← ENAS UNIVERSE

Legal

Privacy Policy

Last updated: 15/05/2026

1. Data Controller

The Data Controller is Gian Marco Enas, operating as ENAS UNIVERSE, based in Italy. VAT: IT01569380114. Email: enasgianmarco99@gmail.com.

2. Data We Collect

  • Identification & contact data: name, email address.
  • Transaction data: processed by Stripe (we do not store card details).
  • Technical data: IP address, browser, device, pages visited, referral source.
  • Marketing data: events from Meta Pixel, Google Analytics or similar tools (only with consent).

3. Purposes & Legal Basis (GDPR Art. 6)

  • Delivering the digital products you purchased — contract performance.
  • Invoicing, tax and accounting obligations — legal obligation.
  • Customer support — legitimate interest.
  • Marketing, retargeting (Meta Ads, Google) and analytics — consent.
  • Security, anti-fraud — legitimate interest.

4. Third-Party Processors

We share data only with processors necessary to operate the service:

  • Stripe Payments Europe Ltd. — payment processing.
  • Supabase / Cloud hosting providers — secure data storage (EU region where possible).
  • Meta Platforms Ireland Ltd. — advertising and Pixel tracking (with consent).
  • Google Ireland Ltd. — analytics and advertising (with consent).
  • Email delivery providers for transactional and product delivery emails.

5. International Data Transfers

Some processors (e.g. Stripe, Meta, Google) may process data outside the EEA. Transfers are protected by Standard Contractual Clauses approved by the European Commission and additional safeguards where required.

6. Retention

Account & purchase data: 10 years (Italian tax law). Marketing data: until consent is withdrawn. Technical logs: up to 12 months.

7. Your Rights (GDPR Art. 15–22)

You can access, rectify, erase, restrict, port your data and object to processing at any time by writing to enasgianmarco99@gmail.com. You may also lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali, www.garanteprivacy.it).

8. Security

We apply technical and organisational measures including HTTPS encryption, access control, and tokenised payment processing via Stripe. We never store card numbers.

9. Minors

The service is not intended for users under 16. We do not knowingly process data of minors.

10. Changes

We may update this policy. The date above always reflects the current version.