Privacy Policy

Effective Date: June 2026
This Privacy Policy applies to all visitors, users, and customers of glowyoo.com (“the Site”), owned and operated by Glowyoo.
This policy complies with the California Consumer Privacy Act (CCPA) for US visitors, and the General Data Protection Regulation (GDPR) for visitors located within the European Economic Area (EEA), United Kingdom and Switzerland.

  1. Information We Collect
    We collect two categories of information when you interact with our website:
    1.1 Personal Information You Voluntarily Provide
    Full legal name, shipping address, billing address
    Email address, phone number for order communication
    Payment information processed securely via PayPal (we do not store full credit card, debit card, or bank account details on our servers)
    Order numbers, purchase history, size/preference notes submitted during checkout
    Newsletter sign-up information, customer service inquiry content
    1.2 Automatically Collected Non-Personal Data
    Device type, browser version, IP address, operating system
    Website browsing behavior, page click history, cart retention data
    Cookie and tracking pixel data for site performance, marketing, and fraud prevention
    Time and duration of your site visits, referral source links
  2. How We Use Your Collected Information
    We only utilize your personal data for limited, business-related purposes:
    Process, fulfill, ship, and track your submitted orders
    Send order confirmations, shipping alerts, delivery updates, and after-sales follow-up emails
    Resolve customer service requests, return/refund applications, and product issue complaints
    Prevent fraudulent checkout activity, chargebacks, and unauthorized transactions (in coordination with PayPal reCAPTCHA security tools)
    Send optional promotional newsletters, discount codes, and new product launches (only if you explicitly opt in)
    Analyze website traffic to optimize page layout, product display, and checkout experience
    Comply with legal requirements, tax record-keeping, and official payment provider audit requests
    We will never sell, rent, trade, or lease your personal identifiable information to third-party marketing companies, data brokers, or unrelated businesses under any circumstances.
  3. Cookie & Tracking Technology Disclosure (GDPR Mandatory)
    Our site uses first-party and third-party cookies, web beacons, and tracking pixels:
    Functional Cookies: Required to save cart contents, remember login status, and enable secure checkout (cannot be disabled)
    Analytics Cookies: Track visitor behavior to improve site usability
    Marketing Cookies: Collect anonymous browsing data for targeted advertising
    Security Cookies: Support reCAPTCHA anti-bot verification to protect payment pages
    Separate Rules for EU/EEA Visitors
    Per GDPR ePrivacy Directive: Non-essential cookies (analytics, marketing) will NOT load on your device until you actively click “Accept Cookies” on our pop-up banner. You may customize cookie categories to reject marketing/analytics tracking entirely.
    US visitors: Cookies load by default; you may opt out of data sharing via the “Do Not Sell My Info” link at page footer.
    You may disable cookies entirely through your browser’s privacy settings at any time. Disabling functional cookies may break cart and checkout functionality.
  4. Third-Party Service Providers & EU Data Transfers
    Limited personal data is shared only with trusted service partners necessary to complete your purchase:
    PayPal: Secure payment processing, fraud detection, and transaction reconciliation
    Global shipping carriers: Delivery address information for package dispatch and tracking
    Website hosting & cache providers: Anonymous site performance logs
    Customer support tools: Order history to resolve support tickets
    GDPR Cross-Border Data Transfer Clause
    If you are located in the EEA/UK, your personal data will be transferred to servers located in the United States. We execute Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data receives equivalent GDPR-level protection after transfer. All third-party vendors are contractually prohibited from reusing your data for external marketing.
  5. Consumer Rights (Dual CCPA + GDPR)
    For EU/EEA/UK Residents (GDPR Full Rights)
    You hold the following enforceable rights, and we will respond to all formal requests within 30 calendar days:
    Right to Access: Request a full copy of all personal data we store about you
    Right to Rectification: Edit inaccurate name, address, contact details
    Right to Erasure (“Right to be Forgotten”): Request permanent deletion of all your order, account and marketing data
    Right to Restrict Processing: Pause marketing emails or tracking of your browsing activity
    Right to Data Portability: Receive your order data in a downloadable, machine-readable format
    Right to Object: Fully opt out of all marketing email communications at any time
    For California US Residents (CCPA/CPRA Rights)
    Right to Request Disclosure: Ask us to share all personal data we have collected about you over the prior 12 months
    Right to Request Deletion: Submit a written request to permanently erase all your stored personal order and account data
    Right to Opt-Out: Refuse optional marketing emails and cross-site data sharing (we do not sell data by default)
    Non-Discrimination: We will not raise prices, limit services, or deny checkout access if you exercise your privacy rights
    To submit a privacy request for any region, email our support team at info@glowyoo.com with your full name and order ID.
  6. Data Security Protection
    We implement industry-standard SSL encryption for all page transmissions, secure server storage, and restricted backend access to customer records. All payment transactions are routed through PayPal’s PCI-DSS compliant payment gateway; we never store complete payment credentials on our website.
    While we take reasonable protective measures, no online data transmission is 100% secure. You are responsible for safeguarding your own device and login credentials when accessing our store.
  7. Data Retention Period
    We retain your order and personal information for 7 years after your final purchase to fulfill tax, accounting, and payment dispute record-keeping obligations. After this period, your data will be securely anonymized or deleted. Marketing email contact information is stored only until you unsubscribe.
  8. Policy Updates & Contact Information
    We reserve the right to revise this Privacy Policy at any time. Updated terms will be posted on this page with a new effective date. Continued shopping on our site constitutes acceptance of revised policy rules.
    For all privacy-related questions, contact: info@glowyoo.com
  9. Cookie Policy Supplementary Note
    A standalone Cookie Policy page is available via footer navigation, detailing all cookie types, tracking partners, and opt-out workflows for GDPR compliance.
Scroll to Top