Privacy policy

Applicable to glowsupplements.shop and GLOW SUPS. App

1. CONTROLLER / WHO IS RESPONSIBLE

The controller responsible for the processing of your personal data within the meaning of the EU General Data Protection Regulation (GDPR) is:

Julian Herrmann
Geschwister-Scholl-Allee 12
14532 Kleinmachnow, Germany
Email: info@glow-supplements.com

2. SCOPE OF THIS PRIVACY POLICY

This Privacy Policy explains how we collect, use, protect, and share your personal data when you:

Visit our website at glowsupplements.shop
Place an order for our products
Use the GLOW SUPS. mobile app
Participate in our affiliate program

This policy applies to all customers, website visitors, and app users within the European Union (EU) and is compliant with the General Data Protection Regulation (GDPR).

3. WHAT DATA WE COLLECT

3.1 Website & E-Commerce Data

When you visit our website or place an order, we collect:

Order and account data: Full name, email address, delivery address, phone number (if provided), order history, subscription status
Payment information: Payment details are processed securely by Shopify Payments. We do not store your full credit card details on our systems. Only tokenized payment references are retained for subscription renewals.
Technical data: IP address, browser type and version, device information, operating system, pages visited, time spent on pages, referral source (e.g., social media, search engine, affiliate link)
Cookies and tracking data: See Section 6 for details on cookies

3.2 GLOW SUPS. App Data

When you use the GLOW SUPS. App, we collect:

Account data: Email address, name, unique access code
Face scans and progress photos: Images you voluntarily upload for skin analysis and before/after tracking (stored securely and accessible only by you)
Habit tracking data: Daily check-ins, completed habits, streaks, and other progress metrics
Health data (optional): Any health-related information you choose to provide (e.g., skin concerns, wellness goals)
Device data: Device type, operating system version, app version, unique device identifier (for app functionality only, not for advertising)
Camera and photo access: The app requests permission to access your camera and photo library to enable face scanning and progress tracking. You may deny this permission, but certain app features will be unavailable.

Important: We do not collect:

Location data
Contacts or address book data
Microphone or audio data
Advertising tracking data (no Meta Pixel, TikTok Pixel, or Google Ads tracking within the app)

3.3 Affiliate Program Data

If you participate in our affiliate program via UpPromote, we collect:

Name, email address, payment details (bank account or PayPal)
Referral links and performance metrics (clicks, conversions, commission balance)

4. PURPOSE AND LEGAL BASIS FOR PROCESSING

We process your personal data for the following purposes and legal bases:

Purpose	Legal Basis (GDPR)
Order processing, fulfilment, and delivery	Art. 6(1)(b) — Performance of a contract
Sending order confirmations and shipping updates	Art. 6(1)(b) — Performance of a contract
Processing payments and managing subscriptions	Art. 6(1)(b) — Performance of a contract
Customer support and responding to enquiries	Art. 6(1)(b) — Performance of a contract
Managing your GLOW SUPS. App account and providing app features	Art. 6(1)(b) — Performance of a contract
Storing face scans and progress photos in the app	Art. 6(1)(a) — Explicit consent (you can delete this data at any time)
Improving website performance and user experience	Art. 6(1)(f) — Legitimate interest
Fraud prevention and security	Art. 6(1)(f) — Legitimate interest
Marketing emails (if you opt in)	Art. 6(1)(a) — Consent (you may withdraw consent at any time)
Advertising and remarketing (Meta, TikTok, Google Ads)	Art. 6(1)(a) — Consent (via cookie banner)
Managing affiliate accounts and processing commissions	Art. 6(1)(b) — Performance of a contract
Compliance with legal obligations (tax, accounting)	Art. 6(1)(c) — Legal obligation

5. THIRD-PARTY SERVICES

We use the following third-party services that may process your personal data. Each service operates under its own privacy policy, and where required by GDPR, we have concluded Data Processing Agreements (DPAs).

