privacy policy

Privacy Policy

Date: 31/07/2025

General

Privacy Policy details LELO’s commitment to protecting the information of visitors to the LELO website ("Visitors") and individuals that register to use LELO services ("Customers"). It explains how personal data is collected, how it is stored, for how long it is retained, what the purposes of processing are, as well as individual rights in relation to such personal data. LELO processes personal data following the provisions of the EU General Data Protection Regulation (GDPR) and other applicable data privacy regulations.

Please read the following carefully to understand our Privacy Policy and practices regarding your information collected through the LELO website, through your use of our services, and through our marketing activities. If you do not agree with this Privacy Policy and our practices, your choice is not to use our website, not to register to use our services or to unsubscribe from our marketing. 

About us 

This Privacy Policy details LELO’s treatment of personal data gathered when you access or use LELO website or our services and through LELO and marketing activities. LELO acts as the data controller of your personal data as described in this Privacy Policy when collecting personal information from: (i) Visitors to LELO website; (ii) Customers when registering to use our services; and (iii) personal information received from you through our marketing activities.

The provisions of this Privacy Policy apply to LELOi AB and its affiliated companies within the LELO Group. Depending on the affiliated company you came into contact with and under what circumstances, such a company shall be considered a data controller in that particular case.

Personal Data 

Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Personal Data we collect 

Personal Data can be collected either directly from you (information communicated via the different forms on LELO website), or indirectly when you visit LELO website (login and browsing data).

Personal data shared with LELO by accessing LELO website is used for the purposes of managing your relationship with LELO as well as better personalization of your experience and interaction with LELO, including customized advertising and offerings. 

When you wish to create your account on lelo.com we will ask you for your email address, first name, last name and to specify your gender.  

When you sign into your LELO account, we will ask you for your email address. If you wish to sign in using Apple or Google accounts for login to lelo.com, we will ask for your account information for authentication.

When you place an order on lelo.com, we will ask you for your shipping address, first name, last name, company and company address (optional), shipping, and/or billing address, postal code, city, phone number and cardholder data.

When you wish to contact support through the Contact Support form, we will ask you for your email address, phone number and to select the country you are writing from. You can also contact us via Zendesk contact form. Please read their Privacy Policy and Terms of use before contacting us through Zendesk contact form.

When you sign up for our newsletter, we will ask you for your email address.

When you sign up for Volonté newsletter, we will ask you for your name and email address. If you wish to contact us through Volonté blog, we will ask you for your email and your name. 

When you want to apply to a current opening on our career page, we will ask you for your first and last name, email address and professional data (CV). You will then be redirected to TalentLift webpage. Please read their Privacy Policy and Terms of use before registering.

When you want to leave a review on LELO website about a product you purchased, we will ask for your location and email address. Please note that reviews are managed by Bazaarvoice and comply with the Bazaarvoice Authenticity Policy, which is supported by anti-fraud technology and human analysis.

If you wish to connect your device via Bluetooth to LELO App, we might collect the following personal information automatically through the App or through third-party services employed in this App, which can include email address, first and last name, IP addresses or domain, location, and other parameters about the device operating system and/or the User's IT environment (e.g. Bluetooth Sharing Permission).

Lawful basis for processing Personal Data 

The lawful basis for processing Personal Data, in the context of this Privacy Policy, is:

Consent - In some situations we may ask you for your consent to process your Personal Data. If you provide your consent, we will process your Personal Data on the basis of such consent. You may withdraw such consent at any time. However, withdrawing your consent does not affect the lawfulness of any processing based on your consent before your withdrawal.

Legitimate interest - We process your Personal Data on the basis of our prevailing legitimate interest to provide and improve services to you (including personalized user experiences or location-based services) through our website, our LELO App or communicating with you including sending important notifications and updates regarding the website/App usage. Also, we might process your Personal Data to comply with legal obligations and respond to enforcement requests or to detect any malicious or fraudulent activity. 

When collecting and processing your personal data is based on LELO’s legitimate interest, we give our best efforts to ensure your fundamental rights and freedoms are not overridden by LELO’s interests.  

Contract - If you engage with LELO on a contractual basis, LELO processes your Personal Data to fulfil its obligations under the contract.     

Personal data processing operations

Use of the website

Data shared with LELO by accessing lelo.com is used for the purposes of managing your relationship with LELO as well as better personalization of your experience and interaction with LELO, customized advertising and offerings.

Contact forms and e-mail communication

LELO’s website contains Contact support forms through which you can reach our Support teams. To respond more efficiently, we may ask for some additional information when filling out the contact forms (including but not limited to e-mail address, phone number, country of residence). Depending on the type of inquiry, LELO will process the data expressly stated on the respective form to fulfil the purpose of replying to your request, optimizing our services, and informing you about LELO products. For these purposes, such data may be shared with third-party service providers such as Zendesk.

To process your personal data for the processes mentioned above, LELO pursues its legitimate interest in answering your inquiry.

