Backrenew.world
Legal · Privacy

Privacy Policy

This document explains how Backrenew.world collects, uses, stores, and protects personal data when you visit our website, request information about EverGlow products, or communicate with our team.

Last updated:

Introduction and commitment

We respect your privacy and process personal data in line with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Dutch Implementation Act (UAVG), and, where relevant, the UK GDPR and other applicable frameworks when you access our services from outside the Netherlands.

This policy applies to visitors of backrenew.world, subscribers to updates where available, and anyone who emails or messages us about EverGlow dietary supplements. It does not cover third-party websites linked from our pages; their policies govern their own processing.

Data controller and representative

The controller responsible for processing is:

Backrenew.world
Van Woustraat 120
1074 AS Amsterdam
Netherlands
Email: talk@backrenew.world

For general questions about this policy or to exercise your rights, use the contact details above. We may request verification information before disclosing or changing records tied to your identity.

Categories of personal data

Depending on how you interact with us, we may process:

  • Identity and contact data: full name, email address, postal address, telephone number when you choose to provide them.
  • Account or order data: order references, delivery preferences, payment status summaries (card numbers are handled by payment processors, not stored on our web servers in full).
  • Communication data: content of forms, emails, and call notes when you contact support.
  • Technical data: IP address, browser type, device identifiers, operating system, referring URL, and approximate location derived from IP for security and analytics.
  • Usage data: pages viewed, scroll depth where measured, click events, and error logs when you consent to optional analytics technologies.
  • Marketing preferences: consent records, unsubscribe timestamps, and campaign identifiers when you opt in to promotional communications.

Purposes and legal bases

We process personal data only when a lawful basis applies under Article 6 GDPR:

  • Performance of a contract or pre-contract steps: responding to purchase inquiries, delivering products, processing payments through partners, and providing customer support related to your order.
  • Legitimate interests: securing our infrastructure, preventing fraud, improving website reliability, measuring aggregate interest in content, and training staff to handle requests consistently—balanced against your rights and freedoms.
  • Consent: optional analytics cookies, marketing emails, and certain surveys where we ask explicitly before processing.
  • Legal obligation: tax, accounting, product safety reporting, and cooperation with competent authorities when required by law.

Retention periods

We keep personal data no longer than necessary for each purpose. Indicative timelines include:

  • Marketing consents and promotional profiles: until you withdraw consent or object, then minimal records of the fact of withdrawal where required to prove compliance.
  • Customer service correspondence: typically up to twenty-four months after the last substantive message, unless a dispute extends the need to retain evidence.
  • Transaction and accounting records: up to seven years where Dutch commercial and tax law requires retention.
  • Server and security logs: rolling retention often between thirty and ninety days, extended if an investigation is ongoing.
  • Cookie identifiers: according to the retention described in our Cookie Policy and your choices in the preference center.

Recipients and international transfers

We share personal data with categories of recipients such as hosting providers, email delivery services, customer relationship tools, payment processors, and analytics vendors bound by written agreements. Some subprocessors may be located outside the European Economic Area. Where required, we rely on Standard Contractual Clauses, adequacy decisions, or other safeguards under Chapter V GDPR, and we assess supplementary measures when necessary.

Security measures

We implement appropriate technical and organizational measures, including TLS encryption for data in transit, role-based access controls, credential rotation, monitoring for unusual activity, and periodic review of vendors. No online transmission is completely risk-free; please protect your devices and report suspected unauthorized access promptly.

Your rights

Subject to applicable law, you may request access, rectification, erasure, restriction of processing, data portability, and objection to processing based on legitimate interests. You may withdraw consent at any time for processing that relies on it, without affecting the lawfulness of processing before withdrawal.

You may lodge a complaint with the Dutch supervisory authority, the Autoriteit Persoonsgegevens, or with another EU or UK authority if you reside or work elsewhere. We encourage you to contact us first so we can address your concern directly.

Automated decision-making

We do not use solely automated decision-making, including profiling, that produces legal or similarly significant effects concerning you.

Children

Our website and products are intended for adults. We do not knowingly collect personal data from children under sixteen without verifiable parental consent. If you believe we have received such data, please contact us and we will delete it promptly where the law requires.

Changes to this policy

We may update this Privacy Policy to reflect legal, technical, or organizational developments. Material changes will be highlighted on this page with an updated “Last updated” date. Continued use of the website after changes constitutes notice where permitted by law; substantive changes affecting consent may require a fresh opt-in.

Contact

Backrenew.world, Van Woustraat 120, 1074 AS Amsterdam, Netherlands

Email: talk@backrenew.world