Privacy Policy for EU & EEA Residents (GDPR Compliance) | New Level Skincare

Effective Date: Nov. 1, 2025

This Privacy Policy explains how New Level skincare ("we", "us", or "our") collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) (EU 2016/679). This policy applies to users accessing our services from the European Union (EU), European Economic Area (EEA), and United Kingdom (UK).

1. Data Controller

Next Level Skincare is the controller of your personal data.
 Contact:
 📧 karifeder@newlevelskincare.com

🌐 www.newlevelskincare.com

2. What Data We Collect

We may collect the following categories of personal data:

  • Identity Data: Name, email address, phone number (if submitted).
  • Technical Data: IP Address, browser type, device type, OS, etc.
  • Usage Data: Information about your browsing behavior on our site.
  • Marketing & Tracking Data: Via tools like:
    • Google Analytics
    • Meta Pixel

 

We do not collect any sensitive data (such as health information or biometric data).

3. Legal Basis for Processing

Under GDPR, we only process your personal data when we have a legal basis to do so:

Legal Basis

Explanation

Consent

When you opt-in for marketing communications or accept tracking cookies.

Contractual Necessity

To provide products/services you've requested.

Legitimate Interests

To analyze usage trends, improve site performance, and conduct advertising (after balancing your rights and interests).

You may withdraw consent at any time via the cookie banner or by contacting us.

4. How We Use Your Data

We use your personal data to:

  • Provide you with our skincare products and services.
  • Personalize content and improve user experience.
  • Analyze traffic and trends with Google Analytics.
  • Deliver relevant ads through Meta Pixel and retargeting.
  • Respond to your inquiries and provide support.

5. Data Sharing

We do not sell your data. However, we may share it with:

  • Third-part service providers, such as analytics and marketing platforms (Google, Meta).
  • Legal authorities, if required to comply with law or protect our rights.

We ensure all third-party data processors comply with GDPR and implement adequate safeguards, especially for data transfers outside the EU/EEA.

6. International Data Transfers

If personal data is transferred outside the EU/EEA (e.g., to servers in the United States), we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions for countries with recognized protection levels.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Access - Request a copy of your personal data.
  • Rectification - Correct any incorrect or incomplete data.
  • Erasure - Request deletion of your data ("right to be forgotten").
  • Restriction - Request limited processing of your data.
  • Portability - Receive your data in a portable format.
  • Objection - Object to processing for marketing or legitimate interest reasons.
  • Withdraw Consent - At any time, without affecting prior lawful processing.

To exercise your rights, contact us at [Insert Contact Email].

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal requirements.

9. Cookies & Tracking

Our site uses cookies and tracking technologies like Google Analytics and Meta Pixel. You will be asked for consent upon visiting our site. You can manage or withdraw consent at any time via our cookie preferences panel.

10. Lodging a Complaint

If you believe your data rights have been violated, you may lodge a complaint with your local Data Protection Authority (DPA) or contact us directly.

11. Updates to This Policy

We may update this policy periodically. Changes will be posted on this page, and we encourage you to review it regularly.