flag US
flag CA
flag LE

FREE SHIPPING ON ALL ORDERS OVER $100 *

PRIVACY POLICY

Effective Date:

Last Updated: May 13, 2026

This Privacy Policy describes how Byrna Technologies Inc., together with its subsidiaries and affiliates (collectively, “Byrna,” “we,” “us,” or “our”), collects, uses, discloses, and otherwise processes your personal information when you visit or make a purchase from any of our websites that link to this Privacy Policy, including byrna.com, byrna.ca, and foxlabs.com (collectively, the “Sites”); when you purchase, register, or use our products, including kinetic impact launchers, projectiles, irritant products, accessories, training kits, and related goods (the “Products”); and when you otherwise interact with us, including through our marketing communications, customer support, social media accounts, sweepstakes and promotions, demonstrations, training sessions, and trade events (collectively with the Sites and Products, the “Services”).

Please read this Privacy Policy carefully. By using the Services, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy does not apply to information we collect from job applicants, employees, contractors, or other personnel in the context of an employment or contracting relationship, which is governed by separate notices.

1. INFORMATION WE COLLECT

We collect personal information from you, automatically through your use of the Services, and from third parties, as described below.

For purposes of the California Consumer Privacy Act, as amended (the “CCPA”), and other applicable U.S. state privacy laws, in the preceding twelve (12) months we have collected each of the categories of Personal Information described in this Section 1, from the categories of sources described in this Section 1, for each of the business and commercial purposes described in Section 2, and have disclosed Personal Information to the categories of recipients described in Section 3.

A. Information You Provide to Us

We collect personal information you provide directly to us, including when you:

       Create an account, place an order, or attempt to place an order through our Sites;

       Register a Product or warranty;

       Contact customer service or technical support;

       Sign up for marketing communications, including email, SMS, and direct mail;

       Participate in sweepstakes, contests, surveys, product reviews, or other promotions;

       Attend a demonstration, training session, or trade event hosted by or featuring Byrna;

       Communicate with us through social media, online chat, or other channels; or

       Otherwise interact with the Services.

The categories of personal information you may provide include:

       Identifiers: name, postal address, email address, telephone number, account login credentials, and similar identifiers.

       Customer records: billing address, shipping address, payment card information (collected and processed by our payment processors), and signature on receipts.

       Commercial information: records of Products purchased, considered, or returned; transaction history; and product preferences.

       Communications and content: the content of emails, calls, chat sessions, voicemails, customer service interactions, and submissions you make through forms or social media.

       Government identifiers: only where required by law, including for age verification, dealer licensing, export compliance, or shipment of restricted goods.

       Inferences: inferences drawn from the foregoing to reflect preferences, characteristics, predispositions, or behavior.

B. Information We Collect Automatically

When you visit the Sites, we and our service providers automatically collect certain information about your device, including information about your web browser, IP address, operating system, device type and identifiers, mobile network, language, time zone, and information collected through cookies, pixels, web beacons, tags, software development kits, and similar technologies. Additionally, as you browse the Sites, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Sites, and information about how you interact with the Sites. We may also derive approximate location from your IP address. We do not knowingly collect precise geolocation data through the Sites.

We refer to this automatically-collected information as “Device Information.” We use the following technologies to collect Device Information:

       “Log files” track actions occurring on the Sites, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

       “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Sites.

       “Cookies” are small data files placed on your device. For more detailed information about our use of cookies and similar technologies, including how to manage your preferences, please see our Cookie Notice.

Additionally, when you make a purchase or attempt to make a purchase through the Sites, we collect certain information from you, including your name, billing address, shipping address, payment information, email address, and phone number. We refer to this information as “Order Information.”

C. Information We Receive from Third Parties

We may receive personal information about you from third parties, including:

       Service providers and processors (such as payment processors, fraud prevention services, and shipping carriers);

       Marketing, advertising, and analytics partners;

       Social media platforms when you interact with our content or accounts;

       Public databases and government registries (for age verification, sanctions screening, and export compliance);

       Retail, distribution, and dealer partners through which Products are resold; and

       Other Byrna affiliates and corporate group members.

