Privacy Policy

Effective Date: June 9, 2025

At Gleamira, we are committed to protecting your privacy. This Privacy Policy outlines how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and applicable payment security requirements, including Strong Customer Authentication (SCA) and PSD2.

1. Who We Are

Gleamira is a digital beauty platform offering digital skincare products and resources. We operate in accordance with EU data protection laws.

2. What Data We Collect

We collect personal information only where necessary and only for specific purposes. This includes:

Personal Identifiers: Name, email address, billing address, country
Payment Information: Processed securely through third-party providers (we do not store card details)
Technical Data: IP address, browser type, operating system
Usage Data: Page visits, time spent on site, click paths (via analytics)

3. Legal Basis for Processing

Under GDPR, we collect and process your personal data on the following legal bases:

Consent: You give explicit consent (e.g., newsletter sign-up)
Contractual Obligation: To fulfill your purchase or access to digital products
Legal Obligation: To comply with tax, fraud, or regulatory requirements
Legitimate Interests: Improving user experience and site performance

4. Your GDPR Rights

As an EU resident, you have the following rights:

Right to Access – Request a copy of your personal data
Right to Rectification – Request correction of inaccurate data
Right to Erasure – Request deletion of your data (“right to be forgotten”)
Right to Restrict Processing – Limit how we process your data
Right to Data Portability – Transfer your data to another service
Right to Object – Opt out of direct marketing and profiling

You can exercise your rights by contacting us at: contact@gleamira.live

5. Payment Security & SCA (Strong Customer Authentication)

In accordance with PSD2 and SCA regulations:

We use secure, two-factor authentication for all online transactions.
All payment operations comply with EU Payment Services Directive (PSD2).
Transactions are processed via certified payment gateways that support 3D Secure 2 protocols.

Gleamira does not store your payment card data on our servers.

6. Data Retention

We retain personal data only for as long as necessary to:

Fulfill your purchase
Comply with legal obligations
Maintain accurate business records
Enforce our terms and policies

7. Cookies

We use cookies to enhance user experience, analyze site usage, and support marketing efforts. You can manage cookie preferences through your browser settings or review our Cookies Policy.

8. Third-Party Services

We may share data with trusted third parties for:

Payment processing (e.g., Stripe, Adyen)
Email communications
Website analytics (e.g., Google Analytics)

These providers comply with GDPR and are bound by confidentiality obligations.

9. Data Transfers

If data is transferred outside the EU (e.g., to US-based processors), we ensure:

Standard Contractual Clauses (SCCs) are in place
The receiving party provides an adequate level of data protection

10. Changes to This Policy

We reserve the right to modify this Privacy Policy at any time. Changes will be published on this page with an updated effective date.

11. Contact Us

If you have questions or wish to exercise your data rights, contact:

📧 contact@gleamira.live