Club Lyko Privacy Policy
Lyko Sverige AB is part of an international chain of hair care and beauty specialists who are passionate about beauty. We understand that you care about your privacy. So, this Privacy Policy describes the additional personal data processing that we perform when we provide you with our loyalty club “Club Lyko” via our website www.lyko.com or in our mobile application ("App").
For general information on how we process personal data for customers and visitors or when you as a member of our loyalty club “Club Lyko” make a purchase see our "Lyko Privacy Notice".
We take your privacy seriously and will update this policy from time to time in case we change the way we handle personal data.
Last revised: 2025-01-22
- This Privacy Policy describes how we, Lyko Sverige AB, org. nr: 556575-3018, Sveavägen 53, 113 59 Stockholm, Sweden, use your personal data when (a) we provide personalized offers and services to you as a member of our loyalty club “Club Lyko” and (b) you as a club member carry out bonus qualifying purchases on our website or in our Lyko App in accordance with our Purchase Terms ("our Services", the "Services").
- As a member of Club Lyko you gain access to general membership offers, a system that gives you further membership perks, and personal offers adjusted according to your specific purchase behavior, interests and preferences.
- Our loyalty program is available to everyone over 18 years of age. If you are under 18 years of age you are restricted to only using the services of the loyalty program in company of a parent or guardian.
- Our loyalty program is available via our website www.lyko.com or via our Lyko App. However, please note that some features of our loyalty program are only available on our website www.lyko.com and not in the Lyko App. For example, we offer some additional services such as Lyko Booking or our tests (see section 10) only on the website.
- This Privacy Policy describes how we process your personal data when you as a Club Lyko member use our Lyko App or when you visit our website www.lyko.com as a logged-in Club Lyko member.
- Our Lyko App is only available to members of our Club Lyko loyalty program.
- As we at Lyko are part of an international group of companies that share certain administrative systems, we may share your personal data with our subsidiaries for administrative purposes.
- If you have any questions about how we handle your personal data or want us to delete your account including your personal data, please contact us at privacy@lyko.com.
Last revised: 2025-01-22
CONTENT
- Introduction
- Our principles
- Personal Data which we collect
- How and why we use your personal information
- When and how we share your personal information with others
- More information and your rights
- Excluded
- Changes and updates to this policy
- Questions, thoughts and complaints
- Optional additional services
10.1 Lyko AI
10.2 Skin Test
10.3 Hair Test
10.4 Hair colour Test
10.5 Hair- & Beard Care Test
10.6 Makeup Test
10.7 Sex & Pleasure Test
10.8 AI Beauty Scan – Skin- and Hairtest
10.9 Lyko Booking
10.10 Lyko Social
1.1 This Privacy Policy for our loyalty program “Club Lyko” (the "Policy") explains how we, Lyko Sverige AB, org. nr: 556575-3018, with address at Sveavägen 53, 113 59 Stockholm, Sweden, email: fråga@lyko.se ("Lyko") handle the personal data of our Club Lyko members when they use our loyalty program via our website www.lyko.com or in our mobile application ("App"), and their rights regarding their personal data in accordance with the EU General Data Protection Regulation (GDPR).
1.2 This policy also contains terms and conditions for the tests offered to our Club Lyko members. We encourage our members to read these terms and conditions as our tests may process sensitive data. More information can be found in section 10.
1.3 If you do not accept our Terms and Conditions and confirm that you have read this policy, you will not be able to take advantage of our member offers and you will not be able to use our App as it is only available to our Club Lyko members.
1.4 You can shop in our web shop as a guest without being a member and the additional personal data processing which it entails. As a guest, you only need to provide the personal data necessary to complete your purchase and handle shipping. See our Lyko Privacy Notice, for the terms and conditions that apply to guests.
1.5 We at Lyko understand and acknowledge that privacy is an ongoing responsibility. We will therefore from time to time update this Privacy Policy as we undertake new personal data practices. You will be informed about such changes by publication on our website and in our App, via email or text message.
2.1 We will do our best to protect your integrity by using appropriate technical security solutions. This means:
- We will ensure that we have appropriate and adequate security measures in place to protect your information.
- We will ensure that every external partner we work with, who processes your personal data, has appropriate and adequate security measures in place.
- We will respect your integrity. You will only receive marketing (by e-mail, mail, text message or telephone) from us and from other organizations that we have chosen with care.
- We will be clear when you have the option to choose which services and mails you wish to take part of; for example, there are boxes that you can uncheck when you no longer wish to receive marketing from us or our partners. In some situations, we may still need to send you emails or text messages with information or questions regarding your membership.
- We will collect and use individual personal data only when we have your permission, or when we have legitimate reasons for the processing, such as to administer your membership.
- We will be clear with what information we collect about you and how we use it.
- We will use personal information only for the purposes for which it was collected, and we will ensure that the information is deleted in a secure manner.
2.2 If we at Lyko, or any of our partners, transfer any information to outside the European Union and the European Economic Area (EEA), this will only be done through the application of relevant security measures.
