Privacy Policy

Last Updated:

1. Introduction

Enerthglow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website enerthglow.world and use our services.

We comply with the General Data Protection Regulation (EU) 2016/679 (GDPR), the Austrian Data Protection Act (Datenschutzgesetz – DSG, BGBl. I Nr. 165/1999 as amended), and other applicable data protection laws in Austria and the EEA. By using our website, you agree to the collection and use of information in accordance with this policy.

2. Data Controller Information

The data controller responsible for your personal data is:

  • Company Name: Enerthglow
  • Address: Sankt-Severin-Straße, 3313 Sindelburg, Austria
  • Email: ask@enerthglow.world
  • Country: Austria

For any questions or concerns regarding your personal data or this Privacy Policy, please contact us using the information above.

3. Information We Collect

3.1 Personal Data You Provide

We collect personal information that you voluntarily provide to us when you:

  • Place an order through our website
  • Contact us via email or contact forms
  • Subscribe to our newsletter (if applicable)
  • Create an account on our website

This information may include:

  • Full name
  • Email address
  • Phone number (optional)
  • Shipping and billing address
  • Payment information (processed securely by third-party payment processors)
  • Any other information you choose to provide in communications

3.2 Automatically Collected Data

When you visit our website, we may automatically collect certain information, including:

  • IP address
  • Browser type and version
  • Operating system
  • Referring website
  • Pages visited and time spent on pages
  • Date and time of access
  • Device information

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contract Performance (Art. 6(1)(b) GDPR): Processing necessary for the performance of a contract with you, such as processing your orders.
  • Legitimate Interests (Art. 6(1)(f) GDPR): Processing necessary for our legitimate interests, such as improving our services and website security, provided these interests do not override your rights.
  • Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent, such as for marketing communications or non-essential cookies.
  • Legal Obligation (Art. 6(1)(c) GDPR): Processing necessary to comply with legal obligations, such as tax and accounting requirements.

5. Purposes of Data Processing

We use your personal information for the following purposes:

  • Processing and fulfilling your orders
  • Communicating with you about your orders and inquiries
  • Providing customer support
  • Improving our website and services
  • Analyzing website usage and performance
  • Sending marketing communications (with your consent)
  • Complying with legal obligations
  • Preventing fraud and ensuring website security

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Order Data: Retained for 7 years after the transaction to comply with tax and accounting regulations.
  • Account Data: Retained as long as your account is active, plus 3 years after account deletion.
  • Communication Records: Retained for 3 years after the last interaction.
  • Marketing Data: Retained until you withdraw consent or unsubscribe.
  • Website Analytics: Retained for 26 months maximum.

After the retention period expires, your data will be securely deleted or anonymized.

7. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of Access (Art. 15): You can request a copy of your personal data we hold.
  • Right to Rectification (Art. 16): You can request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17): You can request deletion of your personal data under certain circumstances.
  • Right to Restriction (Art. 18): You can request restriction of processing under certain conditions.
  • Right to Data Portability (Art. 20): You can request your data in a structured, machine-readable format.
  • Right to Object (Art. 21): You can object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent (Art. 7): Where processing is based on consent, you may withdraw it at any time.
  • Right to Lodge a Complaint: You have the right to file a complaint with the Austrian Data Protection Authority (Datenschutzbehörde).

To exercise any of these rights, please contact us using the contact details in section 14. We will respond to your request without undue delay and in any event within one month of receipt (Art. 12(3) GDPR). That period may be extended by two further months where necessary, taking into account the complexity and number of requests; we will inform you of any such extension and the reasons for the delay.

7.1 Automated Decision-Making and Profiling

We do not use your personal data for automated decision-making or profiling within the meaning of Article 22(1) GDPR that would produce legal effects concerning you or similarly significantly affect you.

8. Data Security

We process personal data in accordance with the principles of data minimization and purpose limitation under the GDPR and the DSG.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for data transmission
  • Secure servers and databases
  • Access controls and authentication procedures
  • Regular security assessments
  • Employee training on data protection

While we strive to protect your personal data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

9. Data Sharing and Third Parties

We may share your personal data with:

  • Service Providers: Third parties who assist us in operating our website, conducting our business, or servicing you (e.g., payment processors, shipping companies, hosting providers).
  • Legal Requirements: When required by law, court order, or governmental authority.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.

All third-party service providers are required to protect your data in accordance with GDPR and use it only for the purposes we specify.

10. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

11. Cookies

Our website uses cookies and similar tracking technologies. For detailed information about the cookies we use and your choices, please see our Cookie Policy.

12. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Company: Enerthglow
  • Address: Sankt-Severin-Straße, 3313 Sindelburg, Austria
  • Email: ask@enerthglow.world

You also have the right to lodge a complaint with the Austrian Data Protection Authority:

  • Österreichische Datenschutzbehörde
  • Barichgasse 40-42, 1030 Vienna, Austria
  • Website: www.dsb.gv.at