Privacy policy

Data Controller

LumiSkin Lab — Carrer d'Antoninus Pius 210, Terrassa, B 08224, Spain

Email: contact@lumiskinlab.shop

Our Commitment

LumiSkin Lab is committed to protecting your personal data. As a business registered in Spain serving UK customers, we comply with both the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the EU General Data Protection Regulation (EU GDPR) where applicable.

Data We Collect

• Full name, email address, billing and delivery address

• Payment information (processed securely — we do not store card details)

• Phone number (if provided)

• Browsing behaviour and purchase history on our website

• IP address, device type, and browser information

• Communications you send to us

How We Use Your Data

• To process, fulfil, and deliver your orders

• To communicate about your order status and delivery

• To respond to customer service enquiries

• To send marketing communications (only with your explicit consent)

• To improve our website and customer experience

• To comply with legal and tax obligations

Legal Basis for Processing

We process your data on the basis of contractual necessity (to fulfil orders), legitimate interests (to improve our service), legal compliance, and consent (for marketing).

Data Sharing

We do not sell your personal data. We share data only with trusted service providers including Shopify, payment processors (PayPal, Klarna), and delivery couriers, solely to operate our business and fulfil your orders.

Your Rights

Under UK GDPR, you have the right to access, rectify, erase, or restrict processing of your personal data. You may also object to processing or request data portability. Contact us at contact@lumiskinlab.shop to exercise your rights.

Data Retention

Order data is retained for 7 years for legal and tax compliance. Marketing data is held until you withdraw consent or request deletion.

Cookies

Please refer to our Cookie & GDPR Policy for full details on how we use cookies.