3.1 Introduction
3.1.1 Lyko collects personal data from you when you become a member in Club Lyko and use the loyalty program. This personal data can be divided into three main categories; personal data that you provide us with, personal data that becomes available to us when you use the Services and personal data that we obtain from other sources.
3.1.2 We do not resell your personal data to anyone, and we only share it with our service partners who help us provide the Services to you. With your consent, we may share your personal information with third parties for marketing purposes when you shop in our online store. Read more about this below under section 5.
3.2 Personal data that you provide us with
3.2.1 When you create a member account on our website or in our App , we will ask you to provide your email address and your phone number (voluntary). When registering your membership, you may also agree to receive advertising from our partner companies outside the Lyko group, and may accept that we send you advertising by sms and e-mail.
3.2.2 To be able to make a bonus qualifying purchase, you also need to provide your name, postal address and phone number. If you want to pay by invoice or partial payment, you will also need to provide your social security number. This information is necessary for us to be able to deliver products to you, as well as provide you with information about your orders.
3.2.3 After you have made a purchase as a Club Lyko member in one of our stores, you can participate in our customer satisfaction survey and submit your survey response.
3.2.4 If you take our skin/hair/hair colour/beard care/makeup/sex & pleasure test, you may share information about your health condition such as the presence of skin diseases and acne or about your sexual orientation. Such information is considered sensitive data which is a special category of personal data. Our processing of it is therefore based on your consent, which you provide to us with when ordering the test.
3.3 Personal data that becomes available to us when you use the Services
3.3.1 When you are logged in to your member account on lyko.com or use our App, we at Lyko will be able to take part of your preferences and your history at Club Lyko. We will be able to see which products and services you show interest in, what types of products you buy, and which products you put in your shopping cart but then remove from the shopping cart again. We will save and use this information for the purposes listed in section 4.
3.4 External sources
3.4.1 If you choose to pay your purchase later via an invoice by our payment service provider Qliro, we will collect the necessary information about you from Qliro to ensure that your purchase is completed. We will also collect the necessary information to ensure our protection in case of legal disputes.
3.4.2 If you use our App and choose to log in with your Apple or Google account, we will retrieve data such as your name and email address from your profile with the respective partner.
3.4.3 We will only process this personal data to the extent necessary to fulfil our purposes and will do so on the legal basis of our legitimate interests (Art. 6.1.f GDPR).
3.5 Your communication with Lyko
3.5.1 If you communicate with us via e-mail, mail, or any other form of communication, we may store this correspondence as well as including information (such as name, email address, contact information and all the personal information you provide in your message) and use it to answer or handle your case.
3.6 If you do not wish to provide us with your personal information
3.6.1 The processing of your personal data for the purposes explained in this Policy is a prerequisite for you to become a member of Club Lyko, and/or for you to make purchases with us. If you do not share this personal data, you will not be able to become a member in our customer club and receive offers and discounts, regardless of whether you accept the General Terms and Conditions or not.
3.6.2 If you want to shop in our webshop without becoming a member, you can do so by visiting our website as a guest. However, you cannot make a purchase without providing certain information that we need to complete the purchase. For more information about processing as a guest, please see the Lyko Privacy Notice.
4.1 We use information that we collect about our customers and users for four main reasons:
- To conduct our business and provide our members' club (including improving and customizing the services and products we offer),
- To provide personalized product recommendations tailored to you as a member,
- To send relevant communication, including promotions to you as a member; and
- To promote relevant services and display advertising, in our own channels (our Lyko App, our website) and on websites supported by advertising to our members, as well as
- To find new potential customers and thus expand our customer base.
For these reasons, we combine the data we collect to provide you as a member with a smoother, more consistent, and personalized experience. To enhance the protection of your privacy, we have built in technical and organizational safeguards designed to prevent certain combinations of data. Below you will find a list of each purpose of the processing of your personal data, and how these purposes are fulfilled.
4.2 Management of your membership and delivery of your bonus-qualifying purchased products
4.2.1 In order to deliver your bonus-based ordered products, we use your name and postal address, and in order to provide you with relevant information and to contact you regarding your orders, we use your telephone number and email address.
4.2.2 Information relating to your orders may include, for example, information about when your delivery has been dispatched from our warehouse, when it is available for collection at a pick-up point or any technical problems or delays.
4.2.3 We will also use your email address and phone number to inform you when you are about to lose your membership level, or when offers are about to expire. You can deactivate such types of news and information mailings at any time by going to Settings in your member account on lyko.com or in the App.
Legal basis: This processing is carried out to fulfil our contract with you, art. 6.1.(b) GDPR. We will also obtain your consent to the extent necessary under the Marketing Act (2008:486) when we send you marketing of products or services from other companies outside the Lyko group.
4.3 Management of membership levels for you as a Club Lyko member
4.3.1 To enable you as a member to access additional offers and discounts through different membership levels, we collect and store information about the purchases you have made as a Club Lyko member. The purchase history collected for this purpose includes which products you have purchased, article numbers and how many products you have purchased.