When we talk about “Personal Information” in this Privacy Policy, we are talking about all of the categories of information described in this Section 1, including Device Information and Order Information.

2. HOW WE USE PERSONAL INFORMATION

We use Personal Information for the following purposes:

We use the Order Information that we collect generally to fulfill any orders placed through the Sites (including processing your payment information, arranging for shipping, and providing you with email receipts, invoices and/or order confirmations). Additionally, we use this Order Information to:

       Communicate with you;

       Screen our orders for potential risk or fraud; and

       When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.

We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Sites (for example, by generating analytics about how our customers browse and interact with the Sites, and to assess the success of our marketing and advertising campaigns).

We also use Personal Information to:

       Operate, maintain, secure, and improve the Services;

       Personalize your experience and the content you see;

       Conduct sweepstakes, contests, and other promotions;

       Verify identity and age, including to comply with sale, age, and dealer restrictions applicable to our Products;

       Detect, investigate, prevent, and address fraud, security incidents, abuse of the Services, and other unlawful or harmful activity;

       Comply with applicable laws, regulations, and legal process, including export controls, age and dealer restrictions, sanctions screening, and law enforcement inquiries;

       Establish, exercise, and defend legal claims; and

       Effect, administer, or evaluate corporate transactions, including mergers, acquisitions, financings, and divestitures.

SMS and Text Messaging

We value your privacy and the information you consent to share in relation to our SMS marketing service. We use this information to send you text notifications (for your order, including abandoned checkout reminders), text marketing offers, and transactional texts, including requests for reviews from us. Opt-in data and consent for text messaging will not be shared with any third parties except for messaging partners, for the purpose of enabling and operating our text messaging program. Our website uses cookies to keep track of items you put into your shopping cart, including when you have abandoned your checkout. This information is used to determine when to send cart reminder messages via SMS. You may opt out of marketing text messages at any time by following the instructions in any message or as described in our Terms of Use.

 

3. HOW WE DISCLOSE PERSONAL INFORMATION

We share your Personal Information with third parties to help us use your Personal Information for the purposes described above. We disclose Personal Information to the following categories of recipients:

       Service providers and processors, who perform services on our behalf, including web and e-commerce hosting (e.g., Shopify), payment processing (e.g., Authorize.net), shipping and fulfillment (e.g., [UPS, USPS]), fraud detection and security (e.g., Shopify), customer service and helpdesk (e.g., Zendesk), marketing and email service providers (e.g., Klaviyo, Yotpo), SMS and telephony (e.g., Klaviyo), analytics (e.g., Google Analytics, Polar, Shopify Analytics), and information technology and cloud services;

       Advertising and analytics partners, including providers of digital advertising, retargeting, and audience measurement services (e.g., Criteo). Some of these arrangements may constitute a “sale” or “sharing” of Personal Information under certain U.S. state privacy laws, as further described in Section 4 below;

       Retail, distribution, and dealer partners, through which Products are sold, demonstrated, or supported ;

       Affiliates and members of the Byrna corporate group;

       Professional advisors, including legal counsel, accountants, auditors, insurers, and consultants;

       Government authorities and other third parties, where we believe in good faith that disclosure is necessary to: (i) comply with applicable law, regulation, legal process, or government request, including in response to a subpoena, court order, or warrant; (ii) enforce our terms of use, this Privacy Policy, or other agreements; (iii) detect, investigate, prevent, or address fraud, security, or technical issues; or (iv) protect the rights, property, safety, or security of Byrna, our customers, employees, or others;

       Acquirers and successors, in connection with a merger, acquisition, financing, due diligence, divestiture, restructuring, dissolution, bankruptcy, or similar transaction; and

       Other parties with your consent or at your direction.

We may also disclose information that has been de-identified, aggregated, or anonymized in a manner that cannot reasonably be used to identify you.

Please note that we do not currently respond to “Do Not Track” signals transmitted by web browsers because no uniform standard for processing such signals has been adopted. We do, however, recognize the Global Privacy Control (GPC) signal as a valid opt-out request as described in Section 4 below.