5.1 E-Commerce & Payments

Shopify Inc. (Canada/United States)
Purpose: E-commerce platform, payment processing, order management
Data shared: Name, email, address, order details, payment information
Legal basis: Art. 6(1)(b) — Performance of a contract
Data transfer: USA (GDPR-compliant via Standard Contractual Clauses)
Privacy Policy: https://www.shopify.com/legal/privacy

Seal Subscriptions (subscription management)
Purpose: Managing recurring subscription orders
Data shared: Email, name, payment token, subscription preferences
Legal basis: Art. 6(1)(b) — Performance of a contract

5.2 Advertising & Analytics (Website Only)

Meta Platforms, Inc. (Facebook, Instagram)
Purpose: Advertising pixel for tracking conversions and retargeting
Data shared: IP address, browser data, pages visited, purchase events
Legal basis: Art. 6(1)(a) — Consent (via cookie banner)
Privacy Policy: https://www.facebook.com/privacy/explanation

TikTok Pte. Ltd.
Purpose: Advertising pixel for tracking conversions and retargeting
Data shared: IP address, browser data, pages visited, purchase events
Legal basis: Art. 6(1)(a) — Consent (via cookie banner)
Privacy Policy: https://www.tiktok.com/legal/privacy-policy

Google LLC (Google Analytics, Google Ads)
Purpose: Website analytics and advertising
Data shared: IP address (anonymized), browser data, pages visited
Legal basis: Art. 6(1)(a) — Consent (via cookie banner)
Privacy Policy: https://policies.google.com/privacy

5.3 Affiliate Program

UpPromote (affiliate tracking and management)
Purpose: Tracking affiliate referrals, managing commissions, processing payouts
Data shared: Affiliate name, email, payment details, referral performance
Legal basis: Art. 6(1)(b) — Performance of a contract
Privacy Policy: https://uppromote.com/privacy-policy

5.4 App Infrastructure (GLOW SUPS. App)

Apple Inc. (App Store distribution)
Purpose: App distribution via the Apple App Store
Data shared: App Store account data (managed by Apple, not by us)
Legal basis: Art. 6(1)(b) — Performance of a contract
Privacy Policy: https://www.apple.com/legal/privacy/

Backend Server (React Native / Expo)
Purpose: Hosting app data (account, face scans, habit tracking)
Data shared: All app data listed in Section 3.2
Legal basis: Art. 6(1)(b) — Performance of a contract
Data storage: Encrypted at rest and in transit (HTTPS/TLS)

Important: The GLOW SUPS. App does not use third-party advertising or analytics SDKs. All data collected in the app is used solely for app functionality and is not shared with advertisers.

6. COOKIES

Our website uses cookies, which are small text files stored on your device that help us analyse traffic, personalise content, and improve your experience.

6.1 Types of Cookies We Use

Essential Cookies (no consent required):
Required for the website to function properly. These include session cookies, shopping cart functionality, and security features.

Analytics Cookies (consent required):
Used to understand how visitors interact with our website (e.g., Google Analytics). These cookies collect anonymized data about page views, time on site, and navigation paths.

Marketing Cookies (consent required):
Used to personalise ads and track conversions from Meta, TikTok, and Google Ads. These cookies enable us to show you relevant ads based on your interests and measure campaign performance.

6.2 Managing Cookies

When you first visit our website, you will be asked to consent to non-essential cookies via a cookie banner. You may:

Accept all cookies
Reject non-essential cookies (only essential cookies will be used)
Customise your preferences (select which categories to accept)

You may also manage or delete cookies at any time via your browser settings. Note that disabling essential cookies may affect website functionality.

7. DATA RETENTION

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

Order and account data: Retained for a minimum of 10 years for tax and accounting purposes under German law (§ 147 AO, § 257 HGB)
Subscription data: Retained for the duration of your subscription, plus 10 years for accounting purposes
Marketing data (if you opt in): Retained until you withdraw consent or request deletion
App data (face scans, habit tracking): Retained until you delete your app account or request deletion
Affiliate data: Retained for the duration of your affiliate account, plus 5 years for commission records
Website analytics and cookies: Retained for up to 26 months (Google Analytics default)

8. YOUR RIGHTS UNDER GDPR

As an EU resident, you have the following rights regarding your personal data:

Right of access (Art. 15 GDPR): You may request a copy of all personal data we hold about you
Right to rectification (Art. 16 GDPR): You may request correction of inaccurate or incomplete data
Right to erasure (Art. 17 GDPR): You may request deletion of your personal data, subject to legal retention requirements
Right to restriction of processing (Art. 18 GDPR): You may request that we limit how we process your data
Right to data portability (Art. 20 GDPR): You may request your data in a machine-readable format to transfer to another service
Right to object (Art. 21 GDPR): You may object to processing based on legitimate interest (e.g., marketing)
Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on consent, you may withdraw it at any time. This does not affect the lawfulness of processing before withdrawal.

