help us understand usage.

  • Marketing / advertising cookies: Meta Pixel, Google Ads, and other advertising partner tags.

Managing cookies: Where required by law (UK/EU), we request your consent through a cookie banner before setting non-essential cookies. You can withdraw consent or change your preferences at any time via the cookie settings on the Site, or by adjusting your browser settings to block or delete Cookies. Blocking certain Cookies may affect Site functionality.

For more details on Shopify's use of cookies, see: https://www.shopify.com/legal/cookies

Section 6 — How We Share Your Personal Information

We share your personal information with third parties only as necessary and under appropriate contractual safeguards. Recipients fall into the following categories:

  • E-commerce platform: Shopify (hosting, checkout, customer accounts).

  • Payment processors: Shopify Payments, PayPal, Stripe, Airwallex — to process your payment. They handle payment card details directly; we do not store full card numbers.

  • Fulfillment and shipping partners: to ship your orders (name, address, phone, email, order contents).

  • Marketing and communications platforms: email and SMS providers used to send transactional and marketing communications.

  • Customer support platforms: tools we use to manage support conversations and tickets.

  • Analytics providers: Google Analytics and similar — to measure Site performance.

  • Advertising partners: Meta (Facebook/Instagram), Google, and other platforms — to deliver and measure advertising.

  • Professional advisors: accountants, lawyers, auditors, when reasonably required.

  • Government authorities, regulators, and law enforcement: where required by law or to protect our rights.

  • Acquirers: in the event of a merger, acquisition, reorganisation, or sale of business assets, your information may be transferred to the acquiring party.

We do not sell your personal information for money. Under certain US state laws (e.g., CCPA/CPRA), sharing personal information with advertising partners for cross-context behavioural advertising may be considered "sharing" or "selling". You may opt out (see Section 10).

Section 7 — International Data Transfers

As ANATOMICA LABS PTY LTD is based in Australia and our service providers operate globally, your personal information may be transferred to, stored in, and processed in countries outside your country of residence, including Australia, the United States, the European Economic Area, the United Kingdom, and other jurisdictions.

Where required, we rely on appropriate transfer mechanisms, including:

  • EU/UK Standard Contractual Clauses (SCCs) for transfers from the EEA or UK;

  • Adequacy decisions where applicable;

  • Supplementary measures (encryption, access controls) where needed.

By using our Services, you acknowledge that your personal information may be transferred internationally.

Section 8 — Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, tax, or reporting requirements. Typical retention periods are:

Data Category

Retention Period

Order and transaction records

7 years from the date of transaction (Australian and international tax law requirements)

Customer account data

Duration of the account, plus 3 years after account closure

Marketing consent and preferences

Until you withdraw consent, plus 3 years for evidence of consent

Customer support conversations

3 years after last contact

Quiz and survey responses

2 years, or until you request deletion

Product reviews and user-generated content

Until you request removal (reviews may be retained as published content)

Website analytics data

Up to 14 months (Google Analytics default); aggregated data may be kept longer

Marketing cookies

Up to 13 months from your last visit

Fraud prevention and security logs

Up to 3 years

When personal information is no longer required, we securely delete or anonymise it.

Section 9 — Security of Your Information

We implement technical and organisational measures designed to protect your personal information against unauthorised access, loss, alteration, or disclosure. These include:

  • Encryption of data in transit (HTTPS/TLS);

  • Access controls and authentication for internal systems;

  • Regular security reviews of our platforms and third-party providers;

  • Contractual obligations on our service providers to maintain appropriate security.

However, no system is 100% secure. We cannot guarantee absolute security, and any transmission of information is at your own risk. We recommend you do not share sensitive information through insecure channels.

If we become aware of a data breach affecting your personal information, we will notify you and the relevant authorities as required by applicable law.

Section 10 — Your Rights

Depending on where you live, you may have some or all of the following rights regarding your personal information:

  • Right to access / know: obtain confirmation of whether we process your personal information and request a copy.

  • Right to correct / rectify: request correction of inaccurate or incomplete data.

  • Right to delete / erase: request deletion of your personal information (subject to legal exceptions).

  • Right to portability: receive your data in a structured, commonly used format.

  • Right to restrict processing: ask us to limit how we use your data in certain cases.

  • Right to object: object to processing based on legitimate interests, including direct marketing.

  • Right to withdraw consent: where processing is based on consent, withdraw it at any time (without affecting prior lawful processing).

  • Right to opt out of sale / sharing / targeted advertising (CCPA/CPRA): opt out of the sharing of your information for cross-context behavioural advertising. We honour Global Privacy Control (GPC) signals where technically feasible.

  • Right to non-discrimination: we will not discriminate against you for exercising your rights.

  • Right to lodge a complaint with a supervisory authority (see Section 11).

How to exercise your rights: email us at info@stayr-men.com with your request. We will respond within 30 days (or as required by applicable law). We may need to verify your identity before processing your request. You may also use an authorised agent, subject to proof of authorisation.

Marketing opt-out: you can unsubscribe from marketing emails at any time by clicking the "unsubscribe" link in any email. You can opt out of SMS marketing by replying STOP. These opt-outs do not affect transactional communications (order confirmations, shipping updates).

Section 11 — Complaints

If you have a complaint about how we handle your personal information, please contact us first at info@stayr-men.com so we can try to resolve it.

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority:

  • Australia: Office of the Australian Information Commissioner (OAIC) — www.oaic.gov.au

  • United Kingdom: Information Commissioner's Office (ICO) — www.ico.org.uk

  • European Economic Area: the data protection authority in your country of residence. See the list of EEA supervisory authorities at https://edpb.europa.eu/about-edpb/about-edpb/members_en

  • California: California Privacy Protection Agency — cppa.ca.gov

Section 12 — Third-Party Links

The Site may contain links to third-party websites, plugins, or services. This Privacy Policy does not cover those third parties. We encourage you to review their privacy policies before interacting with them. We are not responsible for the privacy practices, content, or security of third-party sites.

Section 13 — Children's Privacy

Our Services are intended for adults aged 18 and over only. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected personal information from a minor, we will promptly delete it.

If you believe a minor has provided us with personal information, please contact us at info@stayr-men.com.

Section 14 — California-Specific Disclosures (CCPA/CPRA)

California residents have specific rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA):

  • Categories of personal information collected: identifiers (name, email, address, IP), commercial information (order history), internet activity (Site usage, cookies), geolocation (approximate), inferences (product preferences).

  • Sources: directly from you, automatically from your use of the Site, from service providers and advertising partners.

  • Business purposes: as described in Section 4.

  • Third parties with whom we share: as listed in Section 6.

  • Sale/sharing: we do not sell personal information for money. We do share information with advertising partners for cross-context behavioural advertising, which may be considered "sharing" under the CCPA. You may opt out via our cookie banner or by emailing info@stayr-men.com.

  • Sensitive personal information: we do not use or disclose sensitive personal information for purposes beyond those permitted without consent under the CCPA.

Section 15 — Contact Us

For any questions, requests, or complaints regarding this Privacy Policy or our handling of your personal information:

ANATOMICA LABS PTY LTD Level 2, 1341 Dandenong Road, Chadstone, VIC 3148, Australia,

Email: info@stayr-men.com

This Privacy Policy is provided in English. In the event of any translation, the English version prevails.