4. SALE AND SHARING OF PERSONAL INFORMATION; TARGETED ADVERTISING

We do not “sell” Personal Information for monetary consideration. However, our use of cookies, pixels, and similar technologies on the Sites for purposes of cross-context behavioral advertising and analytics may constitute a “sale” or “sharing” of Personal Information under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (the “CCPA”), or “targeted advertising” under similar laws of other U.S. states. The categories of Personal Information that may be subject to such sharing include identifiers (such as device identifiers, advertising identifiers, and IP address), internet or other electronic network activity (such as browsing history, search history, and interactions with our Sites and advertisements), and commercial information.

In the preceding twelve (12) months, the categories of Personal Information that we have shared for cross-context behavioral advertising or otherwise made available to advertising and analytics partners have included the categories identified in the immediately preceding paragraph. We have disclosed such Personal Information to digital advertising networks, analytics providers, and social media platforms. We have not sold Personal Information in exchange for monetary consideration in the preceding twelve (12) months.

You have the right to opt out of these activities. You may exercise this right by:

       Clicking “Your Privacy Choices” or “Do Not Sell or Share My Personal Information” in the footer of our Sites;

       By emailing Privacy@byrna.com; or calling 978-868-5011

       Configuring your browser or device to transmit a Global Privacy Control (GPC) signal, which we honor as a valid opt-out request for the browser or device through which the signal is transmitted.

In the preceding twelve (12) months, we have not knowingly sold or shared the Personal Information of consumers under sixteen (16) years of age, and we do not knowingly do so.

5. SENSITIVE PERSONAL INFORMATION

We do not collect Sensitive Personal Information for the purpose of inferring characteristics about you. To the extent we collect information that is treated as Sensitive Personal Information under applicable law (such as account log-in credentials in combination with passwords, financial account information when you place an order, or government-issued identifiers when required for age or dealer verification), we use such information only for purposes permitted under applicable law without an additional right to limit use, including to provide the Services you request, to ensure security and integrity, to prevent fraud, and to comply with legal obligations.

Because we use Sensitive Personal Information only for purposes enumerated in Section 7027(m) of the CCPA regulations (or analogous provisions of other applicable U.S. state privacy laws), the right to limit the use or disclosure of Sensitive Personal Information does not apply to our processing of such information.

6. DATA RETENTION

When you place an order through the Sites, we will maintain your Order Information for our records unless and until you ask us to delete this information, subject to our right to retain Personal Information as reasonably necessary to: (i) provide the Services and complete pending transactions; (ii) comply with applicable legal, accounting, tax, regulatory, and recordkeeping obligations; (iii) resolve disputes; (iv) enforce our agreements; and (v) protect against fraud and abuse. The specific retention period for any item of Personal Information depends on the nature of the information and the purposes for which it is processed. The criteria we use to determine retention periods include: (i) the duration of our ongoing relationship with you and our provision of the Services; (ii) whether there is a legal, accounting, tax, or recordkeeping obligation to retain the information (for example, transaction and financial records are generally retained for the longer of seven (7) years or such longer period as may be required by applicable tax, accounting, and securities laws); (iii) whether retention is advisable in light of our legal position, including in connection with applicable statutes of limitations, pending or threatened litigation, government investigations, or regulatory proceedings; and (iv) the sensitivity of the information, the volume and nature of the information, and the potential risk of harm from unauthorized use or disclosure. Where Personal Information is no longer needed, we will delete or de-identify it.

7. DATA SECURITY

We maintain reasonable administrative, technical, and physical safeguards designed to protect Personal Information against unauthorized or unlawful access, use, disclosure, alteration, and destruction. No method of transmission over the Internet or electronic storage, however, is completely secure. We cannot guarantee absolute security and are not responsible for the unauthorized acts of third parties.

8. CHILDREN AND MINORS

The Sites and Services are not intended for children under the age of 13, and we do not knowingly collect Personal Information from children under 13 in violation of the Children’s Online Privacy Protection Act (“COPPA”), and no one under the age of 18 may purchase products from this site. If we become aware that we have collected Personal Information from a child under 13 without verifiable parental consent, we will delete that information. If you are a parent or guardian and believe your child has provided Personal Information to us, please contact us using the information in Section 16.

