Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Personal Data we collect
Personal data shared with LELO by accessing LELO website is used for the purposes of managing your relationship with LELO as well as better personalization of your experience and interaction with LELO, including customized advertising and offerings.
When you wish to create your account on lelo.com we will ask you for your email address, first name, last name and to specify your gender.
When you sign into your LELO account, we will ask you for your email address. If you wish to log in using Apple or Google accounts for login to lelo.com, we will ask for your account information for authentication.
When you place an order on lelo.com, we will ask you for your shipping address, first name, last name, company and company address (optional), shipping, and billing address, postal code, city, phone number and cardholder data.
When you sign up for our newsletter, we will ask you for your email address.
When you sign up for Volonté newsletter, we will ask you for your name and email address.
Lawful basis for processing Personal Data
Consent - In some situations we may ask you for your consent to process your Personal Data. If you provide your consent, we will process your Personal Data on the basis of such consent. You may withdraw such consent at any time. However, withdrawing your consent does not affect the lawfulness of any processing based on your consent before your withdrawal.
Legitimate interest - We process your Personal Data on the basis of our prevailing legitimate interest to provide services to you through our website or communicating with you. When collecting and processing of your personal data is based on LELO’s legitimate interest, we give our best efforts to ensure your fundamental rights and freedoms are not overridden by LELO’s interests.
Contract - If you engage with LELO on a contractual basis, LELO processes your Personal Data to fulfil its obligations under the contract.
Personal data processing operations
Use of the website
Data shared with LELO by accessing lelo.com is used for the purposes of managing your relationship with LELO as well as better personalization of your experience and interaction with LELO, customized advertising and offerings.
Contact forms and e-mail communication
LELO’s website contains Contact support forms through which you can reach our Support teams. To respond more efficiently, we may ask for some additional information when filling out the contact forms (including but not limited to e-mail address, phone number, country of residence). Depending on the type of inquiry, LELO will process the data expressly stated on the respective form to fulfil the purpose of replying to your request, optimizing our services, and informing you about LELO products. For these purposes, such data may be shared with third-party service providers such as Zendesk.
To process your personal data for the processes mentioned above, LELO pursues its legitimate interest in answering your inquiry.
Receiving LELO newsletters and direct marketing
If you provided your email to receive LELO newsletter and/or provided your name and email address to receive Volonté newsletter, we might have collected personal data contained within such email addresses.
When subscribed to our newsletters, you will receive emails with promotional communications, including emails about LELO products. For these purposes, such data may be shared with third-party service providers such as MailChimp and Omnisend.
Subscribing to LELO/ Volonté newsletter is voluntary (based on the consent you have given) and you can unsubscribe at any time. In such case you will no longer receive email notifications regarding LELO products and/or services and your personal data shall be anonymized and stored in an unsubscribed list for the period of five (5) years from the day of unsubscribing, based on our legitimate interest to provide facts on compliance steps we would need to take.
Managing online purchases
When you wish to purchase a product on lelo.com, we will process personal data you provided to us as part of your order. For the purpose of performing the contract, mandatory fields are marked as such for processing, analyzing and delivering your purchases, taking payments and making refunds and also, for fraud detection and prevention.
After complete processing of the contract, your personal data will be restricted for further processing and deleted after expiry of the retention periods under tax and commercial law.
We will forward your personal data to our logistics service providers within the scope required for the delivery of the ordered goods.
We may forward personal data to our service providers, which they will use for the purpose of fraud prevention and to optimize our payment processes.
This data is processed on the basis of LELO’s legitimate interest in carrying out a selection process - we need this information to be able to contact you and to check whether you are suitable for the position. After the selection process is finished, we will delete the submitted job applications. For these purposes, such data may be shared with third-party service providers such as TalentLyft.
When applying for a position at LELO, you are given the option to provide your consent for us to keep you in our candidate database for 12 months, and if a position that would suit your qualifications opens up in the future, we may contact you for a job interview.
Security of your data
Based on our legitimate interest to protect our employees, customers, business associates, and our property we might process personal data such as log files, IP addresses, traffic data, metadata, incident reports, data from data breaches.
To prevent unauthorized access or disclosure and to maintain data accuracy, as well as to ensure the appropriate use of such data, LELO utilizes all reasonable technical and organizational measures to protect your personal data, including but not limited to minimizing the processing of personal data, pseudonymization, and anonymization of personal data as soon as possible. Additionally, LELO continuously undertakes and upgrades different measures to ensure the highest standards for data privacy.
Although LELO uses best industry practice in keeping the data safely stored, LELO does not warrant that the undertaken safety, technical and organizational measures will be sufficient to fully protect your personal data against potential unauthorized access and use of your personal data. Moreover, to the maximum extent permitted by applicable law, LELO cannot guarantee the safety of your information when in the possession of other parties. However, if such an attempt is detected, we will notify you as soon as reasonably possible of a potential breach of the security measures directly to your contact address.
LELO will retain your personal data as long as it is required to fulfil the purpose of collection or for as long as the applicable law requires. We will delete your personal data when it is no longer required for the aforementioned processing purposes and no statutory retention obligations prevent deletion.
Personal Data sharing
LELO uses various tools, third-party service providers, plug-ins and other technologies to pursue its legitimate interest in carrying out web analysis, improving your website experience, personalizing and enhancing its offerings to you, optimizing our IT support, accounting, legal, HR, marketing and sales services. For this type of activities, we also engage affiliated LELO and Foreo companies. Affiliated company Lelo Adria d.o.o. has been engaged in the maintenance of our websites, support of the process of on-line sales, marketing, promotion, social networks, PR, and customer care services. We also use Zendesk services, as data processor, for chat and customer support. We send to all our customers automatic emails regarding their purchase through Mailchimp add-on.
LELO uses network operators and/or other communications service providers when this is necessary for the set-up of proper routing and connectivity.
LELO engages with third-party service providers to the extent strictly necessary for them to perform specific actions on our behalf. We may share personal data with our trusted and verified third-party service providers. Our service providers are located in the EU, UK or US and have undergone security audits to make sure that they can ensure an adequate level of personal data protection.
International data transfers
In some cases, our contractual partners also process data in countries outside the EEA. In order to ensure the protection of your personal rights also in the context of these data transfers, LELO makes sure the recipient offers a similar degree of protection and ensures that one of the following safeguards is in place: the data is transferred to countries that have been deemed to provide an adequate level of protection of personal data by the European Commission; and the transfer is made on the basis of Standard Contractual Clauses approved by the European Commission or International Data Transfer Agreement approved by Information Commissioner’s Office.
Your rights related to the processed data
As a user, you have the right to request information about what personal data LELO has stored about you and for what purpose this personal data is stored. In addition, you can correct incorrect personal data or have such personal data deleted if its storage is inadmissible or no longer necessary. If the legal requirements are met, you have the right to personal data portability and the right to restrict personal data processing. You also have the right to complain to a supervisory authority about the personal data processing that is taking place.
If personal data processing is based on your consent, you have the possibility to revoke this consent at any time without giving reasons and with effect for the future.
You have the right to object to the processing of your personal data on grounds relating to your particular situation. The prerequisite for this is that the data processing is based on a balance of interests.
You have the right to object to the processing of your data for direct marketing purposes at any time. This also applies to profiling in connection with direct advertising.
Additionally, you have the right not to receive discriminatory treatment from LELO for exercising an individual’s rights conferred by the applicable data protection laws.
For any questions and requests for access or deletion, please email us at firstname.lastname@example.org. If you make a request, we have one (1) month to respond to you. It is necessary to clearly state on which basis and through which channel you shared your personal data with LELO so we can easily fulfil your request. Please note that LELO may ask for additional information to determine if you are authorized to submit a particular request.
No automated decision-making and profiling
LELO does not automatically process nor use techniques for profiling its users.
LELO does not knowingly collect information from persons who are considered children by their local law. We encourage parents and guardians to take an active role in their children’s online and mobile activities and interests. Children below the age of 16 may provide their information only if a parent or guardian has given their consent to do so, in accordance with applicable law. If you have reason to believe that a child below the minimum age has provided personal data to LELO without the necessary consent, please contact us at email@example.com and we will use reasonable efforts to delete that data.
Third-party personal data you share with us
In case you send personal data of third parties to LELO, you are responsible for ensuring an appropriate legal basis for any such sharing of third parties/data subjects. LELO might ask you to provide evidence that such personal data is shared on a lawful basis. LELO shall use its best efforts to ensure that third parties' personal data is processed, handled, and collected in the same manner as your own personal data. However, you are solely responsible for obtaining consent from third parties for the use and processing of their personal data. Additionally, it is your obligation to understand and abide by the applicable local data protection laws when you process and share personal data with LELO.
Questions or concerns