Legal basis: This processing is carried out to fulfil our contract with you under our loyalty program, art. 6.1.(b) GDPR.
4.4 Personalized services
4.4.1 Our products and services contain personalized features that automatically tailor your experience in our webshop and App based on our data about your activities, purchase history, popular stores, interests, shopping cart content, in combination with general information relevant for our product line and, where we have obtained your consent or are required by law or contract, your location. The data is analyzed and grouped with the support of our analytics function before selection, prioritization and planning of contacts with the customer/user in order to provide you with personalized services and offers of products and events that you may be interested in and that are suitable for your geographical location. The data is associated with one or more markers about the type of customization of web services and marketing communications directed to the user, so called personalization.
Legal basis: We carry out this processing to the extent necessary to fulfil our contract with you whithin which we provide you with discounts and personalized offers in our customer club in exchange for access to more information about you and your purchases in our physical stores and our online shop (art. 6.1.(b) GDPR), as well as for our legitimate interest in understanding our visitors and providing them with personalized and relevant content and offers (art. 6.1.(f) GDPR). As appropriate, we also ask for your consent to use cookies under the ePrivacy Directive (Swedish Electronic Communications Act).
4.5 Personal offers based on a combination of data
4.5.1 We collect and process information about your detailed purchase history at item level and your purchase behavior 12 months back, with the specific purpose of designing and offering you personalized discounts and offers based on what we think you are interested in. Here we combine data we have collected about you and your purchasing behaviour as exemplified above in section 4.4.
4.5.2 If you have accepted our additional service “Lyko AI” which provides you with personalised product recommendations, this service will, with your acceptance, also be given access to your data under this paragraph. Read more about how this works in section 10.1 below.
4.5.3 On “My Pages” / in your profile, you can choose to deactivate to receive these offers which are sent to you by email. On our websites or in the App, you will still receive offers based on your buying behavior. If you do not want us to make a connection between your purchase behavior and our offers, you must be logged out before using our services and use them via our website.
Legal basis: We carry out this processing to the extent necessary for the fulfilment of our contract with you to understand you as our customer and provide you with personalized and relevant content and offers (Art. 6.1.(b) GDPR). As appropriate, we also ask for your consent to use cookies under the ePrivacy Directive (Swedish Electronic Communications Act).
4.6 Marketing and advertising towards you as a Club Lyko member
4.6.1 We use the data you provide to our group companies when registering a member account, the data we collect when you make purchases and use our services via our website or in our App to provide you with relevant marketing and display advertising that you may be interested in when you visit our website or App and subscribe to our newsletters.
4.6.2 We also use your personal data to provide you with additional offers from companies in other industries when you shop in our webshop if you have given us specific consent to do so.
4.6.3 What you do when you are logged into your Club Lyko member account gives us at Lyko a picture of your preferences, and we want to be able to show you the products and services that we think you would be interested in. For this reason, we save and process information about which products and services you are looking at, which types of products you buy, and which products you add to your shopping card but then remove again. We may also send you adverts based on where you live, for example if we decide to open a new store in your area. Based on these different types of information, we will send advertising to your postal address, or with your consent to your email address and via SMS, and/or show you relevant advertising when you are visiting lyko.com or using the App. If you no longer wish to receive direct marketing via email or SMS, you can always go to the settings in your member account and opt out.
4.6.4 If you choose to refrain from receiving interest-based advertising, it does not mean that you will no longer see advertising on our website or in our App, but that the advertising that is displayed will not be tailored to you and therefore perceived as less relevant.
Legal basis: We carry out this processing to the extent necessary for our legitimate interest in marketing our own goods and services to our customers under Article 6.1(f) GDPR.
4.7 Customer satisfaction surveys for in-store purchases
4.7.1 If you make a purchase as a Club Lyko member in one of our stores, we may invite you via email to participate in our customer satisfaction survey regarding your purchase and delivery experience. In order to understand your engagement and satisfaction as a customer based on your relationship with us, we process additional personal data such as number of purchases, date of last purchase, how you choose to shop with us (via the website, in our App or in store) and your level of loyalty as a member.
Legal basis: We carry out this processing to the extent necessary for our legitimate interest to improve our services and develop our business based on the experiences and needs of our Club Lyko members (Art. 6.1(f) GDPR).
4.8 Transfer of personal data to our partners
4.8.1 When you make a purchase with Lyko, you can choose whether you want us to share your personal data with other companies, in order to receive offers for other products from companies in other industries. The personal data shared with third parties is your order ID and value, currency, "Mr/Mrs" information, name, email address, country and postcode. You can choose whether you want your personal data to be shared with third parties to take advantage of offers by giving your consent.
Legal basis: Based on your consent (Art. 6.1(a) GDPR), we share your order ID and value, currency, "Mr/Mrs" information, name, email address, country and postcode with partners outside the Lyko group.
4.9 Statistics and update of Club Lyko
4.9.1 Your buying behavior and purchase history also helps us to improve our member club. The data from your purchases helps us to see what kind of products popular, what kind of offers are most appreciated and used by our members, etc. We will use this information to improve and develop our existing products.
Legal basis: We carry out this processing as it is necessary for our legitimate interest (Art. 6.1.(f) GDPR) to improve our members' club and to develop our business. We rely on your consent to the use of cookies under the ePrivacy Directive as appropriate.
4.10 Target Audience Development for marketing
4.10.1 In order to make our marketing more effective and reach new customer groups similar to our customer club members, we may share your email address with our advertising partners outside the Lyko group. This means that new audiences are created who are similar to our existing customer club members (so-called ‘digital twins’) and who will see relevant Lyko adverts on the social media platforms. By creating these similar audiences, we can target more relevant and effective marketing campaigns to potential new customers and thereby expand the customer base of the business. By pseudonymising your email address, we ensure that your privacy is protected.
Legal basis: We use your email to the extent necessary for our legitimate interest to market our services effectively and thus be able to expand our customer base and offers we provide to our Club Lyko members (Art. 6.1(f) GDPR). You have the right to request a restriction of our processing of your data for this purpose by contacting our customer service.
4.11 Communication with you as a member using a combination of data
4.11.1 By providing your contact details, we can contact you if there are any problems with the Services or with your membership. In order for our customer service to provide good service, they will ask you to identify yourself, if you visit our App or website in logged-in mode, we will link information about you with your account details.
4.11.2 We may also send information and newsletters to your email address and via SMS. You will also be informed when you are about to lose your silver or gold membership level, or when offers are about to expire. You can deactivate news and information mailings at any time by going to Settings in your account on lyko.com or in your profile in the App.
Legal basis: To provide a good customer service, we process your data to the extent necessary to communicate with you. Our legal basis (art. 6.1(f) GDPR) is our legitimate interest in being able to answer your questions about our products and services.
In order to respond to your requests on your personal data and to help you exercise your rights, we will ask for your data so that we can identify you. Our legal basis is the fulfilment of the legal obligation (Art. 6.1.(c) GDPR) imposed on us by the GDPR.
4.12 Optionally: Advice on Skin/hair/hair colour/beard care/makeup/sex & pleasure
4.12.1 If you take our tests to help you find the right products, we will use your data to help you find suitable products. Please note that we only offer our tests on our website and not in the App. Read more about this additional service in section 10.
Legal basis: We process this data about you to the extent necessary to provide you with this advisory service you have ordered and to fulfil our contract with you (Art. 6.1.(b) GDPR), as well as based on your consent to the processing of any sensitive data concerning your health or sexual orientation (Art. 9 GDPR).
4.13 Optionally: Lyko Booking
4.13.1 As a Club Lyko member, you can choose if you want to activate Lyko Booking. Please note that we only offer Lyko Booking on our website and not in the App. Read more about this additional service under section 10.
Legal basis: This processing is carried out to provide you with the products and services you have ordered and to fulfil our contract with you, art. 6.1.(b) GDPR.
4.14 Optionally: Lyko Social
4.14.1 As a Club Lyko-medlem, you can choose if you want to activate Lyko Social. Read more about this additional service under section 10.
Legal basis: This processing is carried out to provide you with the products and services you have ordered and to fulfil our contract with you, art. 6.1.(b) GDPR.
4.15 Optionally: Lyko AI
4.15.1 As a Club Lyko member, you can choose to activate Lyko AI, which is our AI-assisted shopping assistant. Read more about this additional service under section 10.1.
Legal basis: This processing is carried out to provide you with the additional service you have ordered and to fulfil our contract with you under the Terms of Use (Art. 6.1.(b) GDPR).
4.16 Optionally: AI Beauty Scan – Skin- and Hairtest
4.16.1 As a Club Lyko Member, you can choose whether to activate AI Beauty Scan, which includes a skin- and hair test performed using artificial intelligence. Read more about this additional service in section 10.8.
Legal basis: This processing is carried out in order to provide you with the additional service you have ordered and to fulfil our contract with you under the Terms of Use (Art. 6(1)(b) GDPR).
4.17 Other purposes
4.16.1 If we intend to use personal data in any way that does not comply with this Policy, you will be informed about this use before, or at the time, when the personal data is collected. Alternatively, we will obtain your permission after collection but before such new use.
5.1 It may sometimes be necessary for us to share your information with other companies in our group or with companies that perform services on our behalf (such as hosting our servers or providing support services) so that we can provide you with our services.
5.2 we share information about you with others, we have ensured that these companies comply with our data protection requirements, and they are not allowed to use personal data they receive for any other purpose.
5.3 If we transfer your personal data to a third country, i.e. countries outside the EU/EEA, we will enter into agreements and take other measures in accordance with applicable legal requirements, such as using the European Commission's standard contractual clauses and additional safeguards, which ensure that your rights are protected.
5.4 In order to provide you with the Services via our website and App, we may share your personal information with our group companies and partners (i.e. companies we have hired to provide customer support, transport services of your goods, or help protect and secure our systems) who have been tasked by us to process your data on our behalf and in accordance with our instructions, this Policy and other appropriate privacy and security measures. When a purchase is made in our webshop, and with your consent, we also share personal data with our partners for marketing purposes in order to offer our customers interesting offers in other segments. We may also disclose personal data as part of a joint transaction, such as a merger or sale of assets.
5.5 When you enter your card details to pay for a purchase, we will share this payment information with banks and other companies that process such transactions or provide other financial services, as well as for fraud protection and security purposes.
5.6 Within the framework of Lyko Booking, which you can read more about in section 10, we will also share your personal data with our Lyko salons, as well as the external salons we cooperate with. We share your information in two ways:
- the information you provide when you book a treatment via Lyko Booking will be available to the salon that will perform the treatment, in order to administer your booking and perform your treatment.
- When you are in a Lyko salon, or one of our external partner salons, and you want to make a purchase or a booking within the framework of your Club Lyko membership, the hairdresser/stylist/treatment provider will be able to search for your name in Club Lyko, to verify that you are a member, so that you can access relevant discounts and offers through Lyko Booking. If you have chosen to make your hair journal public on My Pages in Club Lyko, the salon searching for your name will also be able to see it. You can choose to make a specific salon your home salon and choose to let only your home salon have access to your hair journal.
5.7 Finally, we may need to disclose or store your data when we consider it necessary to:
- comply with the law, legal process, government orders or court orders and to provide information to the police and other competent authorities;
- enforce our General Terms and Conditions, Terms of Purchase and/or other agreements;
- protect our customers, for example to prevent spam or fraud, or to facilitate the prevention of death or serious injury;
- manage and maintain the security of our products, including preventing or stopping an attack on our systems or networks; or
- protect the rights or property of Lyko, including enforcing the terms and conditions governing your use of the Services, but if we receive information that someone is using our Services to trade in stolen intellectual or physical property of Lyko, we will not investigate a customer's private content ourselves, but may refer the matter to the police.
5.8 When logging in to our website, reCAPTCHA may be used to maintain the security of our website. Read more about what this means here.
6.1 For more information on your rights, how we protect our members' personal data and how long we keep your personal data, please see our general Privacy Notice on our website.
7.1 Aggregated data
7.1.1 Aggregate data is collected and processed to monitor and evaluate user trends regarding the Services on the website and in the App. This means that information about your use of the Services is collected and anonymized in a way that means we can no longer link the information to you. We use this anonymous information about how our members use the Services for statistics, service improvement and product development of the Services. This information will be completely anonymous and does not constitute personal data. Such information may therefore be stored longer than your personal data.
7.1.2 Anonymization means that data that was once personal information is removed from what could link it to an individual, as well as separated from what could in the future allow this data to be reconnected to an individual. This processing of data is one step further than the pseudonymization process, which involves keeping certain information separate to make it more difficult to identify a person to whom the data is linked. Lyko will anonymize your personal data after 24 months of inactivity.
7.2 Third parties
7.2.1 This Policy does not apply to personal information that you provide to another user through the Services or when you otherwise use third party services such as messaging services and payment services.
7.3 Children
7.3.1 Lyko does not knowingly collect personal data from minors under 18 years of age. If you are under the age of 18, do not send personal information through the Services. We encourage parents and guardians to follow their children's internet use and to help enforce our personal data policy by instructing their children to never provide personal data through the Services without their permission. If you have reason to believe that a minor under the age of 18 has provided personal information to us via the Services, please email us at privacy@lyko.com and we will strive to remove that information from our databases.
8.1 We will update this privacy policy when necessary to reflect customer feedback and changes in our Services on our website and in our App. When a policy is updated, the date of the last update changes at the top of the policy and the changes are described in the “Change History”. If there are major changes in the policy or in how Lyko uses your personal data, you will be notified via notices on our website and/or in our App and/or e-mail before the changes take effect to the extent required by law. We encourage you to read this privacy policy from time to time so that you will stay informed about how Lyko protects your personal data and your privacy.
9.1 If you want to ask questions or if you have comments about this Policy and our security methods, please contact us at:
Lyko Sverige AB
Sveavägen 53
113 59 Stockholm
Sweden
+46 281-714 90
You are also welcome to contact our data protection officer at:
Sharp Cookie Advisors AB, Sofia Edvardsen
Box 45411
104 31 Stockholm
+46 20-10 40 25
We handle your case urgently and within statutory times.
10.1.1 In our App, we provide the service “Lyko AI” to you being a Club Lyko member. Lyko AI is an AI-powered shopping assistant that provides you with customised purchase recommendations and adds products to your shopping cart. In addition to how LYKO handles your personal data as a Club Lyko member, we provide you with the following information about how Lyko AI works:
- Based on the information you provide to Lyko AI about what you are looking for, your likes and dislikes, what you have put in your shopping basket, what you have previously purchased in our stores as well as verified product ratings on our product range, Lyko AI analyses our product range and recommends products that may be suitable for you.
