← Back to home

Privacy Policy

Last updated: June 21, 2026

Summary

This is the plain-English version. We collect only the email address you give us to join the Vrymo early-access waitlist. We do not sell, share, rent, or use your email for advertising. We do not run analytics or tracking cookies. Our hosting and anti-bot vendors may incidentally process limited technical data such as your IP address when you visit the site. You can ask us to delete your email at any time by writing to privacy@vrymo.com. This Policy covers the pre-launch website at vrymo.com today; a Vrymo iPhone app and full meal-planning service are forthcoming and will have their own, expanded privacy disclosures at launch.

Who We Are

Vrymo is a brand of CONECOMAI, LLC. In this Privacy Policy, "Vrymo," "we," "us," and "our" refer to CONECOMAI, LLC, a U.S. limited liability company that operates the Vrymo brand and the website located at vrymo.com (the "Site").

CONECOMAI, LLC is the "data controller" (under the EU and UK General Data Protection Regulation) and the "business" (under the California Consumer Privacy Act, as amended by the California Privacy Rights Act) that determines the purposes and means of processing your personal information through the Site.

For any privacy question or to exercise your rights, contact us at privacy@vrymo.com.

Scope of This Policy

This Policy applies to the vrymo.com website and the early-access/waitlist sign-up only. It does not yet cover the forthcoming Vrymo iPhone application or the live meal-planning service, which will be governed by separate, expanded privacy notices presented at launch. Linked third-party websites and services have their own privacy policies, which we do not control.

Information We Collect

Information you provide directly. The only personal information you actively submit to us is your email address, which you provide through our waitlist/early-access form. We collect this to add you to the early-access waitlist and to contact you about Vrymo's launch.

Information processed automatically by our service providers. Vrymo uses privacy-friendly, cookieless Web Analytics (provided by Vercel) to measure aggregate visits and page views — it sets no cookies and does not identify or profile individual visitors. Vrymo runs no advertising and no cross-site tracking. However, the infrastructure and security vendors we rely on to host the Site and to prevent bot abuse may automatically process limited technical data to deliver and secure the Site. This may include:

  • your IP address;
  • the date and time of your request and related server log data;
  • your browser and user-agent string and device or HTTP header information; and
  • connection signals such as a TLS fingerprint, used by our anti-bot challenge.

This technical data is processed by our providers for hosting, content delivery, security, and abuse prevention. Vrymo does not use it to build profiles about you or for marketing.

Information we do NOT collect. To be clear about what we do not do on this Site:

  • We do not use analytics or usage-tracking cookies.
  • We do not use advertising or behavioral/cross-context tracking.
  • We do not sell or "share" (as defined by the CCPA/CPRA) personal information.
  • We do not request special-category or sensitive personal data.
  • We do not collect any health, allergy, or medical data on this website. The Site only takes an email address; any allergy-planning features and related data will come later, in the forthcoming app.
  • We do not collect payment information.

How We Use Your Information

We use the limited information described above to:

  • add you to and manage the early-access waitlist;
  • send you launch-related and early-access communications about Vrymo, which you can opt out of at any time;
  • operate, secure, and maintain the website, including hosting, content delivery, and logging;
  • prevent spam, bot abuse, and fraudulent submissions; and
  • comply with legal obligations and establish, exercise, or defend legal claims.

We do not use your email address for advertising, for profiling, for automated decision-making that produces legal or similarly significant effects, or for sale to third parties.

Legal Bases for Processing (EU/EEA and UK Visitors)

If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR and UK GDPR:

  • Consent (Article 6(1)(a)): adding you to the waitlist and sending you early-access and marketing emails, based on your voluntary submission of your email address. You may withdraw your consent at any time (by unsubscribing or emailing us), without affecting the lawfulness of processing carried out before withdrawal.
  • Legitimate interests (Article 6(1)(f)): operating, securing, and maintaining the Site, including server logging and bot/abuse prevention. Our legitimate interest is running a secure, functional website, balanced against your rights and freedoms.
  • Legal obligation (Article 6(1)(c)): retaining or disclosing information where required by applicable law.

We do not process special-category data (Article 9) through the Site.

Third-Party Service Providers

We use a small number of vendors to operate the waitlist. Each acts as our processor or service provider, is bound to handle data according to our instructions and applicable law, and does not receive your data to sell it.

  • Web3Forms (form-to-email processing). Receives your waitlist form submission, including your email address and submission metadata such as your IP address, and relays it to our inbox. Based on Web3Forms' published practices, submissions are transmitted over HTTPS and stored encrypted at rest, and are retained by Web3Forms for a limited period before automatic deletion. For spam and abuse protection, your submission's IP address and email may be transmitted to its anti-spam sub-processor, CleanTalk.
  • Cloudflare, Inc. — Turnstile (bot protection). Processes client-side signals to verify that you are human, which may include your IP address, user-agent, TLS fingerprint, and related browser signals. According to Cloudflare, Turnstile does not use cookies, and Cloudflare states it cannot directly identify individuals from these signals; the signals are used solely to detect and block bots.
  • Vercel, Inc. (website hosting and content delivery). Hosts and serves vrymo.com and processes connection and technical data such as your IP address and request logs to deliver and secure the Site. Vercel maintains a Data Processing Addendum, is certified under the EU–US Data Privacy Framework, and holds ISO 27001 certification.
  • Microsoft Corporation — Microsoft 365 / Exchange Online (email delivery and storage). Your submitted email address arrives in and is stored within our Microsoft 365 mailbox. Microsoft processes this mailbox content as our processor under its Data Protection Addendum, with safeguards including Standard Contractual Clauses.

