Privacy Policy

NOXO Privacy Policy

Last Updated: March 28, 2026
Effective Date: March 28, 2026

1. Introduction

NOXO (“we,” “us,” or “our”) operates the https://noxoglow.com website (the “Site”) and provides related products and services, including LED/light-up party supplies, glow accessories, and novelty goods (collectively, the “Services”). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our Site, create an account, place an order, or interact with our Services.

We are committed to complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) (for users in the European Economic Area/UK) and the California Consumer Privacy Act (CCPA/CPRA) (for users in California). This policy applies to all personal information collected via our Site and Services.

2. Information We Collect

We collect two types of information: Personal Data (identifies you) and Usage Data (non-identifiable browsing data).

2.1 Personal Data You Provide Voluntarily

  • Account & Contact Data: Name, email address, phone number, username, password (encrypted).
  • Order & Shipping Data: Billing address, shipping address, order details, delivery preferences.
  • Payment Data: Credit/debit card details, payment processor tokens (we do not store full card numbers).
  • Communication Data: Messages, support requests, reviews, feedback, and marketing preferences.
  • Other Data: Any information you submit via forms, surveys, or promotions.

2.2 Automatically Collected Usage Data

  • IP address, device type, browser type/version, operating system.
  • Pages visited, time/date of visit, time spent on pages, referring/exit URLs.
  • Cookies, pixel tags, and similar tracking technologies (see Section 7).
  • Shopping cart behavior, product views, and website interaction data.

3. How We Use Your Information

We use your data only for legitimate, disclosed purposes, with clear legal bases (GDPR: contract, consent, legitimate interest, legal obligation):

3.1 Primary Uses (Order Fulfillment & Service Delivery)

  • Process, fulfill, and ship orders; send confirmations, invoices, and delivery updates.
  • Verify payments, prevent fraud, and screen for high-risk transactions.
  • Manage your account, process returns/refunds, and provide customer support.
  • Comply with tax, legal, and accounting obligations.

3.2 Secondary Uses (With Consent or Legitimate Interest)

  • Send marketing communications (new products, promotions, newsletters) only if you opt in.
  • Personalize your experience (product recommendations, saved preferences).
  • Analyze Site usage to improve design, functionality, and product offerings.
  • Conduct marketing analytics, ad targeting, and campaign performance measurement.
  • Protect our rights, property, and users from fraud, abuse, or illegal activity.

4. Sharing & Disclosure of Your Data

We share your data only with trusted third parties as required for service delivery, legal compliance, or with your consent.

4.1 Third-Party Service Providers

  • Payment Processors: Stripe, PayPal, Square (to handle payments securely).
  • Shipping Carriers: USPS, DHL, UPS, FedEx (to deliver orders).
  • Hosting & Infrastructure: Alibaba Cloud (site hosting, security, backups).
  • Analytics: Google Analytics, Facebook Pixel (usage tracking, marketing).
  • Email Marketing: Klaviyo, Mailchimp (newsletters, with opt-in).
  • Customer Support: Zendesk, Freshdesk (support ticket management).

4.2 Legal & Safety Disclosures

  • Comply with laws, regulations, subpoenas, or court orders.
  • Protect NOXO’s rights, property, safety, or users’ safety.
  • Enforce our Terms of Service, policies, or legal agreements.

4.3 Business Transfers

In the event of a merger, acquisition, or asset sale, your data may be transferred as a business asset (we will notify you of such changes).

We do NOT sell your personal data to third parties for commercial purposes.

5. International Data Transfers

Your data may be transferred to/processed in the U.S. and other countries (including the EU/UK, China, and service provider locations). We ensure adequate protection via:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Third-party providers certified under GDPR/CCPA frameworks.
  • Encryption and secure data transmission protocolsWooCommerce.

6. Data Retention

We retain data only as long as necessary for the stated purposes or legal requirements:

  • Order/Payment Data: 7–10 years (tax/legal compliance).
  • Account Data: Until account deletion or 1 year after inactivityWooCommerce.
  • Marketing Data: Until you opt out or withdraw consent.
  • Usage/Analytics Data: 13–24 months (aggregated, anonymized).

7. Cookies & Tracking Technologies

We use cookies to enhance your experience, analyze traffic, and serve ads.

7.1 Types of Cookies

  • Essential Cookies: Required for site functionality (cart, checkout, login) – cannot be disabled.
  • Analytics/Performance Cookies: Track usage, improve site performance.
  • Marketing/Advertising Cookies: Personalize ads, measure campaigns (with consent).

7.2 Managing Cookies

You can control cookies via browser settings (block/delete) or our cookie consent banner. Disabling non-essential cookies may limit site functionality.

8. Your Data Protection Rights (GDPR/CCPA)

Depending on your location, you may exercise the following rights:

8.1 GDPR Rights (EU/UK Users)

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate/incomplete data.
  • Erasure: Request deletion of your data (“right to be forgotten”).
  • Restriction: Request limited processing of your data.
  • Data Portability: Receive data in a usable format.
  • Objection: Object to processing (e.g., marketing).
  • Withdraw Consent: Opt out of marketing/cookies at any time.

8.2 CCPA Rights (California Users)

  • Know: Request details of data collected/shared.
  • Delete: Request deletion of personal data.
  • Opt Out: Opt out of “sale” of data (we do not sell data).
  • Non-Discrimination: No penalty for exercising rights.

8.3 How to Exercise Your Rights

Submit requests via:

  • Email: service@noxoglow.com

We verify requests via account/contact information and respond within 30–45 days (per GDPR/CCPA).

9. Data Security

We use industry-standard measures to protect your data:

  • Encryption: SSL/TLS for data transmission; encrypted storage for sensitive dataWooCommerce.
  • Access Controls: Limited staff access to personal data; role-based permissionsWooCommerce.
  • Security Practices: Regular updates, firewalls, malware scanning, backupsWooCommerce.
  • Incident Response: Notify users/supervisors of breaches within legal timeframesWooCommerce.

Note: No security is 100% impenetrable; we cannot guarantee absolute security.

10. Children’s Privacy

Our Site/Services are not intended for children under 16WooCommerce. We do not knowingly collect data from children. If we discover such data, we will delete it immediately. Contact us at service@noxoglow.com to report underage data.

11. Third-Party Links

Our Site may contain links to third-party sites (e.g., social media, payment portals). This policy does not apply to third-party sites; we encourage you to review their privacy policies.

12. Policy Updates

We may update this policy periodically. Material changes will be posted on the Site with a revised “Last Updated” date. Your continued use of the Site after updates constitutes acceptance of the revised policy.

13. Contact Us

For questions, requests, or complaints about this policy or data practices: