- As a member of Club Lyko you gain access to general membership offers, a system that gives you further membership perks, and personal offers adjusted according to your specific purchase behavior, interests and preferences.
- Our loyalty program is available to everyone over 18 years of age. If you are under 18 years of age you are restricted to only using the services of the loyalty program in company of a parent or guardian.
- As we at Lyko are part of an international group of companies that share certain administrative systems, we may share your personal information with our subsidiaries, for administrative purposes.
- If you have any questions about how we handle your personal information, please contact us at firstname.lastname@example.org
Last revised: 06/17/2022
Last Modified: 06/17/2022
- Our principles
- Collected personal information
- How and why we use your personal information
- When and how we share the information with others
- Your rights
- Security measures regarding your information
- Retention of personal data
- Changes and Updates to this Policy
- Questions, thoughts, and complaints
- Additional services
History of change
Lyko Online AB, org. nr: 556740-9502, Äppelbovägen 60, 786 90 Vansbro, email: email@example.com (”Lyko”) provides the website lyko.com, or domain as we assign, where you can make purchases of our products in our web shop according to our Terms of Purchase and that you can become a member of our loyalty program ("Services").
Lyko offers general membership offers and personal membership offers on selected products, as well as the opportunity to gain access to discounts, to you who have registered and become a member of Club Lyko.
This Privacy and Personal Data Policy (the "Policy") explains Lyko's handling of our customers´ personal data when making purchases on lyko.com, and our Club Lyko members´ personal data when using our loyalty program, as well as their rights regarding their personal data in accordance with the EU: s Data Protection Regulation (GDPR). This Policy is therefore aimed at you who are a member of Club Lyko, and you who, without necessarily being a member of Club Lyko, make purchases on lyko.com.
We at Lyko notes and are aware that the handling of your privacy and your personal data is an ongoing responsibility, which is why this Policy will be updated when our handling of your personal data is updated. You will be informed of these changes via publication on this website, e-mail or text message.
2. Our principles
We will do our best to protect your integrity by using appropriate technical security solutions. This means:
- We will ensure that we have appropriate and adequate security measures in place to protect your information.
- We will ensure that every external partner we work with, who processes your personal data, has appropriate and adequate security measures in place.
- We will respect your integrity. You will only receive marketing (by e-mail, mail, text message or telephone) from us and from other organizations that we have chosen with care.
- We will be clear when you have the option to choose which services and mails you wish to take part of; for example, there are boxes that you can uncheck when you no longer wish to receive marketing from us or our partners. In some situations, we may still need to send you emails or text messages with information or questions regarding your membership.
- We will collect and use individual personal data only when we have your permission, or when we have legitimate reasons for the processing, such as to administer your membership.
- We will be clear with what information we collect about you and how we use it.
- We will use personal information only for the purposes for which it was collected, and we will ensure that the information is deleted in a secure manner.
If we at Lyko, or any of our partners, transfer any information to outside the European Union and the European Economic Area (EEA), this will only be done through the application of relevant security measures.
3. Collected personal information
Lyko collects personal information from you when you use the Services. This personal information can be divided into two categories; personal information that you provide us with, and personal information that becomes available to us when you use the Services.
We do not resell your personal information to anyone and we only share it with our service partners who help us provide the Services to you. With your permission, we may share your personal information with third parties for marketing purposes when you shop in our online store. Read more about this below under section 5.
Personal information that you provide us with
When you create a member account, we will ask you to provide your email address. To be able to make a purchase, you also need to provide your name, postal address and telephone number. If you want to pay by invoice or partial payment, you will also need to provide your social security number. This information is necessary for us to be able to deliver products to you, as well as give you information about your orders.
Personal information that you make available to us when you use the Services
When you are logged in to your member account on lyko.com, we at Lyko will be able to take part of your preferences and your history at Club Lyko. We will be able to see which products and services you show interest in, what types of products you buy, and also which products you put in your shopping cart but then remove from the shopping cart again. We will save and use this information for the purposes listed in section 4. When you make purchases as a visitor, without being a member, we will have access to your buying behavior on our website.