We may engage additional or replacement processors over time and will keep this list current.

Disclosure of Information; No Sale or Sharing

We disclose personal information only to the service providers listed above, to operate the waitlist, and otherwise only:

  • to comply with applicable law, legal process, or lawful government requests;
  • to protect our rights, safety, and property, or those of our users or others; and
  • in connection with a merger, acquisition, financing, or sale of assets, with notice and continued protection of your information.

Disclosures to service providers under written contracts are not "sales" under the CCPA/CPRA. In the preceding 12 months, we have not sold and have not "shared" (for cross-context behavioral advertising) personal information, and we do not do so now. We do not sell or share the personal information of any consumer, including minors under 16.

Cookies, Tracking, Do Not Track, and Global Privacy Control

vrymo.com does not set advertising or analytics cookies and does not use cross-site tracking. Any token set by our hosting or anti-bot providers would be strictly necessary for security, not for tracking; as noted above, Cloudflare states that Turnstile does not use cookies.

Do Not Track (DNT). Because we do not track users across websites, we do not behave differently in response to a browser's DNT signal. There is no industry-standard response to DNT, and we simply do not track regardless.

Global Privacy Control (GPC). We recognize the GPC signal. Because we do not sell or share personal information, there is nothing to opt out of; nonetheless, we honor opt-out-of-sale/share signals as a matter of policy.

Data Retention

We keep personal data no longer than necessary for the purposes described in this Policy or as required by law, after which we delete or anonymize it.

  • Your waitlist email (in our Microsoft 365 inbox and any waitlist we maintain) is retained until the earlier of (a) the date you ask us to delete it or unsubscribe, or (b) up to 24 months after the waitlist closes or after we determine that we will not launch the waitlist.
  • The Web3Forms-side copy of your submission is retained by Web3Forms for its limited retention window and then automatically deleted, with its server logs purged periodically.
  • Provider technical logs (Vercel, Cloudflare, and Microsoft) are retained according to each provider's own log-retention schedule and then deleted or anonymized.

Data Security

We take reasonable measures to protect your information, including:

  • HTTPS/TLS encryption in transit for all form submissions and Site traffic;
  • reliance on reputable providers with recognized security controls, including encryption at rest for waitlist submissions, Microsoft 365 mailbox security, and Vercel's ISO 27001 and Data Privacy Framework posture;
  • limiting access to the waitlist inbox to authorized personnel; and
  • bot and abuse protection via Cloudflare Turnstile.

No method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security. If we become aware of a personal-data breach affecting your information, we will notify you and the appropriate authorities as required by applicable law.

International Data Transfers

CONECOMAI, LLC is based in the United States. If you access the Site from the EEA, the UK, or elsewhere, your information will be processed in the United States and in other countries where our service providers operate.

For transfers of EU/UK personal data, we and our providers rely on appropriate safeguards, including Standard Contractual Clauses and, where applicable, the EU–US Data Privacy Framework certifications and commitments of our providers, together with their Data Processing Addenda. These mechanisms are intended to provide an appropriate level of protection for personal data transferred out of the EEA and the UK. You may request further information about these safeguards by emailing privacy@vrymo.com.

Your Privacy Rights

Everyone. You may unsubscribe from our emails at any time, and you may request access to or deletion of your waitlist email by contacting privacy@vrymo.com.

EU/EEA and UK (GDPR / UK GDPR). Subject to applicable law, you have the rights of access, rectification, erasure ("right to be forgotten"), restriction of processing, data portability, objection (including to processing based on legitimate interests and to direct marketing), and withdrawal of consent. You also have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects; we do not engage in such decision-making. You have the right to lodge a complaint with your supervisory authority (your EU data protection authority or the UK Information Commissioner's Office).

California (CCPA / CPRA). California residents have the rights to know and access the categories and specific pieces of personal information we collect, to delete personal information, to correct inaccurate personal information, to opt out of the sale or sharing of personal information (we do not sell or share), to limit the use of sensitive personal information (we collect none), and to non-discrimination for exercising these rights. The only category of personal information we collect is identifiers (your email address), together with incidental internet or other electronic network activity information (IP address and log data) processed by our providers. The business purposes are operating the waitlist, communicating with you, and security.

Other US states. Residents of other states with comprehensive privacy laws (for example, Virginia, Colorado, Connecticut, and Texas) may have similar rights to access, delete, correct, and opt out, which can be exercised through the same contact below.

