This Privacy Policy describes how Shinebeauty, operating at shinebeauty.world, collects, uses, stores, and protects personal data when you access our online wellness programs for office workers, browse our website, purchase a program subscription, or communicate with our team. We are committed to handling your information responsibly and in compliance with the General Data Protection Regulation (GDPR), the Dutch Implementation Act (Uitvoeringswet AVG), and other applicable data protection legislation in the Netherlands.
1. Data Controller
The data controller responsible for your personal data is Shinebeauty, located at Weteringschans 110, 1017 XS Amsterdam, Netherlands. For any privacy-related enquiries, you may contact us at admin@shinebeauty.world or by telephone at +31614665209 during business hours (Monday to Friday, 9:00–17:00 CET).
2. Scope of This Policy
This policy applies to all personal data processed in connection with our online office wellness programs, including Desk Mobility Essentials, Focus & Posture Pro, and the Executive Wellness Bundle. It covers data collected through our website, program platform, contact forms, payment processing, customer support communications, and any related services offered by Shinebeauty.
3. Personal Data We Collect
3.1 Information You Provide
When you interact with shinebeauty.world, we may collect the following categories of personal data that you voluntarily provide:
- Identity and contact information, including your full name, email address, telephone number, and company name when applicable.
- Account credentials created during program registration, including username and encrypted password.
- Payment and billing information, including billing address, VAT identification number for business purchases, and transaction references. Full payment card details are processed by our secure third-party payment provider and are not stored on our servers.
- Communication content, including messages submitted through our contact form, support tickets, and email correspondence.
- Program preferences and wellness goals shared during onboarding or support interactions.
- Consent records, including your agreement to data processing and acceptance of our terms and policies.
3.2 Information Collected Automatically
When you visit our website or use our program platform, we may automatically collect certain technical and usage data, including:
- IP address, browser type and version, operating system, device type, and screen resolution.
- Pages visited, session duration, click patterns, referral URLs, and navigation paths within shinebeauty.world.
- Program usage data, including sessions completed, modules accessed, progress milestones, and time spent on guided routines.
- Cookie and similar tracking technology data as described in our Cookies Policy.
- Error logs and diagnostic information used to maintain platform stability and security.
4. Legal Bases for Processing
Under the GDPR, we process your personal data on the following legal bases:
- Contractual necessity: Processing required to deliver the online wellness program you have purchased, manage your account, provide platform access, and fulfil our obligations under the agreement between you and Shinebeauty.
- Legitimate interests: Processing necessary for our legitimate business interests, including improving our programs, analysing usage patterns, preventing fraud, ensuring platform security, and conducting internal reporting, provided these interests are not overridden by your rights.
- Consent: Processing based on your explicit consent, such as when you agree to receive marketing communications or accept non-essential cookies. You may withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal.
- Legal obligation: Processing required to comply with applicable laws, including tax regulations, consumer protection requirements, and responses to lawful requests from public authorities.
5. How We Use Your Data
We use the personal data we collect for the following purposes related to our office wellness programs:
- Creating and managing your user account and providing access to purchased program content.
- Processing payments, issuing invoices, and managing subscription renewals.
- Tracking your program progress and delivering personalised session recommendations within the platform.
- Responding to your enquiries, support requests, and feedback submitted through our contact channels.
- Sending transactional communications, including purchase confirmations, access credentials, program updates, and service notifications.
- Improving the quality, relevance, and usability of our wellness programs and website based on aggregated usage analysis.
- Detecting, investigating, and preventing fraudulent activity, unauthorised access, and security incidents.
- Complying with legal and regulatory obligations applicable in the Netherlands and the European Union.
- Sending promotional communications about new programs or features, only where you have provided explicit consent.
6. Data Sharing and Recipients
Shinebeauty does not sell your personal data. We may share your information with the following categories of recipients, strictly for the purposes described in this policy:
- Payment processors and financial institutions that facilitate secure transaction handling.
- Cloud hosting and infrastructure providers that store and deliver our program platform and website content.
- Email and communication service providers used to deliver transactional and support messages.
- Analytics providers that help us understand website and platform usage in aggregated form.
- Professional advisers, including legal, accounting, and compliance consultants bound by confidentiality obligations.
- Public authorities, regulators, or law enforcement agencies when required by applicable law or valid legal process.
All third-party processors are bound by data processing agreements that require them to protect your data in accordance with GDPR standards and to process data only on our documented instructions.
7. International Data Transfers
Your personal data is primarily processed within the European Economic Area (EEA). Where we engage service providers located outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other legally recognised transfer mechanisms. You may request details of the specific safeguards applied to your data by contacting us at admin@shinebeauty.world.
8. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:
- Account and program data: retained for the duration of your active subscription and for up to three years following account closure, to handle support queries, resolve disputes, and comply with legal obligations.
- Payment and billing records: retained for seven years in accordance with Dutch tax and accounting regulations.
- Contact form submissions: retained for up to two years from the date of submission unless a longer period is required for ongoing correspondence.
- Marketing consent records: retained for the duration of consent plus three years to demonstrate compliance.
- Technical logs and analytics data: retained for up to twelve months in aggregated or pseudonymised form.
Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised.
9. Your Rights
Under the GDPR, you have the following rights regarding your personal data processed by Shinebeauty:
- Right of access: Request a copy of the personal data we hold about you.
- Right to rectification: Request correction of inaccurate or incomplete personal data.
- Right to erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
- Right to restriction: Request limitation of processing in certain circumstances.
- Right to data portability: Receive your data in a structured, commonly used, machine-readable format where processing is based on consent or contract.
- Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
- Right to withdraw consent: Withdraw consent at any time where processing is consent-based.
- Right to lodge a complaint: File a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) at autoriteitpersoonsgegevens.nl.
To exercise any of these rights, contact us at admin@shinebeauty.world. We will respond within thirty days of receiving your request, or inform you if an extension is required.
10. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit using TLS protocols, encrypted storage of sensitive credentials, access controls limiting data access to authorised personnel, regular security assessments, and incident response procedures. While we strive to protect your information, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.
11. Children's Privacy
Our online wellness programs are designed for adult office workers and are not directed at individuals under the age of sixteen. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without appropriate parental consent, we will take steps to delete that information promptly.
12. Automated Decision-Making
Shinebeauty does not engage in automated decision-making or profiling that produces legal effects or similarly significant effects on individuals. Program recommendations within the platform are based on general usage patterns and user-selected preferences, not on automated assessments of personal characteristics.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, programs, or legal requirements. The updated version will be published on shinebeauty.world with a revised date at the top of this page. For material changes affecting how we process your data, we will notify registered users via email or a prominent notice on the platform. Continued use of our services after such notification constitutes acceptance of the updated policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact Shinebeauty at Weteringschans 110, 1017 XS Amsterdam, Netherlands, by email at admin@shinebeauty.world, or by phone at +31614665209.