For residents of states that provide additional protections for minors under 18, we do not knowingly process the Personal Information of consumers we know to be under 16 (or, where applicable, under 18) for purposes of selling that information, sharing it for cross-context behavioral advertising or targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects, in each case without the affirmative consent of the consumer or, where required, the consumer’s parent or guardian.

Where verifiable parental consent is required under COPPA, we obtain such consent through one or more of the methods permitted under the COPPA Rule, as amended, and we do not condition a child’s participation in any activity on the disclosure of more Personal Information than is reasonably necessary to participate in that activity. We do not disclose Personal Information collected from a child to third parties for the third party’s own use without obtaining separate verifiable parental consent for such disclosure.

9. YOUR U.S. STATE PRIVACY RIGHTS

Depending on your state of residence, you may have the following rights with respect to Personal Information that we have collected about you, subject to certain exceptions:

       Right to know / access: confirmation of whether we process your Personal Information, and access to the categories and specific pieces of Personal Information we have collected.

       Right to correct: correction of inaccurate Personal Information we maintain about you.

       Right to delete: deletion of Personal Information we have collected from you.

       Right to portability: a copy of your Personal Information in a portable, and to the extent technically feasible, readily usable format.

       Right to opt out of (i) the sale of your Personal Information, (ii) the sharing of Personal Information for cross-context behavioral advertising, (iii) targeted advertising, and (iv) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

       Right to limit use of Sensitive Personal Information, to the extent applicable.

       Right to non-discrimination for exercising any of these rights.

How to Exercise Your Rights

To exercise any of the rights described above, you may submit a verifiable consumer request:

       By email at Privacy@byrna.com; or

       By calling [978-868-5011].

We will need to verify your identity before responding to your request. Verification typically requires you to provide information that allows us to reasonably confirm you are the person about whom we collected Personal Information. We will not use Personal Information provided for verification purposes for any purpose other than verification.

You may designate an authorized agent to submit a request on your behalf. To do so, the authorized agent must provide proof of authorization (such as a written, signed permission or a valid power of attorney), and we may require you to verify your identity directly with us.

Right to Appeal

If we deny your request in whole or in part, you have the right to appeal that decision. To appeal, contact us at privacy@byrna.com with the subject line “Privacy Rights Appeal” and a description of the basis for your appeal. We will respond to your appeal within the time period required by applicable law. If your appeal is denied, you may, depending on your state of residence, contact your state’s attorney general.

California "Shine the Light"

California residents may request information regarding our disclosures of Personal Information to third parties for those parties’ direct marketing purposes during the prior calendar year, pursuant to California Civil Code Section 1798.83. To make such a request, please contact us at privacy@byrna.com.

Nevada Residents

Nevada residents may direct us not to make certain sales of covered information by submitting a verified request to privacy@byrna.com.

10. FINANCIAL INCENTIVES

We do not currently offer any financial incentive, price difference, or service difference in exchange for the collection, retention, sale, or sharing of Personal Information. If we elect to offer any such financial incentive in the future (for example, a loyalty or rewards program, or a discount for signing up to receive marketing communications), we will provide a separate notice of financial incentive that describes the material terms of the program, including the categories of Personal Information involved, the method by which you may opt in to and withdraw from the program, and a good-faith estimate of the value of the Personal Information that forms the basis of the financial incentive, as required by the CCPA and other applicable U.S. state privacy laws.

 

 

11. RIGHTS OF EEA, UK, AND SWISS RESIDENTS

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the EU General Data Protection Regulation (GDPR), the UK GDPR, or the Swiss Federal Act on Data Protection, as applicable, governs our processing of your Personal Information. Byrna acts as the controller of Personal Information collected through the Services.

The identity and contact details of the controller are set forth in Section 15. Where required under Article 27 of the GDPR or Article 27 of the UK GDPR, we will designate a representative in the European Union and the United Kingdom, respectively. The identity and contact details of any such designated representative will be set forth in this Privacy Policy upon designation.