Your communication with Lyko
If you communicate with us via e-mail, mail, or any other form of communication, we may store this correspondence as well as including information (such as name, email address, contact information and all the personal information you provide in the message) and use it to answer or handle your case.
If you do not wish to give us your personal information
The processing of your personal data for the purposes explained in this Policy is a prerequisite for you to be able to become a member of Club Lyko, and / or for you to be able to make purchases with us. If you do not share this personal information, you do not have the possibility to become a member of our customer club and receive offers and discounts, regardless of whether you accept the General Terms or not. You also do not have the opportunity to make a purchase without entering certain information that we need to be able to complete the purchase.
4. How and why we use your personal information
We use information that we collect about our customers and users for four main reasons:
- To conduct our business and provide (including improve and adapt) the services and products we offer
- To provide personalized services tailored to individual users
- To send communication, including campaigns to our customers and users
- To market services and display advertising, in our own services and websites supported by advertising
For these reasons, we combine the data we collect to give you a smoother, more consistent, and personalized experience. To improve the protection of your privacy, we have built in technical and organizational protections that are designed to prevent certain combinations of data. Below you will find a list of each purpose for the processing of your personal data, and how these purposes are fulfilled.
Management of your membership and delivery of your purchased products:
To be able to deliver your ordered products, we use your name and postal address, and to be able to provide you with relevant information, and to be able to contact you, regarding your orders, we use your telephone number and your e-mail address. Information regarding your orders may, for example, include information about when your delivery has been sent from our warehouse, when it is available to pick up at the delivery point or any technical problems or delays. We will also use your e-mail address and telephone number to send you newsletters about the Services. Lyko will also inform you when you are losing your membership level, or when offers are expiring. You can deactivate such types of news and information mailings at any time by going to Settings in your membership account on lyko.com.
Processing of payment and simplification of payment:
You have the opportunity, when you fill in your payment information for a purchase, to save this information. This means that you do not have to fill in your payment information every time you make a purchase, which will make your shopping experience with Lyko easier and smoother. If you choose to save your payment details, these are stored in a secure database. You can also change or delete this information at any time, and they will then disappear from our systems.
Management membership levels for you as a Club Lyko member:
In order for you as a member to be able to access additional offers and discounts through different membership levels, we collect and save information about the purchases you have made as a Club Lyko member. The purchase history collected for this purpose includes which products you purchased and how much you spent on purchases.
If our products and services contain customized features that automatically tailor your experience based on our information about your activities, purchase history, interests and, where we have obtained your consent or have the support of law or agreement, also your position. The information is analyzed and grouped with the support of our analysis function before selection, prioritization, and planning of contacts with the customer / user so that you get personalized services and offers that you may be interested in. The data is linked to one or more markers on the type of adaptation of web services and marketing communication aimed at the user, so-called personalization.
We collect and process information about your purchase history and your buying behavior, with the specific purpose of designing and offering you personalized discounts and offers based on what we think you are interested in. On My pages, you can choose to deactivate these offers. On our websites, you will still receive offers based on your buying behavior.
Marketing and advertising:
We use data you provide to our companies when registering a member account, data we collect when you make purchases and use our services and websites to provide you with relevant marketing and display advertising that you may be interested in when you visit our websites and subscribe to our newsletters. We also use your personal information in order to provide you with offers from companies in other industries when you shop in our web store, if you give your explicit permission.
What you do when you are logged in to your Club Lyko member account gives us at Lyko a sense of your preferences, and we want to be able to show you exactly the products and services that we think you would have been interested in. Due to this, we save and process information about what products and services you are looking at, what types of products you buy, and what products you bring to checkout but then remove at checkout again. We may also send you advertising based on where you live, if we e.g. choose to open a new store in your area. We will, based on these different types of information, send advertising to your e-mail address, your postal address, or via SMS, and / or show you relevant advertising when you are on lyko.com. If you do not want to receive direct marketing via e-mail, or SMS, you can always go to Settings and deselect this.