- In addition to the data that you yourself provide to Lyko AI, the analysis will also use your profile data such as first name and country, details of what you are searching for, your brand preferences, your shopping basket, your purchase history over the last 12-month, as well as your search history within Lyko AI which is weighted together with information available on the internet being relevant to your searches and our product range. If you choose to provide us with additional information, it will be processed in accordance with this Privacy Policy.
- We use your UserID and email address to identify you when you start your communication with Lyko AI.
- In addition, we use your UserID which we link to all your personal data processed within this service in order to fulfil your rights.
- To enable this service, we use Microsoft Azure's OpenAI Service which we have installed on our servers in Sweden. If you choose to use the service, we will share data with our technology partner Microsoft, which takes place within Sweden. Data of a sensitive nature is excluded from the data sharing with Microsoft. We do not allow Microsoft to use the data we send to them to train their model. Microsoft Ireland Operations Ltd. is the data controller for the processing required to perform the analysis. For more information on how Microsoft processes your personal data for this purpose, please read more here.
- We keep your chat history for a rolling 12-month period. After that, the chat history is anonymised, which means that it cannot be linked to you as a person any longer.
Legal basis: As this is an additional service that you choose to use, we will process your personal data to fulfil our contract with you, according to Article 6.1.(b) GDPR. By using Lyko AI, you agree to the Terms of Use and Condition of this additional service and confirm that you have read this Privacy Policy.
10.2.1 On our website we provide a professional skincare test where you can get personalized feedback on how to find the right products for your skin. If you complete the test, Lyko will review your answers and get back to you with advice.
10.2.2 In order to take the test, you must be a member of Club Lyko. The personal data you provide us with when taking the test includes information about your skin condition, allergies, use of medicines and whether you have any diagnosed skin disease or conditions, which may be considered sensitive personal data (which is a special category of personal information). You may also provide information about your skincare brand preferences, age, gender and a photo of you. If you choose to provide us with additional information, it will be processed in accordance with this Privacy Policy.
10.2.3 Our processing of your personal data for conducting the skin test is based on your consent, which you can withdraw at any time.
Legal basis: As the data we need to carry out the test may constitute data of a sensitive nature, such as diseases, skin conditions or medication, we need your explicit consent, according to Article 9(2)(a) GDPR. When you want to take a test, you are given an opportunity to read and acknowledge that you have read and understood how and why potentially sensitive data may be processed. We will only process this personal data to the extent necessary for us to perform the skincare test service.
10.3.1 On our website we provide a professional hair care test where you can get customized feedback on how to find the right products for your hair. If you complete the test, Lyko will review your answers and get back to you with advice.
10.3.2 In order to take the test, you must be a member of Club Lyko. The personal data you provide us with when taking the test includes information about your hair, potential allergies or illnesses that may be considered sensitive personal data (which is a special category of personal information). You may also provide information about your preferences on hair care products and a photo of you. If you choose to provide us with additional information, it will be processed in accordance with this Privacy Policy.
10.3.3 Our processing of your personal data for carrying out the hair test is based on your consent, which you can withdraw at any time.
Legal basis: Since the data we need to perform the test may constitute data of a sensitive nature, such as illnesses, allergies, medication or previously performed medical procedures, we need your explicit consent, according to Article 9(2)(a) GDPR. When you want to take a test, you are given an opportunity to read and acknowledge that you have read and understood how and why potentially sensitive data may be processed. We will only process this personal data to the extent necessary for us to perform the hair test service.
10.4.1 On our website we provide a professional hair colour test where you can get tailored feedback on how to find the right products for your hair. If you complete the test, Lyko will review your answers and get back to you with advice.
10.4.2 In order to take the test, you must be a member of Club Lyko. The personal data you provide us with when taking the test includes information about your hair colour, allergies or otherwise sensitive scalp, which may be considered sensitive personal data (which is a special category of personal information). You may also provide information about your preferences on hair care brands and a photo of you. If you choose to provide us with additional information, it will be processed in accordance with this Privacy Policy.
10.4.3 Our processing of your personal data for carrying out the hair colour test is based on your consent, which you can withdraw at any time.
Legal basis: As the data we need to carry out the test may constitute data of a sensitive nature, such as illnesses, skin diseases, allergies or medications that may affect or be affected by certain colourants, we need your explicit consent, according to Article 9(2)(a) GDPR. When you want to take a test, you are given an opportunity to read and acknowledge that you have read and understood how and why potentially sensitive data may be processed. We will only process this personal data to the extent necessary for us to perform the hair colour test service.
10.5.1 On our website we provide a professional hair and beard care test where you can get customised feedback on how to find the right products for your style. If you complete the test, Lyko will review your answers and get back to you with advice.
10.5.2 In order to take the test, you must be a member of Club Lyko. The personal data you provide us with when taking the test includes information about your hair, potential beard and any allergies/sensitivities that may be considered sensitive personal data (which is a special category of personal information). You may also provide information about your preferences for hair and beard care products and a photo of you. If you choose to provide us with additional information, it will be processed in accordance with this Privacy Policy.
10.5.3 Our processing of your personal data for conducting hair and beard care tests is based on your consent, which you can withdraw at any time.
Legal basis: As the data we need to carry out the test may constitute data of a sensitive nature, such as allergies, medications and diseases, we need your explicit consent, according to Article 9(2)(a) GDPR. When you want to take a test, you are given an opportunity to read and acknowledge that you have read and understood how and why potentially sensitive data may be processed. We will only process this personal data to the extent necessary for us to perform the hair and beard test service.
10.6.1 On our website we provide a professional makeup test where you can get customized feedback on how to find the right products for your style. If you complete the test, Lyko will review your answers and get back to you with advice.
10.6.2 In order to take the test, you must be a member of Club Lyko. The personal data you provide us with when taking the test includes information about your makeup preferences, your skin condition, skin colour, allergies, and whether you have any diagnosed skin disease, which may be considered sensitive personal data (which is a special category of personal information). You will also provide information about your preferences on makeup brands, age and gender. If you choose to provide us with additional information, it will be processed in accordance with this Privacy Policy.
10.6.3 Our processing of your personal data for conducting makeup tests is based on your consent, which you can withdraw at any time.
Legal basis: Since the data we need to carry out the test may constitute data of a sensitive nature, such as allergies or skin diseases, we need your explicit consent, according to Article 9(2)(a) GDPR. When you want to take a test, you are given an opportunity to read and acknowledge that you have read and understood how and why potentially sensitive data may be processed. We will only process this personal data to the extent necessary for us to perform the makeup test service.
10.7.1 On our website we provide a professional sex & pleasure test where you can get customized feedback on how to find the right products for your pleasure. If you complete the test, Lyko will review your answers and get back to you with advice.
10.7.2 In order to take the test, you must be a member of Club Lyko. The personal data you provide us with when taking the test includes information about your sexual orientation, which may be considered sensitive personal data (which is a special category of personal information). You will also provide information about your pleasure preferences and gender. If you choose to provide us with additional information, it will be processed in accordance with this Privacy Policy.
10.7.3 Our processing of your personal data for conducting sex & pleasure tests is based on your consent, which you can withdraw at any time.
Legal basis: Since the data we need to perform the test may constitute data of a sensitive nature, such as sexual orientation, we need your explicit consent, according to Article 9(2)(a) GDPR. When you want to take a test, you are given an opportunity to read and acknowledge that you have read and understood how and why potentially sensitive data may be processed. We will only process this personal data to the extent necessary for us to perform the Sex & Pleasure test service.
10.8.1 In addition to the tests described in the previous sections, we also provide the optional additional service ‘AI Beauty Scan’ in the Lyko app. AI Beauty Scan includes a skin and a hair test that provides you with a customised test result with product recommendations performed using artificial intelligence. The test result is not reviewed by our beauty experts. AI Beauty Scan is therefore slightly simpler compared to our tests described in the previous sections. The result is not used to provide additional input to our additional service Lyko AI but is only saved in your member account.
10.8.2 Purpose: Based on your selected response options, AI Beauty Scan analyses our product range and product ratings to generate recommendations tailored to your needs and preferences. The purpose is to provide personalised and relevant product suggestions that improve your experience at Lyko.
In addition to this, your anonymised test results are also used to improve the quality and performance of AI Beauty Scan. This is done by analysing aggregated and anonymised data in Sweden to continuously develop and train our model, so that it can better meet user expectations and deliver even more accurate recommendations. No information that can be directly linked to you as an individual is used in this development work.
10.8.3 Categories of personal data: We process the following personal data when you complete the tests. We use your UserID and email address to identify you when you start a test so that we can make your test result available to you in your Club Lyko account. In order to provide you with a test result with recommended products available in your market/country, we share the test questions consisting of yes and no answers, no free text answers, your chosen answer options and your country with the AI service. In addition, we link your UserID to the information processed within this service in order to fulfil your rights.
10.8.4 No health data is processed: AI Beauty Scan tests do not include questions or answer options that could involve the processing of health or other sensitive data under Article 9 of the GDPR, such as data about your skin or hair health. The tests are designed to include only general questions that cannot be considered to reveal or give clues to someone's health status. Lyko has also taken technical and organisational measures to ensure that no indirect conclusions about your health can be drawn from your answers.
We would like to emphasise that the AI Beauty Scan is a simplified service aimed at providing product recommendations based on general preferences. If you have specific skin or hair concerns, such as acne, eczema or allergies, are pregnant or breastfeeding, or if you would like personalised expert advice, we recommend using our manual hair or skin tests. These are reviewed by our skin and hair experts at Lyko, who will get back to you with personalised advice and recommendations.
10.8.5 Legal basis for the performance of a contract (Article 6(1)(b) GDPR): The processing of your personal data is necessary for us to fulfil our contract with you and provide the service AI Beauty Scan. This service includes not only providing personalised product recommendations based on your response options but also ensuring and continuously improving the quality and performance of the service.
In order to provide a service of the highest quality, it is part of the function of the service that we anonymously analyse and use the test results to develop the AI service's ability to provide even more relevant and accurate recommendations. This is part of the value we deliver to you as a customer by constantly improving the accuracy and user experience of the service. This processing is done in a way that ensures that no data that can identify you is used in quality improvement efforts.
The test results are not used to improve the Lyko AI shopping assistant, or other targeted marketing to you, but are only included in your member account for your information.
By using the AI Beauty Scan service, you agree to the additional service's terms of use, which include this necessary processing to ensure the quality and performance of the service.
10.8.6 Technology Partners: To enable this service, we utilise OpenAI's language models via API integrations that handle information in the US. If you choose to use AI Beauty Scan, we will share the test questions, your selected answers, and your country with OpenAI in the United States based on a data processing agreement and under the protection of EU Commission's specific Standard Contractual Clauses. We have also put in place additional safeguards to protect your privacy by not allowing OpenAI to use the data we share with them to train their AI model or for any other own purpose. OpenAI deletes the data at their end after the test is completed. They thus act solely on our instruction and follow our agreement.
10.8.7 Storage and deletion: We save your test result with product recommendations for 24 months in your Club Lyko account. After that, we anonymise the result, which means that it can no longer be linked to you as a person.
10.8.8 Other terms and conditions: For more information about Lyko's processing of personal data and how you can exercise your rights, see the other sections of Club Lyko's Privacy Policy.
10.9.1 As a member of Club Lyko, you can book treatments at our carefully selected partner salons, through our additional service Lyko Booking that we offer on our website. Our Lyko salons are owned and operated by the group company Lyko Sverige AB, and the external partner salons are operated by different external companies - which company depends on which salon you book with. When you share your personal data with us at Lyko Sverige AB within the framework of Lyko Booking, these personal data is handled by us at Lyko Sverige AB, as well as the company that operates the salon you book a treatment at, i.e. Lyko Sverige AB or the company that operates the external salon you book at.
10.9.2 When we process your personal data within the framework of Lyko Booking, we at Lyko Sverige AB, as well as the company that runs the salon at which you book a treatment, are jointly responsible for your personal data, as we jointly determine the purpose and means of personal data processing. This means that we as data controllers will work together to ensure that your rights under section 6 above are met and you can always turn to us with your questions.
10.9.3 If you book a treatment and agree to the Lyko Booking terms and conditions, we at Lyko will register and save:
- which treatment you book
- when the treatment is performed,
- at which salon you enjoy the treatment,
- which products you purchase in the salon if payment is made through your membership in Club Lyko, and
- which hairdresser/stylist/other performed the treatment.
10.9.4 We do this for the purpose of being able to offer targeted relevant direct marketing to you, based on the treatments you have had. As a member of Club Lyko, we will also offer you personalized special offers based on the treatments you have booked. For example, if you book a haircut and coloring through Lyko Booking, we may send you an offer for discounted color treatments afterwards, as we think this may be something you are interested in. You will have access to your own hair journal, where previous treatments will be listed. You can choose to make this hair journal public to your Lyko Social contacts, if you use Lyko Social. The salons at which you carry out treatments will under certain conditions, as described in section 5 above, gain access to your hair journal, in order to provide you with relevant advice and assistance in the best possible way.
Legal basis: We process this personal data about you to the extent necessary to fulfill our contract with you (art. 6.1.(b) GDPR).
10.10.1 As a member of Club Lyko, you have the possibility to use our additional service Lyko Social on our website and in our App.
10.10.2 Lyko Social is a social media platform for you who love hair and beauty, where you have the opportunity to comment and rate salons, treatments and products, and create a profile where you can upload photos, videos and reviews of products and treatments that you have opinions about. You can also comment on other members' photos, videos and reviews.
10.10.3 When you become a member of Club Lyko, you have a private profile from the start. This means that your profile is not searchable for others. When you start using Lyko Social, for example by liking something, commenting, asking questions about a product, uploading a picture or writing a post, the Lyko Social service will be activated. This means that your profile becomes searchable and that other users can click on your profile by clicking on your username if you, e.g. wrote a comment somewhere.
10.10.4 After activating the Lyko Social service, as described above, you have the possibility to choose to have a private profile again. However, this only means that you are not searchable. If you comment or like something, this will be visible to other users, who will then be able to click on your profile.
10.10.5 When you use the additional service Lyko Social, you accept that Lyko receives a perpetual license for your comments, ratings, reviews, photos and videos that you post and share on Lyko Social, about various products, treatments and services. This means that everything you share on Lyko Social may be used for marketing purposes by Lyko, including your name. If we ever want to use something you post or share, which includes a picture or film where your person can be distinguished (for example, your face), we will ask for your express permission.
Legal basis: We process this personal data about you to the extent necessary to fulfill our contract with you (art. 6.1.(b) GDPR).