Privacy policy

Welcome to our website! We are pleased about your visit on the website of L.A.B. Cosmetics GmbH & Co. KG (hereinafter "L.A.B. Cosmetics" or "we").

In this privacy statement, we provide comprehensive information about the processing of your personal data by L.A.B. Cosmetics in connection with our website, www.daytox.de, and inform you about your rights. The Privacy Policy is supplemented by our Cookie Policy.

We place the highest value on the protection of your data. We therefore comply with all relevant data protection regulations and constantly strive to optimise data protection.

1. responsible person
DAYTOX is a trademark of L.A.B. Cosmetics. Responsible for the processing of your personal data is therefore L.A.B. Cosmetics GmbH & Co. KG, Friesenweg 4 (Haus 14), 22763 Hamburg. Further information can be found in our imprint.

2. personal data
Personal information is information that relates to an identified or identifiable individual, such as your name, e-mail address, telephone number, postal address or IP address of your computer.

3. operation of the website
We process your personal data in order to be able to offer you the best possible offers and information on this website, tailored to your needs wherever possible, and in order to make your visit to our website as informative and profitable as possible. Unless otherwise stated in the following regulations, the legal basis for the associated data processing is Art. 6 Para. 1 f) of the Data Protection Basic Regulation (DSGVO), i.e. a weighing of interests based on our legitimate interest in offering you the most attractive website possible.

4. processed data

4.1 Data entered by you
For the purposes described in this Privacy Policy, L.A.B. Cosmetics may process any data you provide to us. This may include, for example, data that you entrust to us as part of an order process, a contact or with your consent.

4.2 Automatically collected data
We process the following data in order to be able to provide you with the appropriate information on the website:

  • The address of the page of our website you have visited
  • The address of the website you visited immediately before (the so-called "referrer")
  • Date and time of your visit
  • The characteristics of your terminal device, in particular the operating system, the browser used and the window size of your browser
  • The IP-Adress of your terminal device on the Internet
  • Randomly assigned identification numbers that we store on your terminal device. This identification number enables us to recognize your device on the website. Technically, these identification numbers are stored in so-called cookies or eTags.
  • Device IDs that consist of individual characteristics of your mobile device. We can also use these device IDs to recognize your mobile device on the website. Examples of such device identifiers are
    • The „Ad-ID“ of the Apple operating system iOS
    • The "Advertising ID" of the operating system Android

4.3 Conclusion of contracts
We process your personal data on the one hand when you create your personal user account or when you order products via our website. Unless otherwise stated in the following regulations, the legal basis for the data processing associated therewith is Art. 6 Para. 1 b) DSGVO (Contract Performance).

5. purposes of data processing

5.1 DAYTOX user account
We offer you the possibility to set up a user account. This opens different possibilities for you, e.g. • Accelerated order process • Viewing and following orders • Storing several shipping addresses and facilitates a convenient purchase in our online shop. In addition to your personal information, you can also store your credit card details or PayPal data in the user account. You can update this information at any time in the personal area of your user account ("My Account"). To set up your personal user account, we need your first and last name, address and a telephone number. You will also need to provide your email address and a password of your choice. The e-mail address you enter also serves as the access code for the user account. After successful registration you will automatically receive a confirmation e-mail. In this way, the user concludes the contract for the provision of the user account with us. Of course, you can terminate your contract for the provision of the user account at any time and without giving reasons. The easiest way to do this is by sending an informal email to service@daytox.de. The legal basis for the associated data processing is Art. 6 Para. 1 b) DSGVO (Contract fulfilment).

5.2 Processing of orders in our online shop
As far as you order products in our online shop, the processing of your personal data serves the conclusion and the execution of the contract as well as the handling of your order including payment and delivery. The legal basis for the above data processing is Art. 6 Para. 1 b) DSGVO (German Data Protection Act) (fulfilment of contracts for the execution and handling of contracts).

Once you have selected the payment service provider, you will be asked for the data required for the use of the respective payment service provider. This payment information is forwarded directly to the respective payment service provider and is not stored by us. We store the billing and (possibly different) delivery address data provided by you in your user account so that you do not have to enter them again the next time you make a purchase. You can change this data at any time for the future. If you do not agree with the payment method(s) offered to you, you can inform us of this in writing by letter or by email to service@daytox.de. We will then review the decision taking into account your point of view.

We delete your personal data processed in the context of orders at the latest after the expiry of statutory warranty periods, unless this is contrary to statutory storage obligations.

5.3 Newsletter
We offer all users of our website or all customers and interested parties to receive a newsletter. When creating a user account, you can register for our newsletter with your e-mail address. Subsequently, you will receive an activation link to the e-mail address provided, which you must visit to complete the registration process. In this way you agree to receive the newsletter (double opt-in procedure).

You can revoke your consent at any time and without giving reasons. The easiest way to do this is to click on the "unsubscribe" link, which can be found in every newsletter. The legal basis for the data processing associated with this is Art 6 para. 1 a) DSGVO in conjunction with your consent.

After you have been removed from the newsletter distribution list, your e-mail address may be stored in a blacklist by us or the newsletter service provider to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in compliance with the legal requirements when sending newsletters (legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

If you order a newsletter, we would like to point out that it contains a so-called tracking pixel, also called a web beacon. With the help of this pixel-code we can evaluate whether and when you have read our newsletter and whether you have followed any links contained in the newsletter. In addition to other technical data, such as the data of your computer system and your IP address, the data processed in the process is stored so that we can optimise our newsletter offer and respond to the wishes of our readers. The data is thus used to improve the quality and attractiveness of our newsletter offer. The legal basis for the analysis is Art. 6 Para. 1 f) DSGVO (balancing of interests, based on our legitimate interest in statistically recording the acceptance of and interest in our newsletter and continuously improving the content of our newsletter). You can object to this form of evaluation at any time, e.g. by sending an e-mail to service@daytox.de.

Use of Drip

We use the services of Drip to send our newsletter. The provider is Drip, Inc. 700 Van Ness Ave, Suite 221, Fresno, CA 93721. Drip is a service that serves, among other things, to organize and analyze newsletters.

If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), these data will be stored on Drip's servers in the USA. With the help of Drip we can analyse our newsletter campaigns. When you open an e-mail sent with Drip, a file contained in the e-mail (so-called web-beacon) connects to the servers of Drip in the USA. This allows us to determine if a newsletter message has been opened and which links have been clicked on, if any. Technical information is also collected (e.g. time of access, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for statistical evaluation of newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to the interests of the recipient.

If you do not agree with an analysis by Drip, please unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter message and you can also send an e-mail to service@daytox.de.

The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing to the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from Drip's servers after you unsubscribe from the newsletter. Data that has been stored for other purposes (e.g. e-mail addresses for the member area) remains unaffected.

Further details can be found in Drip's privacy policy at https://www.drip.com/privacy

Conclusion of a Data-Processing-Agreement

We have concluded a so-called "Data-Processing-Agreement" with Drip, in which we commit Drip to protect the data of our customers and not to pass them on to third parties.

5.4 Contact via e-mail
If you send us enquiries by e-mail, we process the information you provide, including your contact details, in order to process the enquiry and reply to it.

The legal basis for this is Art. 1 b) DSGVO (performance of contract - the processing of your data is necessary for the fulfilment of the agreement on the answering of questions or concerns) or Art. 6 para. 1 f) DSGVO (weighing of interests - based on our interest in processing enquiries from users of our website). Following the processing of your request, we will delete your data.

6. contents of third parties

6.1 General information
The Internet lives on connections. For this reason you will not only find our own content on our website. We have also included third party content to make our website better. If you call up one of our pages with such third-party content, your browser establishes a direct connection to the servers of the respective provider and retrieves the content there in order to display it to you

6.2 Google Fonts
Specifically, we use Google Fonts to display text on this website (see https://fonts.google.com/). Provider of the Google Fonts is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA ("Google"). The fonts are loaded directly from your web browser into a local cache. They can then be used to display text on this website, and possibly on other websites that use the same fonts (which speeds up loading if the font is already loaded into the cache). If your web browser does not support Google Fonts or does not allow access to Google Fonts, your browser will attempt to display the text in a default font. When loading Google Fonts, your browser communicates directly with Google's servers in the U.S., where your browser can collect the appropriate font data retrieval. There is currently no EU Commission decision that the US generally offers an adequate level of data protection. However, Google has submitted to the EU-U.S. Privacy Shield Framework, which provides appropriate and reasonable safeguards. Further information on this can be found here: https://www.privacyshield.gov/welcome Google's Privacy Policy explains how Google uses and processes your data: https://policies.google.com/privacy?hl=de The legal basis for the integration of third-party content described above is Art. 6 (1) (f) DSGVO (Weighing of interests - based on our interest in presenting interesting content to users of this website in a technically efficient manner).

7. Hotjar
We use Hotjar to better understand the needs of our users and to optimize the offerings on this website. Hotjar's technology helps us better understand our users' experiences (e.g. how much time users spend on which pages, which links they click, what they like and dislike, etc.) and helps us tailor our offerings to our users' feedback. Hotjar uses cookies and other technologies to collect information about the behavior of our users and their devices (including, but not limited to, the IP address of the device (collected and stored only in an anonymous form), screen size, unique device identifiers, information about the browser used, location (country only), preferred language for viewing our website). Hotjar stores this information in a pseudonymous user profile. The information will not be used by Hotjar or by us to identify individual users or merged with other information about individual users. The legal basis is Art. 6 para. 1 sentence 1 lit. f DSGVO. Further information can be found in Hotjar's privacy policy: https://www.hotjar.com/legal/policies/privacy

You may opt out of Hotjar storing a user profile and information about your visit to our website and Hotjar setting tracking cookies on other websites via this link: https://www.hotjar.com/legal/compliance/opt-out

8. use of external service providers
For the operation of our website, we commission external service providers with data processing (e.g. for the storage of data in computer centres). If necessary, these service providers also process personal data. The service providers are carefully selected and monitored by us. They process the data exclusively in accordance with our instructions and are also bound by this data protection declaration.

9. storage duration
L.A.B. Cosmetics will only store personal data for as long as is necessary to achieve the purposes stated here or as required by law. Unless otherwise described herein, the data provided by you within the meaning of Clause 4.1 will therefore be deleted at the latest after the expiry of any retention periods under commercial and tax law after 6 years.

10. contradiction
If data is processed on the basis of Art. 6 Para. 1 lit. f (data processing to safeguard legitimate interests), you have the right to object to the processing at any time. You can send us an email to service@daytox.deto declare your objection.

11. your rights
You have the following rights against L.A.B. Cosmetics with regard to your personal data: • right of access, • right of rectification or cancellation, • right to limit processing, • right to transfer data. You also have the right to complain to a data protection authority about the processing of your personal data by us.

12. questions
You can contact us with general questions or suggestions regarding data protection.
Our contact data:
L.A.B. Cosmetics GmbH & Co. KG
Friesenweg 4 (House 14)
22763 Hamburg
Email: info@daytox.de