Receiving LELO newsletters and direct marketing

If you provided your email to receive LELO newsletter and/or provided your name and email address to receive Volonté newsletter, we might have collected personal data contained within such email addresses. 

When you subscribe to our newsletters, you will receive emails with promotional communications, including emails about LELO products. For these purposes, such data may be shared with our third-party service providers. 

Subscribing to LELO/ Volonté newsletter is voluntary (based on the consent you have given) and you can unsubscribe at any time. In such case you will no longer receive email notifications regarding LELO products and/or services.

Managing online purchases

When you wish to purchase a product on lelo.com, we will process personal data you provided to us as part of your order. For the purpose of performing the contract, mandatory fields are marked as such for processing, analyzing and delivering your purchases, taking payments and making refunds and also, for fraud detection and prevention.

After complete processing of the contract, your personal data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law.

We will forward your personal data to our logistics service providers within the scope required for the delivery of the ordered goods. 

As part of the payment process on lelo.com, we work together with our payment service providers. Depending on the selected payment method, we will forward personal data necessary for processing the payment transaction to the selected payment service provider. In certain cases, payment service providers collect the data required for processing the payment themselves, e.g. on their own website or via technical solution within the ordering process. In this respect, please read their Privacy policy before making payment.

We may forward personal data to our service providers, which they will use for the purpose of fraud prevention and to optimize our payment processes.

Job applications 

This data is processed on the basis of LELO’s legitimate interest in carrying out a selection process - we need this information to be able to contact you and to check whether you are suitable for the position. After the selection process is finished, we will delete the submitted job applications. For these purposes, such data may be shared with third-party service providers. 

When applying for a position at LELO, you are given the option to provide your consent for us to keep you in our candidate database for 24 months, and if a position that would suit your qualifications opens up in the future, we may contact you for a job interview.

Security of your data

Based on our legitimate interest in protecting our employees, customers, business associates, and our property we might process personal data such as log files, IP addresses, traffic data, metadata, incident reports, data from data breaches.

To prevent unauthorized access or disclosure and to maintain data accuracy, as well as to ensure the appropriate use of such data, LELO utilizes all reasonable technical and organizational measures to protect your personal data, including but not limited to minimizing the processing of personal data,  encryption and anonymization of personal data as soon as possible. Additionally, LELO continuously undertakes and upgrades different measures to ensure the highest standards for data privacy. 

Although LELO uses best industry practice in keeping the data safely stored, LELO does not guarantee that the safety, technical and organizational measures undertaken will be sufficient to fully protect your personal data against potential unauthorized access and use of your personal data. Moreover, to the maximum extent permitted by applicable law, LELO cannot guarantee the safety of your information when in the possession of other parties. However, if such an attempt is detected, we will notify you as soon as reasonably possible of a potential breach of the security measures directly to your contact address.

Retention period 

LELO will retain your personal data as long as it is required to fulfil the purpose of collection or for as long as the applicable law requires. We will delete your personal data when it is no longer required for the aforementioned processing purposes and no statutory retention obligations prevent deletion.

Personal Data sharing 

To give you better service and complete support, please note that your personal data might be shared with LELO affiliates within the LELO Group. If legally required to do so or when necessary to protect its rights or the rights of third parties, LELO shall need to disclose information to public authorities, such as law enforcement.

LELO uses various tools, third-party service providers, plug-ins and other technologies to pursue its legitimate interest in carrying out web analysis, improving your website experience, personalizing and enhancing its offerings to you, optimizing our IT support, accounting, legal, HR, marketing and sales services. For this type of activity, we also engage affiliated LELO and Foreo companies. The affiliated company Lelo Adria d.o.o. has been engaged in the maintenance of our websites, supporting the process of on-line sales, marketing, promotion, social networks, PR, and customer care services. 

LELO uses network operators and/or other communications service providers when this is necessary for the set-up of proper routing and connectivity.

LELO engages with third-party service providers to the extent strictly necessary for them to perform specific actions on our behalf. We may share personal data with our trusted and verified third-party service providers. Our service providers are located in the EU, UK or US and have conducted security audits to make sure that they can ensure an adequate level of personal data protection. 

LELO may implement additional tools or introduce new third-party providers to enhance your user experience and optimize its services and offerings and LELO will strive to notify of such changes by updating this Privacy Policy in due time. 

LELO uses social networks (LELO Facebook, LELO X, LELO Instagram, LELO WeiBo, LELO YouTube, LELO Reddit, LELO Tik Tok, LELO Snapchat, LELO WeChat, LELO Little Red Book, LELO DouYin, LELO TaoBao, LELO Instagram Australia & New Zealand, LELO Instagram Spain, Facebook Intimina, X Intimina, Pinterest Intimina, Instagram Intimina, Instagram Intimina Spain, Instagram Intimina Portugal, Youtube Intimina, LELO Beauty Instagram, LELO Beauty You Tube, LELO Beauty Tik Tok, LELO HEX X, LELO HEX Instagram, LELO HEX Youtube) to communicate with our customers and advertise our products.  For detailed information about the use of cookies and advertising tools that we use please read our Cookie Policy.

