Privacy Policy

Last updated: 9 June 2026

This is a small operation: one person designing, building and shipping hardware wallets. We collect as little personal data as we can get away with, and this page tells you exactly what that is, why we collect it, who else sees it, and what you can do about it. No vague reassurances — just the facts.

1. Who is responsible for your data

The data controller for everything described on this page is:

UO Solutions, LLC, doing business as Ermanno Moser
2875 NE 191st STE 801 · Miami, FL 33180 · United States
Email: [email protected]

There is no data protection officer — the business is too small to require one. Questions go straight to the owner at the address above.

2. What data we collect

We collect personal data in five situations:

  • Orders. When you order a wallet, we collect your name, email address, shipping address, the items you ordered, and the currency and amount you paid. We need this to build, pack and ship your order and to issue an invoice.
  • Payments. Payment is handled by our payment provider, not by us. We never receive or store your full card number — we only get a confirmation that payment succeeded, the amount, and a payment reference.
  • Contact messages. If you write to us through the contact form or by email, we keep your name, email address and the content of your message so we can answer you and refer back to the conversation later.
  • Technical logs. Like almost every website, our hosting infrastructure records IP addresses, browser type, pages requested and timestamps in server logs. These exist to keep the site running and to spot abuse, not to profile you.
  • Consent records. When you make a choice in our cookie banner, we record what you chose and when. We keep these records so we can demonstrate, if asked, that any advertising or analytics cookies were set only after you agreed.

Your shopping cart, currency preference and cookie choice are stored in your own browser's localStorage (keys em_cart_v1, em_currency_v1 and em_consent_v1) and are not sent to us. Details are in the Cookie Policy.

3. Why we collect it, and on what legal basis

Under the GDPR we need a legal basis for each use of your data. Here they are, matched to what we actually do:

  • Performance of a contract (Art. 6(1)(b) GDPR): processing your order, taking payment, shipping the device, and handling returns and warranty claims.
  • Legal obligation (Art. 6(1)(c) GDPR): keeping invoices and order records for as long as tax and accounting law requires.
  • Consent (Art. 6(1)(a) GDPR): advertising and analytics cookies, including Google Ads remarketing and conversion measurement. None of these are set until you say yes.
  • Legitimate interest (Art. 6(1)(f) GDPR): answering your contact messages, keeping technical server logs for security and stability, and defending against legal claims. You can object to processing based on legitimate interest at any time (see section 10).

4. Cookies, localStorage and your consent

The site works fully without any tracking. The only things stored by default live in your browser's localStorage: your cart, your currency choice, and a record of your cookie decision. These are strictly necessary or functional and never leave your device for tracking purposes.

If you are visiting from the European Economic Area, the United Kingdom or Switzerland, we ask for your consent before any advertising or analytics cookies are set. Until you choose, all four Google Consent Mode v2 signals — ad_storage, ad_user_data, ad_personalization and analytics_storage — default to "denied", and Google services set no cookies on your device. We keep a record of your consent choice and its timestamp. You can revoke consent at any time using the "Reset cookie preferences" button on the Cookie Policy page, which clears your stored choice and shows the banner again.

5. Advertising: Google Ads and remarketing

We advertise this shop using Google Ads, including remarketing (showing ads to people who have visited this site before) and conversion tracking (measuring whether an ad led to an order). In plain terms, this means:

  • Third-party vendors, including Google, show our ads on sites across the internet.
  • Third-party vendors, including Google, use cookies and device identifiers to serve ads based on a user's prior visits to this website.
  • You can opt out of personalized advertising by Google at Google Ads Settings, and opt out of many other vendors' personalized advertising at optout.networkadvertising.org or youradchoices.com.

Google is a company that may collect, receive and use personal data — such as cookie identifiers, advertising identifiers and information about your visit to this site — when you consent to advertising or analytics cookies. How Google uses this data is described in How Google uses information from sites or apps that use its services. Again: for EEA, UK and Swiss visitors, none of this happens before you consent.

6. Who receives your data

We share personal data only with the parties needed to run the shop:

  • Payment provider: our payment provider processes your payment securely. They receive your payment details directly; we only see the result — never your full card number.
  • Shipping carriers: USPS, DHL, and other tracked carriers receive your name, address and, where needed for delivery updates, your email address or phone number.
  • Google: receives cookie and usage data for advertising and analytics, only after consent, as described in sections 4 and 5.
  • Hosting provider: Namecheap, Inc. (our hosting provider) stores the website and its server logs on our behalf.

We never share personal data, rent mailing lists, or release data to anyone for their own marketing.

7. International transfers

Google LLC is based in the United States, so consented advertising and analytics data may be transferred there. Google is certified under the EU-US Data Privacy Framework, which the European Commission has recognised as providing adequate protection for personal data transferred from the EU. Where any other processor is located outside the EEA, we rely on an adequacy decision or the European Commission's Standard Contractual Clauses.

8. How long we keep your data

  • Order and invoice records: as long as tax and accounting law requires — typically seven years under United States federal and Florida law.
  • Contact messages: up to 2 years after the conversation ends, in case you come back with a follow-up or a warranty question.
  • Server logs: deleted or anonymised after a short rotation period, normally within 30 days.
  • Consent records: as long as needed to demonstrate that consent was obtained, and for a reasonable period after you withdraw it.
  • Google Ads / Analytics data: retained according to Google's retention settings; we configure the shortest practical retention available.

9. Security

The site is served over HTTPS. Order data is stored on access-controlled systems, and payment details never touch our servers at all — they go straight to the payment provider. No system is perfectly secure, but the small amount of data we hold limits what could go wrong.

10. Your rights

Under the GDPR (and equivalent UK law) you have the right to:

  • Access the personal data we hold about you;
  • Rectify inaccurate or incomplete data;
  • Erase your data, where we have no legal obligation to keep it (we cannot delete invoices that tax law requires us to retain);
  • Receive your data in a portable, machine-readable format;
  • Object to processing based on legitimate interest, and to any direct marketing;
  • Withdraw consent at any time, with effect for the future — for cookies, use the "Reset cookie preferences" button on the Cookie Policy page;
  • Complain to a supervisory authority. You can complain to the data protection authority in your own EU member state.

To exercise any of these rights, email [email protected]. We answer within one month, as the GDPR requires, and usually much faster — there is exactly one person reading that inbox, and it's the owner.

11. No automated decision-making

We do not make any decisions about you by purely automated means, and we do not build profiles of customers beyond the ad personalization you may have consented to through Google (which you can switch off — see section 5).

12. Children

This shop offers security hardware and is not directed at children. We do not knowingly collect data from anyone under 16. If you believe a child has placed an order or sent us data, contact us and we will delete it.

13. Changes to this policy

If we change how we handle data — for example, by adding a new payment provider or advertising platform — we will update this page and change the "Last updated" date at the top. For significant changes we will say so plainly on the site rather than burying it.

14. Contact

Anything unclear, or anything you want changed or deleted: [email protected], or by post to Ermanno Moser, UO Solutions, LLC · 2875 NE 191st STE 801 · Miami, FL 33180 · United States.