How to exercise your rights. Send all requests to privacy@vrymo.com. We will verify your identity reasonably, generally by confirming control of the submitted email address, and we permit authorized-agent requests where required by law. We aim to respond within the timelines set by applicable law (approximately one month under the GDPR, extendable; approximately 45 days under the CCPA/CPRA, extendable to 90 days). We do not charge a fee except where permitted by law for manifestly unfounded or excessive requests.

Children's Privacy

The Site and Vrymo are intended for adults aged 18 and older, including parents and guardians who plan meals for their families. The Site is not directed to anyone under 18, and we do not knowingly collect personal information from minors. Consistent with the Children's Online Privacy Protection Act (COPPA), we also do not knowingly collect personal information from children under 13; if we learn that we have collected personal information from a child under 13, we will delete it promptly.

A parent or guardian who believes a minor has submitted an email address to us may contact privacy@vrymo.com to request deletion. Vrymo is a tool used by adults for family planning, not a service offered to children, and the forthcoming app will maintain this adult-directed posture.

Important Safety Notice (Allergy Posture); Assumption of Risk and Limitation of Liability

Informational planning aid only. Vrymo is an informational meal-planning aid only. It does not guarantee that any meal, recipe, ingredient, menu, product, or plan suggested, generated, or displayed is free from any allergen or is safe or appropriate for you or any member of your household. Foods that appear allergen-free may still contain or come into contact with allergens because of ingredient substitutions, manufacturer formulation or recipe changes, regional product differences, cross-contact during processing or preparation, mislabeling, or human or data error. Manufacturers' precautionary statements (for example, "may contain" or "made on shared equipment") are voluntary and not standardized, and the absence of such a statement does not mean a food is free from an allergen.

You always make the final label check. The final decision about whether any food is safe for you or your family is always yours. Before purchasing, preparing, serving, or consuming any food, you must read the full, current product label and ingredient list every time, verify ingredients directly with the manufacturer or food provider when in doubt, and rely on the guidance of your or your family member's physician or board-certified allergist. The parent, guardian, or responsible adult always makes the final label check.

Not medical advice. Vrymo does not provide medical, nutritional, dietary, or healthcare advice, diagnosis, or treatment, and is not a substitute for the judgment of a qualified physician, allergist, or registered dietitian. Always seek the advice of a qualified health professional with any questions about food allergies, intolerances, dietary restrictions, or a medical condition, and never disregard or delay obtaining professional medical advice because of anything you have read or seen on Vrymo. If you believe you or anyone in your care is experiencing an allergic reaction or other medical emergency, call 911 (or your local emergency number) immediately.

Assumption of risk. Food allergies can cause serious, unpredictable, and potentially life-threatening reactions, including anaphylaxis and death. By using Vrymo, you knowingly and voluntarily accept and assume all risks associated with food selection, preparation, and consumption for yourself and your household, including the risk of allergic reactions, cross-contact, illness, personal injury, or death, and including risks arising from incomplete, inaccurate, or outdated allergen or ingredient information. You acknowledge that Vrymo cannot detect, test for, or remove allergens and does not inspect, prepare, package, or supply any food; that you are in the best position to know your household's specific allergies and medical needs; and that you alone are responsible for verifying that any food is safe before it is purchased, prepared, served, or consumed. This assumption of risk does not apply to any liability that cannot be waived or limited under applicable law.

Limitation of liability. To the maximum extent permitted by applicable law, in no event will CONECOMAI, LLC or its affiliates, members, officers, employees, agents, suppliers, or licensors be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, or for any personal injury, illness, allergic reaction, anaphylaxis, bodily harm, emotional distress, wrongful death, medical expenses, or other loss of any kind, arising out of or relating to your use of or inability to use Vrymo, or to any food, meal, recipe, ingredient, or allergen information suggested, generated, or displayed by Vrymo, whether based on warranty, contract, tort (including negligence), strict liability, product liability, or any other legal theory, and whether or not we have been advised of the possibility of such damages. Some jurisdictions do not allow the exclusion or limitation of certain damages, including for personal injury, gross negligence, or willful misconduct; nothing in this Policy excludes or limits any liability that cannot be excluded or limited under applicable law, and in such jurisdictions our liability is limited to the smallest extent permitted by law. This limitation does not apply to liability arising from our gross negligence, fraud, or willful misconduct where such limitation is prohibited by law.

The additional binding assumption-of-risk and limitation-of-liability terms that govern your overall use of Vrymo are also set out in our Terms of Service, which apply together with this Policy.

Third-Party Links

The Site may link to third-party websites, including our providers' privacy policies. We are not responsible for the privacy practices or content of those third parties. We encourage you to review their privacy policies before providing them with any personal information.

Changes to This Policy

We may update this Policy from time to time. When we do, we will revise the "Last updated" date above and, for material changes, provide reasonable notice, such as a notice on the Site or an email to waitlist subscribers. Your continued use of the Site after changes take effect constitutes acceptance of the updated Policy, where permitted by law.

How to Contact Us

For privacy questions or to exercise your rights, contact us at privacy@vrymo.com. Privacy-rights requests under the CCPA/CPRA, the GDPR, and the UK GDPR may be directed to the same address.

The entity responsible for this Site and your personal information is CONECOMAI, LLC. Vrymo is a brand of CONECOMAI, LLC.