PRIVACY POLICY

Last updated: April 2026

Luxolott ("we", "our", "us") respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR — EU Regulation 2016/679).

Data We Collect

When you use our website or make a purchase, we may collect: identification data (full name, email, phone number), shipping data (delivery address), payment data (securely processed by our payment provider — we do not store credit card information), and browsing data (IP address, browser type, pages visited, cookies).

Purpose of Processing

We use your personal data to process and deliver your orders, send purchase confirmations and shipping updates, provide customer support, send marketing communications (only with your prior consent), comply with legal and tax obligations, and improve the browsing experience on our website.

Legal Basis

The processing of your data is based on contract performance (order processing), consent (marketing and non-essential cookies), legitimate interest (website security and fraud prevention), and legal obligation (tax and accounting requirements).

Data Sharing

Your data may be shared with payment processors, logistics and shipping companies, analytics tools (Google Analytics and similar), and public authorities when required by law. We do not sell, rent, or share your personal data with third parties for marketing purposes without your consent.

Cookies

We use cookies to improve your experience on our website. You can manage your preferences at any time through the consent banner. We use essential cookies (cart, login), analytics cookies (browsing behavior), and marketing cookies (relevant advertising).

Your Rights

Under the GDPR, you have the right to access your personal data, rectify incorrect or incomplete data, request deletion of your data ("right to be forgotten"), restrict processing, data portability, object to processing, and withdraw consent at any time.

To exercise any of these rights, contact us at support@luxolott.shop. We will respond within 30 days.

Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this policy, or as required by law.

Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or destruction.

You also have the right to lodge a complaint with the data protection authority in your country.