A. Legal Bases for Processing

We process Personal Information on the following legal bases:

       Performance of a contract with you (e.g., to fulfill orders);

       Compliance with legal obligations (e.g., tax, age verification, sanctions and export compliance);

       Our legitimate interests, including to operate, secure, and improve the Services, prevent fraud, and conduct direct marketing (where permitted), provided such interests are not overridden by your rights and freedoms; and

       Your consent, where required (e.g., certain marketing communications and the use of non-essential cookies). You may withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

B. Your Rights

You have the rights of access, rectification, erasure, restriction of processing, data portability, and objection (including the right to object to direct marketing). You may also have the right to lodge a complaint with your local supervisory authority (in the EEA, your national data protection authority; in the UK, the Information Commissioner’s Office; in Switzerland, the Federal Data Commissioner.

C. International Transfers

Personal Information collected in the EEA, UK, or Switzerland may be transferred to, and processed in, the United States and other jurisdictions that may not provide the same level of data protection as your home jurisdiction. Where we transfer Personal Information out of the EEA, UK, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses (and the UK Addendum, where applicable) or the EU-U.S. Data Privacy Framework where applicable. You may request a copy of the relevant safeguards by contacting us at privacy@byrna.com.

12. RIGHTS OF CANADIAN RESIDENTS

If you are a resident of Canada, our processing of your Personal Information is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws, including Quebec’s Act respecting the protection of personal information in the private sector, as amended by Law 25. You have the right to request access to, and correction of, your Personal Information, and to withdraw consent to certain processing, subject to legal or contractual restrictions and reasonable notice. To exercise these rights, contact us at privacy@byrna.com.

In accordance with Quebec’s Law 25, we have designated a person in charge of the protection of personal information (the “Privacy Officer”). The Privacy Officer is responsible for ensuring our compliance with Quebec privacy law. You may contact the Privacy Officer by email at privacy@byrna.com or by mail at the address set forth in Section 17. Quebec residents also have the right, in certain circumstances, to request that we cease disseminating their Personal Information, and to request that the Personal Information be communicated to them or to a third party in a structured, commonly used technological format.

13. AUTOMATED DECISION-MAKING AND PROFILING

We do not use Personal Information to make decisions that produce legal or similarly significant effects concerning you based solely on automated processing, without meaningful human review. To the extent we engage in profiling activities that are subject to opt-out rights under applicable U.S. state privacy laws, or that constitute automated decision-making for purposes of Article 22 of the GDPR or the UK GDPR, we will provide additional disclosures and an opportunity to exercise applicable rights as required by law. You may request additional information about our use of automated processing by contacting us at privacy@byrna.com.

14. THIRD-PARTY SITES; COOKIES

Our Sites may contain links to, or be embedded with, websites, plug-ins, and applications operated by third parties. We are not responsible for the privacy practices of those third parties, and we encourage you to review their privacy notices. Our use of cookies and similar technologies is described in our Cookie Notice

15. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. When we do, we will revise the “Last Updated” date at the top of this Privacy Policy. If we make material changes, we will provide notice as required by applicable law. Your continued use of the Services after the effective date of any update constitutes your acceptance of the updated Privacy Policy.

16. CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at privacy@byrna.com (or info@byrna.com), by telephone at [978-868-5011], or by mail at the address below:

Byrna Technologies Inc. - Attn: Privacy

100 Burtt Road, Suite 115

Andover, MA 01810

United States

 

17. EU and UK REPRESENTATIVES

Where required under Article 27 of the GDPR or Article 27 of the UK GDPR, we will appoint a representative in the European Union and the United Kingdom, respectively, to act as our point of contact for supervisory authorities and individuals on matters relating to the processing of Personal Information. The identity and contact details of any such designated representative will be set forth in this Privacy Policy upon designation. The applicability of Article 27 to Byrna’s activities, and the volume and nature of any sales or other offerings directed to data subjects in the EU or UK, are to be confirmed by the business in coordination with outside counsel.

Search