If you choose to refrain from receiving interest-based advertising, it does not mean that you will no longer see advertising on our websites, but that the advertising that is displayed will not be tailored to you and therefore perceived as less relevant.
Transmission of personal information to third party
When you make a purchase at Lyko, you can choose if you allow us to share your personal data with other companies for you to receive product offers from companies in other fields. The personal information shared with third parties are: the id and value of your order, currency, title (Mr./Mrs.), name, email address, country and zip code. You can choose if you want your personal information to be shared with third parties and receive offers by giving your permission.
Statistics and update of the Services:
Your buying behavior and your buying history also help us to improve the service. The information from your purchases helps us to see what type of products are popular, what type of offers are most appreciated and used by our members, etc. We will use this information to improve and develop our existing products.
Communication with you as a member:
By entering your contact information, we can contact you if there are any problems with the Services or with your membership. We may also send information and newsletters to your e-mail address and via SMS. You will also be informed when you are about to lose your silver or gold membership, or when offers are about to expire. You can deactivate news and information mailings at any time by going to Settings in your account at lyko.com.
We use data to improve our existing products and services, including by updating features. For example, we use error reports to improve security features, user behavior, search queries, and clicks on our sites to improve the relevance of search results, site content, and placement of relevant content for you on our sites.
We use data to protect the security of our products, services and customers in order to detect and prevent fraud, to confirm the validity of software licenses and to resolve disputes and enforce our agreements. We may also block the delivery of a message or remove the content if it violates our terms.
Optionally: Lyko Booking:
As a Club Lyko member, you can choose whether you want to activate Lyko Booking. Read more about this additional service in section 12.
Optionally: Lyko Social:
As a Club Lyko member, you can choose whether you want to activate Lyko Social. Read more about this additional service in section 12.
If we intend to use personal data in any way that does not comply with this Policy, you will be informed of this use before, or at the time, when the personal data is collected. Alternatively, we will obtain your permission after collection but before such use.
5. When and how we share information with others
It may sometimes be necessary for us to share your information with other companies in our group or with companies that provide services on our behalf (such as hosting our servers or providing support services) so that we can provide you with our services.
In cases where we share information about you with others, we have ensured that these companies comply with our data protection requirements and they are not allowed to use personal data they receive for any other purpose.
In order to offer you the Services, we may share your personal information with our Group companies and partners (i.e. companies we have hired that provide customer support, transport services of your goods, or help protect and secure our systems) who have been informed by us to process your information on our behalf and in accordance with our instructions, this Policy and other appropriate privacy and security measures. When you make a purchase in our online store, and give your permission, we also share your personal information with our partners for marketing purposes and to be able to provide our customers with interesting offers in other segments. We may also disclose personal information as part of a joint venture, such as a merger or sale of assets.
When you enter your card details to pay for a purchase, we will share this payment information with banks and other companies that process such transactions or provide other financial services, as well as for fraud protection and security purposes.
Within the framework of Lyko Booking, which you can read more about in section 12, we will also share your personal information with our Lyko salons, as well as the external salons that we work with. We share your information in two ways:
- The information you provide when you book a treatment via Lyko Booking will be available to the salon that will carry out the treatment, so that your booking can be administered and your treatment carried out.
- When you are at a Lyko salon, or one of our external partner salons, and you want to make a purchase or a booking within the framework of your Club Lyko membership, the hairdresser / stylist / performer will be able to search for your name in Club Lyko, to check that you are a member, so that you get access to relevant discounts and offers via Lyko Booking. If you on My Pages in Club Lyko have chosen to make your hair journal public, the salon that searches for your name will also be able to see it. You can choose to make a specific salon your home salon, and choose to only let your home salon have access to your hair journal.
Finally, we may need to disclose or save your information when we deem it necessary to:
- Comply with the law, legal proceedings, government decisions or court orders and provide information to the police and other authorized authorities;
- Be able to apply our General Terms and / or other agreements;
- Protect our customers, for example to prevent spam or attempted fraud, or to facilitate the prevention of death or serious injury;
- Manage and maintain the security of our products, including preventing or stopping an attack on our systems or networks; or
- Protect the rights or property of Lyko, including enforcing the terms governing your use of the Services, but if we receive information that someone is using our services to trade in stolen immaterial property or physical property belonging to Lyko, we will not investigate a customer's own private content, but we can then transfer the case to a police authority.
When logging in, reCAPTCHA may be used to maintain the security of our website.
Read more about what it means here: reCAPTCHA
6. Your rights
Lyko complies with current data protection laws in the European Union, which, where applicable, include the following rights:
- You have the right to request a free extract from the register (as defined in the legislation) as well as access to a copy of your personal data and to request correction and, in certain circumstances, deletion of your personal data,
- You have the right to request restriction and object to the processing of your personal data that takes place due to our legitimate interests,
- You have the right to lodge a complaint with a data protection authority. The Swedish Data Protection Authority is the authority in Sweden that exercises supervision over how we as a company comply with the legislation,
- If the processing of personal data is based on your consent, you have the right to withdraw your consent at any time for future processing of your personal data.
- You have the right to request that we transfer your personal data to another organization responsible for processing your personal data (personal data controller) in cases where our right to process your personal data is based either on your consent or fulfillment of an agreement with you.
You will have reasonable access to your personal information at no extra cost, if you request this via firstname.lastname@example.org . If we are unable to give you access within a reasonable time frame, Lyko will provide you with a date for when information can be provided. If such access is denied, we at Lyko will explain to you why it is denied.
When we process your personal data, we do so together with our affiliated companies in order to be able to offer you the products and services that you use and have ordered, run our business, fulfill our contractual and legal obligations, protect our systems and customers or fulfill the legitimate interests, which is described in detail in the sections "How and why use your personal information" and "Reasons why we share your personal information" above. When we transfer personal data from the European Union, we do so based on a number of legal mechanisms, as described in the section "Retention of personal data".
Information on your right to object according to Article 21 of the GDPR (profiling, direct marketing)
- Processing of your personal data that takes place due to our legitimate interests
You have the right to object at any time, for reasons related to your particular situation, to our processing of personal data about you based on and Article 6.1 (f) GDPR (processing for the purpose of protecting our legitimate interests), which includes profiling based on these provisions within the meaning of Article 4.4 of the GDPR.
If you file an objection, we will no longer process your personal data unless we can show compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms or if our processing takes place for the determination, exercise or defense of legal claims.
- Right to object to the processing of data for marketing purposes
In some cases, we process your personal data for direct marketing and telemarketing. You have the right to object at any time to the processing of personal data about yourself for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you oppose processing for direct market purposes, we will no longer process your personal data for such purposes.
If you choose to oppose treatment that involves profiling of your personal interests and behaviors, or refrain from receiving interest-based advertising, it does not mean that you will no longer see advertising on our websites and services, but that the advertising that is displayed will not be tailored to you and therefore perceived as less relevant.
There are no formal requirements for making objections, where possible use our web form or contact us at email@example.com .
Please note that if you request that we not contact you by e-mail, we will keep a copy of that e-mail address in our mailing block list to ensure that you do not receive unsolicited e-mails.
7. Security measures regarding your information
In order to protect your privacy and the personal information you provide through your use of the Services, we maintain physical, technical and administrative protection measures. We continuously update and test our security.
We restrict access to your personal information to employees who need to know the information to provide you with services and offers. In addition, our employees are trained on the importance of confidentiality and the maintenance of integrity and security.
We will take appropriate disciplinary action to ensure that our employees maintain their obligations regarding your personal information.
8. Retention of personal data
Personal data handled by Lyko can be stored and processed in the region where you live, in Sweden, or in other countries where Lyko, its partners, affiliated companies or suppliers are active. We take measures to ensure that information we collect in accordance with this personal data policy is processed in accordance with the provisions of this policy and in accordance with applicable legislation where the data is located.
If we were to transfer your personal data to third countries, i.e. countries outside the EU / EEA, we will enter into agreements and take other measures in accordance with applicable legal requirements.
We store your personal information for as long as it is necessary to provide the Services, or as long as it is required to fulfill our legal obligations. We will retain your information as long as you are a member of Club Lyko, and up to 24 months after you made your last purchase, or 24 months after you became inactive, or chose to terminate your membership, in Club Lyko.
Criteria that determine the time for how long we store data can be, for example:
How long is the personal data needed to provide the Services?
This includes maintaining and improving the technical performance of the Services, protecting our systems and administering the necessary business and accounting information. This is the general rule that forms the basis for calculating most retention periods.
Is the personal information of an extra sensitive nature?
In this case, a shorter retention period is usually used.
As a registrant, have you approved use of a longer retention period?
In that case, we store the information in accordance with your permission.
Has Lyko legally, contractually or otherwise committed to store the information?
Examples may be mandatory legislation on the retention of information in certain countries, such as accounting reasons, government orders to retain information relevant to investigations, or information that must be retained in order to resolve a dispute.
For more information about where and for how long your personal data is stored, please contact Lyko´s data protection officer, you will find the contact information under "Contact us" below.
Aggregate data is collected and processed to follow and evaluate user trends regarding the Services. This means that information about your use of the Services is collected and anonymized in a way that means we can no longer link the information to you. We use this anonymous information about how our members use the Services for statistics, service improvement and product development of the Services. This information will be completely anonymous and does not constitute personal information. Such information may therefore be stored longer than your personal data.
Anonymization means that data that was once personal data is removed from what can connect them to an individual, and separated from what in the future can make it possible to reconnect this data to an individual. This processing of data is one step further than the pseudonymization process, which means that certain information is kept separate to make it more difficult to identify a person to whom the data is linked. Lyko will anonymize your personal information after 24 months of inactivity.
This Policy does not apply to personal information that you provide to another user through the Services or when you otherwise use third party services such as messaging services and payment services.
Lyko does not knowingly collect personal data from minors under 18 years of age. If you are under the age of 18, do not send personal information through the Services. We encourage parents and guardians to follow their children's internet use and to help enforce our personal data policy by instructing their children to never provide personal data through the Services without their permission. If you have reason to believe that a minor under the age of 18 has provided personal information to us via the Services, please email us at firstname.lastname@example.org and we will strive to remove that information from our databases.
10. Changes and Updates to this Policy
We will update our personal data policy when necessary to reflect customer feedback and changes in our Services. When a policy is updated, the date of the last update changes at the top of the policy and the changes are described on the Change History page. If there are major changes in the policy or in how Lyko uses your personal data, you will be notified via notices on the web or e-mail before the changes take effect to the extent required by law. Feel free to read this personal data policy from time to time and you will stay informed about how Lyko protects your personal data and your privacy.
11. Questions, thoughts or complaints
If you want to ask questions or have comments about our Policy and our security methods, please contact us at:
Lyko Online AB
SE 786 91 Vansbro
+46 281-714 90
You are also welcome to contact our data protection representative at:
Sharp Cookie Advisors AB, Sofia Edvardsen
104 31 Stockholm
+46 281-714 90
We handle your case urgently and within statutory times.
12. Additional services
As a member of Club Lyko, you have the possibility to book treatments at our Lyko salons and our carefully selected partner salons, through our additional service Lyko Booking. Our Lyko salons are owned and operated by the group company Lyko Retail AB, and the external partner salons are run by various external companies - which company depends on which salon you book with. When you share your personal information with us at Lyko Online AB within the framework of Lyko Booking, these social security numbers are handled by us at Lyko Online AB, as well as the company that runs the salon you book a treatment at, i.e. Lyko Retail AB or the company that runs the external salon you book at.
When we process your personal data within the framework of Lyko Booking, we at Lyko Online AB, as well as the company that runs the salon where you book a processing, are jointly responsible for your personal data, as we together determine the purpose and means for the personal data processing. This means that we who are responsible for personal data will work together to ensure that your rights according to section 6 above are met and you can always turn to us with your questions.
If you book a treatment and accept the terms of Lyko Booking, we at Lyko will register and save:
- what treatment you book,
- when the treatment is performed,
- at which salon you enjoy the treatment,
- products you buy in the salon if payment is made through your membership in Club Lyko,
- which hairdresser / stylist / other person performed the treatment.
We do this with the purpose of being able to offer targeted relevant direct marketing to you, based on the treatments you have had. As a member of Club Lyko, we will also offer you personally designed special offers, based on which treatments you have booked. If you e.g. book haircut and dyeing through Lyko Booking, we may send you an offer for discounted dye treatments afterwards, as we believe this may be something you are interested in. You will have access to your own hair journal, where previous treatments will be listed. You can choose to make this hair journal public for your Lyko Social contacts, if you use Lyko Social. The salons at which you carry out treatments will, under certain conditions described in section 5 above, gain access to your hair journal, in order to be able to give you relevant advice and help in the best possible way.
As a member of Club Lyko, you have the possibility to use our additional service Lyko Social.
Lyko Social is a social media platform for you who love hair and beauty, where you have the opportunity to comment and rate salons, treatments and products, and create a profile where you can upload photos, videos and reviews of products and treatments that you have opinions about. You can also comment on other members' photos, videos and reviews.
When you become a member of Club Lyko, you have a private profile from the start. This means that your profile is not searchable by others. When you start using Lyko Social, for example by liking something, commenting, asking questions about a product, uploading a picture or writing a post, the Lyko Social service is activated. This means that your profile becomes searchable and that other users can click on your profile by clicking on your username when you, e.g. wrote a comment somewhere.
After activating the Lyko Social service, as described above, you have the possibility to choose to have a private profile again. However, this only means that you are not searchable. If you comment or like something, this will be visible to other users, who will then be able to click on your profile.
When you use the additional service Lyko Social, you accept that Lyko receives a perpetual license for your comments, ratings, reviews, photos and videos that you post and share on Lyko Social, about various products, treatments and services. This means that everything you share on Lyko Social may be used for marketing purposes by Lyko, including your name. If we ever want to use something you post or share, which includes a picture or film where your person can be distinguished (for example, your face), we will ask for your express permission.
13. Other services
Payment service providers
We offer you additional payment solution through a third party payment service. You can use this payment method when you purchase products online. We collect your personal data for the purpose of transferring our payment collection to the third party payment service provider. We collect your personal data such as name, e-mail, phone number, address, social security number and information about your order. Our legal basis for collection of your personal data is necessary for performance of a contract.
Through the third party payment service provider you can pay later by invoice. The third party payment service provider offers you to pay within a certain number of days, or to split your payment.
When you make a purchase from us, we will share your e-mail address with Trustpilot/Ceneo. Trustpilot/Ceneo ask for your review of your recent experience with Lyko and the products you have purchased, which will be visible on our website. You can choose to review your experience with Lyko through Trustpilot/Ceneo. Our purpose is to receive customer references and ratings of your experience with us and our products, to help us improve our services and processes. We process the personal data necessary for us to improve how we can deliver high quality services to our customers, which is a legitimate interest of ours.
When you make a purchase from us, we will offer you the possibility to insure your shipment through Trusted Shops. We will in that case share your e-mail address, order value, currency, payment method and estimated delivery date with Trusted Shops. Trusted Shops will ask for your review of your recent experience with Lyko. You can choose to review your experience with Lyko through Trusted Shops. Our purpose is to receive customer references and ratings of your experience with us, to help us improve our services and processes. We process the personal data necessary for us to improve how we can deliver high quality services to our customers, which is a legitimate interest of ours.
Please note that the terms and privacy policies of such third party service providers will apply for the use of your personal data for processing your requests.
History of change
June 2018: Addition of Lyko Booking functions. Your continued use of our services from that date will be subject to the new Personal Data Policy.
September 2020: Section 13, YouTube, was added.
August 2021: A new marketing function in collaboration with our partners was introduced. Additions to sections 3, 4 and 5 containing further information.
November 2021: The Notice have been updated following the introduction of new marketing processes and payment service providers. Your continued use of our services from that date will be subject to the new Policy.
June 2022: Removal of club points to prepare for a new bonus system that will be introduced during fall 2022.