Privacy Policy | BE LIGHT

General Information This Privacy Policy informs you about the nature, scope, and purpose of the processing of personal data when using our website www.be-light.app.
Data Controller Responsible for data processing:
BE LIGHT NOW GmbH
Brunnenstr. 154, 10115 Berlin, Germany
Email: we-care@be-light.app
Data Protection Officer
A Data Protection Officer has not been appointed as it is not legally required.
Legal Bases for Data Processing
We process personal data based on the following legal grounds:

Contract Performance (Article 6(1)(b) UK GDPR & GDPR): Processing for the fulfillment of purchase contracts in the Wix shop.
Legitimate Interest (Article 6(1)(f) UK GDPR & GDPR): Processing log files for security and error analysis.
Consent (Article 6(1)(a) UK GDPR & GDPR): Processing via cookies, chatbot usage, and newsletter subscriptions.
Compliance with Legal Obligations (Article 6(1)(c) UK GDPR & GDPR): Retention of financial records for tax purposes.

5. Legitimate Interests When we process personal data based on our legitimate interest, this includes:
Website Security: Storing IP addresses to detect and prevent cyber-attacks.
Analytics & Optimization: Using Google Analytics to improve our website.

6. Data Collection & Storage
Log Files: Collected by Wix and stored for security purposes.
Cookies: Used by Wix, Google Analytics, Vimeo, YouTube, and Brevo (see cookie banner).
E-Commerce: Orders placed in the Wix shop require processing of name, address, and payment information.
Newsletter: Managed via Brevo, storing email addresses and tracking interactions (open rates, clicks).
Chatbot (Chatbase): Our FAQ chatbot stores user queries in anonymized form to improve the service.

7. Data Retention Period Personal data is deleted once its purpose is fulfilled or when statutory retention obligations expire:
Log Files: 6 months
Newsletter Data: Until unsubscribed
Purchase Data: 10 years (tax compliance requirements)
Chatbot Interactions: Anonymized data is stored to enhance service quality.

8.Data Sharing & International Transfers
Recipients: Wix, Google Analytics, Vimeo, YouTube, Brevo, Chatbase.
International Data Transfers: Data may be processed in the US. Wix, Google, and Chatbase comply with the EU-U.S. Data Privacy Framework.
For US Residents: Data may be shared under applicable state privacy laws such as the CCPA.

9.Automated Decision-Making & Profiling
No automated decision-making or profiling takes place.

10.User Rights Users have the following rights under UK GDPR, GDPR, and applicable US laws:
Access (Article 15 GDPR & UK GDPR, CCPA Right to Know): Request details of stored data.
Correction (Article 16 GDPR & UK GDPR): Request corrections to inaccurate data.
Deletion (Article 17 GDPR & UK GDPR, CCPA Right to Delete): Request deletion of personal data via we-care@be-light.app.
Processing Restriction (Article 18 GDPR & UK GDPR).
Data Portability (Article 20 GDPR & UK GDPR): Receive data in a machine-readable format.
Objection (Article 21 GDPR & UK GDPR): Right to object to processing based on legitimate interest.

11.Consent & Withdrawal
Cookie Consent: Can be adjusted via the cookie banner.
Newsletter Unsubscription: Available via a link in every email.

12.Complaints & Supervisory Authorities Users have the right to file complaints with the relevant data protection authority:
UK: Information Commissioner’s Office (ICO) - www.ico.org.uk
EU: Berlin Commissioner for Data Protection - mailbox@datenschutz-berlin.de
US: Complaints can be directed under CCPA provisions where applicable.

13.Privacy Inquiries For any inquiries or to exercise your rights, contact us at we-care@be-light.app.

14.External Privacy Policies
Wix: https://www.wix.com/about/privacy
Google Analytics: https://policies.google.com/privacy
Vimeo: https://vimeo.com/privacy
Brevo: https://www.brevo.com/legal/privacypolicy/
Chatbase: https://www.chatbase.co/privacy-policy

This Privacy Policy may be updated to reflect legal requirements or changes in our services.

BE LIGHT 2025