For security reasons and to avoid spam and bots making enquiries, LELO uses Google reCAPTCHA. More information is available in Google’s Privacy Policy.

International data transfers

In some cases, our contractual partners also process data in countries outside the EU/EEA. In order to ensure the protection of your personal rights also in the context of these data transfers, LELO makes sure the recipient offers a similar degree of protection and ensures that one of the following safeguards is in place: the data is transferred to countries that have been deemed to provide an adequate level of protection of personal data by the European Commission; and the transfer is made on the basis of Standard Contractual Clauses approved by the European Commission or International Data Transfer Agreement approved by Information Commissioner’s Office.

Your rights related to the processed data

Right of access by the data subject – You shall have the right to obtain confirmation as to whether or not your personal data are being processed, and, where that is the case, have the right to access to the personal data.

Right to rectification – You shall have the right to without undue delay the rectification of your inaccurate personal data.

Right to erasure (‘right to be forgotten’) – You shall have the right to obtain the erasure of your personal data without undue delay, if erasure is possible.

Right to restriction of processing –You shall have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions.

Right to data portability – You shall have the right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance.

Right to object – You shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data which is based on point (e) or (f) of Article 6(1), including profiling.

Automated individual decision-making, including profiling – You shall have the right to object to your personal data processing for direct marketing purposes at any time. This also applies to profiling in connection with direct advertising

Right to contact Regulatory Body/Agency – You shall have the right to bring a claim before your competent data protection authority.

If personal data processing is based on your consent, you have the possibility to revoke this consent at any time without giving reasons and with effect for the future.

You have the right to object to the processing of your personal data on grounds relating to your particular situation. The prerequisite for this is that data processing is based on a balance of interests. 

Additionally, you have the right not to receive discriminatory treatment from LELO for exercising an individual’s rights conferred by the applicable data protection laws.

For any questions and requests for access or deletion, please email us at privacy@lelo.com. If you make a request, we have one (1) month to respond to you. It is necessary to clearly state on which basis and through which channel you share your personal data with LELO so we can easily fulfil your request. Please note that LELO may ask for additional information to determine if you are authorized to submit a particular request.

Cookies

LELO uses certain online marketing tools, cookies, and similar technologies. For this reason, LELO process personal data of website visitors or people who clicked on our online ads with our business associates. These technologies may provide some identifiers, information about devices you utilize to access the website, and other information regarding your interactions with the website. For more information on what cookies are, how to manage cookies on this website and the types of cookies we use, please read our Cookie Policy.

No automated decision-making and profiling

LELO does not automatically process nor use techniques for profiling its users.

Children 

By placing an order at LELO, you declare that you are of the appropriate legal age to purchase the items. 

Our website is not directed at people under 18 years of age. We do not knowingly collect Personal Information from children under the age of 18. If you are a parent or guardian and believe your child has provided us with Personal Information, please contact us and we will take steps to delete such information from our systems.

Third-party personal data you share with us

In case you send personal data of third parties to LELO, you are responsible for ensuring an appropriate legal basis for any such sharing of third parties/data subjects. LELO might ask you to provide evidence that such personal data is shared on a lawful basis. LELO shall use its best efforts to ensure that third parties' personal data is processed, handled, and collected in the same manner as your own personal data. However, you are solely responsible for obtaining consent from third parties for the use and processing of their personal data. Additionally, it is your obligation to understand and abide by the applicable local data protection laws when you process and share personal data with LELO.

Questions or concerns

Should you have any questions regarding this Privacy policy or the protection of the personal data, please contact us via email at privacy@lelo.com. You can reach our Data Protection Officer at the same address for any questions or concerns about your personal data shared with LELO.

 

 

Recipients of personal data

LELO uses third-party service providers to pursue its legitimate interest in carrying out web analysis, improving your website experience, personalizing its offerings to you, and optimizing its services. These recipients of personal data are assorted into different categories based on their purpose of processing. Our service providers are located in the EU, UK or US and have gone through security checks to make sure that they can ensure an adequate level of personal data protection. 

 

Category of recipient

Purpose of the processing

Location of the recipient

Logistics and transport

Carrying out logistics and transport services to ensure your product arrives at your shipping address.

USA

Web analytics tools

Carrying out web analysis, improving your website experience, optimizing services and personalizing offerings to you.

USA

Mobile applications analytics tools

Carrying out analysis of mobile applications, measuring the success of such applications through the use of cookies and tracking your usage to provide statistical reports of the activity.

USA

Selection and recruitment process tools

Streamlining selection and recruitment processes.

EU

Marketing tools

Improving marketing operations and campaigns.

USA and EU

Communication tools

Managing and talking to our current or potential customers, partners or other interested parties, as well as improving automation of transactional and marketing email.

USA and EU

Intermediary payment providers

Processing payments and purchases made through LELO webpage.

USA and EU