Privacy Policy

Introduction

brightlevelium AG ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website brightlevelium.top or use our beauty brand distribution services.

Data Controller Information

The data controller for the personal data we collect is:

Data We Collect

We collect various types of information to provide and improve our services. The data we collect includes:

Personal Information

• Contact details (name, email address, phone number)
• Company information (business name, position, industry)
• Communication preferences
• Enquiry details and correspondence

Technical Information

• IP address and location data
• Browser type and version
• Device information
• Website usage patterns and analytics data
• Cookie and tracking technology data

How We Use Your Information

We use the collected information for various purposes, including how we use your information to provide and improve our services:

• Providing beauty brand distribution services and consultation
• Responding to enquiries and customer support requests
• Processing business partnership applications
• Sending relevant business communications and updates
• Improving our website and services through analytics
• Ensuring website security and preventing fraud
• Complying with legal obligations and business requirements

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Legitimate Interest: For business communications, website analytics, and service improvement
• Contractual Necessity: To fulfil our distribution services and partnership agreements
• Consent: For marketing communications and optional data processing activities
• Legal Obligation: To comply with applicable laws and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

• With your explicit consent
• To trusted service providers who assist in operating our website and conducting business
• When required by law or to protect our rights and safety
• In connection with business transfers or mergers
• With potential business partners during partnership negotiations (with appropriate confidentiality measures)

International Data Transfers

As we operate across Europe, your personal data may be transferred to and processed in countries within the European Economic Area (EEA). Any transfers outside the EEA will be conducted with appropriate safeguards in place, including adequacy decisions or standard contractual clauses.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy. Specific data retention periods include:

• Contact enquiries: 3 years from last contact
• Business partnership data: Duration of partnership plus 7 years
• Website analytics data: 26 months
• Marketing communications: Until consent is withdrawn
• Legal compliance records: As required by applicable law

Your Rights

Under GDPR and Austrian data protection law, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for consent-based processing

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training
• Secure hosting and backup procedures

Third-Party Services

Our website may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Supervisory Authority

You have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) if you believe we have not handled your personal data in accordance with applicable law.