How to exercise your rights: Contact us at info@glow-supplements.com with your request. We will respond within 30 days.

You also have the right to lodge a complaint with your national data protection authority:

Germany: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Str. 153, 53117 Bonn
Website: https://www.bfdi.bund.de

9. DATA SECURITY

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it from unauthorised access, loss, or misuse.

These measures include:

HTTPS/TLS encryption for all website and app communication
Secure payment processing via Shopify Payments (PCI DSS compliant)
Encrypted storage of sensitive app data (face scans, health data)
Access controls and authentication for app accounts
Regular security audits and updates

While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to using industry best practices.

10. CHILDREN'S PRIVACY

Our website and app are not intended for children under the age of 16. We do not knowingly collect personal data from children under 16 without parental consent.

If you believe that we have inadvertently collected data from a child under 16, please contact us immediately at info@glow-supplements.com, and we will delete the data as soon as possible.

11. INTERNATIONAL DATA TRANSFERS

Some of our third-party service providers (e.g., Shopify, Meta, Google) are based outside the European Economic Area (EEA), including in the United States.

When we transfer your data to countries outside the EEA, we ensure that appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions by the European Commission (where applicable)
Data Processing Agreements (DPAs) with third-party processors

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or new features.

Significant changes will be communicated via:

Email (if you have an account or active subscription)
A notice on our website
An in-app notification (for GLOW SUPS. App users)

Continued use of our website or app after changes have been made constitutes acceptance of the updated policy.

13. CONTACT

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: info@glow-supplements.com
Address: Julian Herrmann, Geschwister-Scholl-Allee 12, 14532 Kleinmachnow, Germany

Last updated: May 14, 2026

Your cart is empty

Your Cart 0

Privacy policy

Applicable to glowsupplements.shop and GLOW SUPS. App

1. CONTROLLER / WHO IS RESPONSIBLE

2. SCOPE OF THIS PRIVACY POLICY

3. WHAT DATA WE COLLECT

3.1 Website & E-Commerce Data

3.2 GLOW SUPS. App Data

3.3 Affiliate Program Data

4. PURPOSE AND LEGAL BASIS FOR PROCESSING

5. THIRD-PARTY SERVICES

5.1 E-Commerce & Payments

5.2 Advertising & Analytics (Website Only)

5.3 Affiliate Program

5.4 App Infrastructure (GLOW SUPS. App)

6. COOKIES

6.1 Types of Cookies We Use

6.2 Managing Cookies

7. DATA RETENTION

8. YOUR RIGHTS UNDER GDPR

9. DATA SECURITY

10. CHILDREN'S PRIVACY

11. INTERNATIONAL DATA TRANSFERS

12. CHANGES TO THIS PRIVACY POLICY

13. CONTACT

Privacy policy

Applicable to glowsupplements.shop and GLOW SUPS. App

1. CONTROLLER / WHO IS RESPONSIBLE

2. SCOPE OF THIS PRIVACY POLICY

3. WHAT DATA WE COLLECT

3.1 Website & E-Commerce Data

3.2 GLOW SUPS. App Data

3.3 Affiliate Program Data

4. PURPOSE AND LEGAL BASIS FOR PROCESSING

5. THIRD-PARTY SERVICES

5.1 E-Commerce & Payments

5.2 Advertising & Analytics (Website Only)

5.3 Affiliate Program

5.4 App Infrastructure (GLOW SUPS. App)

6. COOKIES

6.1 Types of Cookies We Use

6.2 Managing Cookies

7. DATA RETENTION

8. YOUR RIGHTS UNDER GDPR

9. DATA SECURITY

10. CHILDREN'S PRIVACY

11. INTERNATIONAL DATA TRANSFERS

12. CHANGES TO THIS PRIVACY POLICY

13. CONTACT

Get a Mystery Gift! Join our Newsletter