Privacy Policy

Gluno (“we,” “our,” or “us”) is operated by Quantum Foam Studios. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our platform at gluno.co (the “Service”).

By creating an account or using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

Account Information

• Full name and email address (provided at registration)
• Password (stored as a one-way cryptographic hash — never in plain text)

Venture Profile Information

• Business or venture name
• Zip code / geographic location
• Venture stage (idea, early, growth, etc.)
• Industry / focus area
• Goals and interests (used for personalization)

Payment Information

If you subscribe to Gluno Core, your payment details (card number, billing address) are collected and processed directly by Stripe. We do not store full card numbers or CVV codes. We receive only a tokenized payment reference and your subscription status.

Usage Data

• Resources you save, view, or interact with
• Webinars you access
• Pathways you follow
• Feature usage patterns (to improve personalization)

Automatically Collected Data

• IP address and general location (country/region)
• Browser type and version
• Referring URL and pages visited
• Session timestamps

2. How We Use Your Information

• Account management — creating and maintaining your account, authenticating your identity, and processing subscription payments.
• Personalization — matching resources, pathways, and recommendations to your venture stage, industry, and goals.
• Email communications — sending account confirmations, password resets, opportunity alert digests, and product updates. You may opt out of marketing emails at any time.
• Platform improvement — analyzing usage patterns to improve content quality, search relevance, and feature design.
• Legal compliance — meeting our obligations under applicable law, including tax and financial record-keeping requirements.

3. Third-Party Data Processors

We share data with the following sub-processors to operate the Service. Each processor is contractually bound to process your data only as directed and in compliance with applicable data protection law.

4. Cookies and Tracking

We use cookies and similar technologies for the following purposes:

• Session cookies — to keep you logged in between page loads. These are required for the Service to function and cannot be disabled.
• Analytics cookies — to collect aggregate, anonymized usage data to improve the platform. These are optional.

You can control cookie settings through your browser preferences. Disabling session cookies will prevent you from logging in.

5. Data Retention

• Active accounts — your data is retained for as long as your account is active.
• Deleted accounts — upon account deletion, your personal data is deleted or anonymized within 30 days, except where we are required by law to retain it (e.g., financial records required for tax purposes, retained for 7 years).
• Backups — data may persist in encrypted database backups for up to 90 days after deletion.

6. Your Rights (GDPR — EEA / UK Residents)

If you are located in the European Economic Area or United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — request correction of inaccurate or incomplete data.
• Right to erasure — request deletion of your personal data (“right to be forgotten”), subject to legal retention obligations.
• Right to data portability — request your data in a structured, machine-readable format.
• Right to restrict processing — request that we limit how we use your data in certain circumstances.
• Right to object — object to processing based on legitimate interests or for direct marketing.
• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at privacy@gluno.co. We will respond within 30 days.

7. Your Rights (CCPA — California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:

• Right to know — request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, our business purposes for collection, and the categories of third parties with whom we share it.
• Right to delete — request deletion of personal information we have collected from you, subject to certain exceptions.
• Right to opt out of sale — we do not sell your personal information to third parties. This right is therefore not applicable.
• Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, contact us at privacy@gluno.co.

8. Data Security

We implement industry-standard security measures including HTTPS/TLS encryption in transit, encrypted database storage, hashed passwords, and access controls. No method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data.

9. Children’s Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. For material changes, we will notify you by email or by placing a prominent notice on the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related requests, questions, or concerns — including GDPR/CCPA data subject requests — please contact: