MIX & MATCH TO ENJOY EXTRA DISCOUNT!

30-DAY MONEY BACK GUARANTEE

FREE US SHIPPING

Privacy Policy

1) INFORMATION ABOUT THE COLLECTION OF PERSONAL DATA AND CONTACT DETAILS OF THE CONTROLLER
1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data is all data with which you can be personally identified.

1.2 The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Lily & Grace Sydney. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the character string “https://” and the lock symbol in your browser’s address bar.

2) DATA COLLECTION WHEN VISITING OUR WEBSITE
When you use our website purely for informational purposes, i.e., if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website:

Our visited website
Date and time of access
Amount of data sent in bytes
Source/referring website from which you accessed the site
Browser used
Operating system used
IP address used (possibly in anonymized form)

Processing is carried out in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to subsequently check the server log files if there are concrete indications of unlawful use.

3) COOKIES
To make visiting our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e., after closing your browser (so-called session cookies). Other cookies remain on your device and allow us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). When cookies are set, they collect and process certain user information such as browser and location data as well as IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie.

Some cookies serve to simplify the order process by storing settings (e.g., remembering the contents of a virtual shopping cart for a later visit). If personal data is also processed by individual cookies implemented by us, processing takes place either in accordance with Art. 6 (1) lit. b GDPR for the performance of the contract or in accordance with Art. 6 (1) lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the site visit.

We may work together with advertising partners who help us make our online offering more interesting for you. For this purpose, cookies from partner companies (third-party cookies) may also be stored on your hard drive when you visit our website. If we cooperate with such advertising partners, you will be individually and separately informed about the use of such cookies and the scope of the collected information within the following sections.

Please note that you can set your browser to inform you about the setting of cookies and individually decide whether to accept them or exclude the acceptance of cookies for certain cases or in general. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings. You can find these for the respective browsers at the following links:

4) CONTACTING US
When contacting us (e.g., via contact form or email), personal data is collected. The data collected in the case of a contact form can be seen in the respective contact form. This data is stored and used exclusively for the purpose of responding to your inquiry or for establishing contact and the related technical administration. The legal basis for processing the data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR. If your contact aims to conclude a contract, an additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted after your inquiry has been fully processed, provided that it can be inferred from the circumstances that the relevant matter has been conclusively resolved and there are no statutory retention obligations.

5) DATA PROCESSING WHEN OPENING A CUSTOMER ACCOUNT AND FOR CONTRACT PROCESSING
According to Art. 6(1)(b) GDPR, personal data will continue to be collected and processed if you provide it to us to execute a contract or open a customer account. The data collected can be seen in the respective input forms. You can delete your customer account at any time by sending a message to the controller's address stated above. We store and use the data you provide for contract processing. After the contract has been fully processed or your customer account has been deleted, your data will be blocked with regard to retention periods under tax and commercial law and deleted after these periods have expired, unless you have expressly consented to the further use of your data or we have reserved the right to use data beyond this, as permitted by law, which we inform you about below.

6) USE OF YOUR DATA FOR DIRECT ADVERTISING
6.1 Subscription to our email newsletter
If you subscribe to our email newsletter, we will regularly send you information about our offers. The only mandatory information for sending the newsletter is your email address. The provision of any additional data is voluntary and will be used to address you personally. For the newsletter dispatch, we use the so-called double opt-in procedure. This means that we will only send you an email newsletter if you have explicitly confirmed that you agree to the newsletter being sent. We will then send you a confirmation email asking you to confirm by clicking a corresponding link that you want to receive the newsletter in the future.

By activating the confirmation link, you give us your consent to use your personal data pursuant to Art. 6(1)(a) GDPR. When you register for the newsletter, we store your IP address, as entered by your internet service provider (ISP), as well as the date and time of registration, in order to trace any possible misuse of your email address at a later time. The data collected during the newsletter registration will be used exclusively for promotional purposes via the newsletter. You can unsubscribe from the newsletter at any time via the link provided in the newsletter or by sending a corresponding message to the controller named at the beginning. After unsubscribing, your email address will be immediately deleted from our newsletter distribution list unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, as permitted by law, about which we inform you in this policy.

6.2 Sending email newsletters to existing customers
If you have provided us with your email address when purchasing goods or services, we reserve the right to regularly send you offers for similar goods or services from our range by email. We do not need to obtain separate consent from you for this. Data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising pursuant to Art. 6(1)(f) GDPR. If you initially objected to the use of your email address for this purpose, we will not send any emails. You are entitled to object to the use of your email address for the aforementioned advertising purposes at any time with effect for the future by notifying the controller named at the beginning. The only costs you incur are the transmission costs according to basic rates. After receiving your objection, the use of your email address for advertising purposes will cease immediately.

7) DATA PROCESSING FOR ORDER HANDLING
7.1 The personal data we collect will be passed on to the transport company commissioned with the delivery as part of the contract processing, to the extent that this is necessary for delivering the goods. Your payment data will be passed on to the commissioned credit institution as part of the payment processing, if this is necessary for payment processing. If payment service providers are used, we will explicitly inform you about this below. The legal basis for the data transfer is Art. 6(1)(b) GDPR.

7.2 Use of payment service providers (payment processors)

PayPal
For payments made via PayPal, credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal, we pass your payment data on to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”), as part of the payment processing. This data transfer takes place pursuant to Art. 6(1)(b) GDPR and only to the extent necessary for payment processing.

For the payment methods credit card via PayPal, direct debit via PayPal, or – if offered – "purchase on account" or "installment payment" via PayPal, PayPal reserves the right to perform a credit check. For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6(1)(f) GDPR based on PayPal’s legitimate interest in determining your solvency. The result of the credit check with respect to the statistical probability of non-payment is used by PayPal for the purpose of deciding whether to provide the respective payment method. The credit report may include probability values (so-called score values). If score values are included in the result of the credit check, they are based on a scientifically recognized mathematical-statistical procedure; address data, among others, may be included in the calculation of the score values. For further data protection information, including information on the credit agencies used, please refer to PayPal’s privacy policy:
https://www.paypal.com/en/webapps/mpp/ua/privacy-full
You can object to this processing of your data at any time by sending a message to PayPal. However, PayPal may still be entitled to process your personal data if this is necessary for contractual payment processing.

SOFORT
If you select the "SOFORT" payment method, payment processing is carried out via the payment service provider SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany (hereinafter "SOFORT"), to whom we pass on your information provided during the order process along with information about your order in accordance with Art. 6(1)(b) GDPR. SOFORT GmbH is part of the Klarna Group (Klarna Bank AB (publ), Sveavägen 46, 11134 Stockholm, Sweden). Your data will be passed on exclusively for the purpose of payment processing with the payment service provider SOFORT and only to the extent necessary for this purpose. For further information on SOFORT’s privacy policy, please visit:
https://www.klarna.com/sofort/privacy-policy/

8) CONTACT FOR REVIEW REMINDER
Own review reminder (no dispatch by a customer review system)

We use your email address to send a one-time reminder to submit a review of your order in our own review system, provided that you have given us your express consent during or after your order pursuant to Art. 6(1)(a) GDPR.
You can revoke your consent at any time by sending a message to the controller responsible for data processing.

9) USE OF SOCIAL MEDIA: SOCIAL PLUGINS
9.1 Facebook plugins using the Shariff solution
Special additional customs clearance costs and/or import duties are not included in the price and are the responsibility of the customer.

Our website uses so-called social plugins ("plugins") of the social network Facebook, operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA ("Facebook").

To increase the protection of your data when you visit our website, these buttons are not integrated as unrestricted plugins but only using an HTML link. This type of integration ensures that when a page of our website containing such buttons is accessed, no connection is yet established with Facebook’s servers. Only when you click the button will a new browser window open and load Facebook’s page, where you can interact with the plugins there (if necessary, after entering your login data).

Facebook Inc., based in the USA, is certified under the EU-U.S. Privacy Shield agreement, which guarantees compliance with the data protection level applicable in the EU.

The purpose and scope of data collection, further processing, and use of the data by Facebook, as well as your rights and settings options for protecting your privacy, can be found in Facebook’s privacy policy:
https://www.facebook.com/policy.php\

9.2 Google+ plugins using the Shariff solution
Our website uses so-called social plugins ("plugins") from the social network Google+, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

To increase the protection of your data when you visit our website, these buttons are not integrated as unrestricted plugins but only using an HTML link. This type of integration ensures that when a page of our website containing such buttons is accessed, no connection is yet established with Google’s servers. Only when you click the button will a new browser window open and load the Google+ page, where you can interact with the plugins there (if necessary, after entering your login data).
Google LLC, based in the USA, is certified under the EU-U.S. Privacy Shield agreement, which guarantees compliance with the data protection level applicable in the EU.

For the purpose and scope of data collection and further processing and use of the data by Google, as well as your rights and settings options to protect your privacy, please refer to Google’s privacy policy:
https://www.google.com/intl/en/policies/privacy/

9.3 Instagram plugin using the Shariff solution
Our website uses so-called social plugins ("plugins") from the online service Instagram, operated by Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA ("Instagram").

To increase the protection of your data when you visit our website, these buttons are not integrated as unrestricted plugins but only using an HTML link. This type of integration ensures that when a page of our website containing such buttons is accessed, no connection is yet established with Instagram’s servers. Only when you click the button will a new browser window open and load Instagram’s page, where you can interact with the plugins there (if necessary, after entering your login data).
Instagram LLC, based in the USA, is certified under the EU-U.S. Privacy Shield agreement, which guarantees compliance with the data protection level applicable in the EU.

For the purpose and scope of data collection and further processing and use of the data by Instagram, as well as your rights and settings options to protect your privacy, please refer to Instagram’s privacy policy:
https://help.instagram.com/155833707900388/

10) ONLINE MARKETING
10.1 DoubleClick by Google
This website uses the online marketing tool DoubleClick by Google, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("DoubleClick").

DoubleClick uses cookies to display ads relevant to users, improve campaign performance reports, or prevent a user from seeing the same ads multiple times. Using a cookie ID, Google records which ads are displayed in which browser and can thus prevent them from being shown multiple times. The processing is based on our legitimate interest in optimal marketing of our website pursuant to Art. 6(1)(f) GDPR.

Additionally, DoubleClick can use cookie IDs to record conversions related to ad requests. This happens, for example, when a user sees a DoubleClick ad and later uses the same browser to visit the advertiser’s website and makes a purchase there. According to Google, DoubleClick cookies do not contain any personal information.

Due to the marketing tools used, your browser automatically establishes a direct connection to Google’s server. We have no influence on the extent and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: By integrating DoubleClick, Google receives the information that you have accessed the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or not logged in, it is possible that the provider will learn your IP address and store it.

If you want to object to participation in this tracking procedure, you can disable cookies for conversion tracking by setting your browser to block cookies from the domain www.googleadservices.com:
https://www.google.com/settings/ads
Note that this setting will be deleted if you clear your cookies. Alternatively, you can obtain information about cookie settings and make your choices via the Digital Advertising Alliance at www.aboutads.info. Finally, you can set your browser to notify you about the setting of cookies and individually decide whether to accept them or exclude the acceptance of cookies for specific cases or in general. If cookies are not accepted, the functionality of our website may be limited.

Google LLC, based in the USA, is certified under the EU-U.S. Privacy Shield framework, which ensures compliance with the data protection standards applicable in the EU.

For more information on the privacy policies of DoubleClick by Google, please visit:
https://www.google.com/policies/privacy/

10.2 Use of Google AdWords Conversion Tracking
This website uses the online advertising program "Google AdWords" and, as part of Google AdWords, conversion tracking by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). We use Google AdWords to draw attention to our attractive offers on external websites using advertising materials (so-called Google AdWords). We can determine how successful the individual advertising measures are in relation to the data from the advertising campaigns. Our goal is to show you ads of interest to you, make our website more interesting for you, and achieve a fair calculation of advertising costs.

The conversion tracking cookie is set when a user clicks on a Google AdWords ad. Cookies are small text files stored on your computer. These cookies usually expire after 30 days and are not intended to personally identify the user. If the user visits certain pages of this website and the cookie has not yet expired, Google and we can recognize that the user clicked on the ad and was redirected to this page. Each Google AdWords customer receives a different cookie. Therefore, cookies cannot be tracked across AdWords customers' websites. The information collected using the conversion cookie is used to compile conversion statistics for AdWords customers who have opted for conversion tracking. Customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive information that personally identifies users. If you do not wish to participate in tracking, you can block this use by disabling the Google conversion tracking cookie via your browser’s user settings. You will then not be included in the conversion tracking statistics. We use Google AdWords based on our legitimate interest in targeted advertising pursuant to Art. 6(1)(f) GDPR.

Google LLC, based in the USA, is certified under the EU-U.S. Privacy Shield framework, ensuring compliance with EU data protection standards.

For more information about Google's privacy policies, please visit:
https://www.google.com/policies/privacy/

You can permanently disable cookies for ad preferences by preventing them through an appropriate browser setting or by downloading and installing the browser plug-in available at the following link:
https://www.google.com/settings/ads/plugin?hl=en

Please note that certain functions of this website may not work or may be limited if you disable the use of cookies.

11) WEB ANALYTICS SERVICES — Google (Universal) Analytics

Google Universal Analytics
This website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website (including the shortened IP address) is generally transmitted to and stored on a Google server in the USA.

This website uses Google Analytics exclusively with the extension "_anonymizeIp()", which ensures anonymization of the IP address by shortening it and prevents direct personal reference. With this extension, your IP address is shortened by Google within EU member states or other parties to the Agreement on the European Economic Area before transmission. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. In these exceptional cases, processing is carried out pursuant to Art. 6(1)(f) GDPR based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.

On our behalf, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

You can prevent cookies from being stored by setting your browser accordingly; however, please note that you may not be able to fully use all features of this website in that case. You can also prevent Google from collecting and processing the data generated by the cookie related to your use of the website (including your IP address) by downloading and installing the browser plug-in available at the following link:
https://tools.google.com/dlpage/gaoptout?hl=en

Alternatively to the browser plugin, or within browsers on mobile devices, you can click the following link to set an opt-out cookie that will prevent future data collection by Google Analytics within this website (this opt-out cookie only works in this browser and only for this domain; if you delete your cookies in this browser, you will have to click this link again): Deactivate Google Analytics.

Google LLC, based in the USA, is certified under the EU-U.S. Privacy Shield framework, which ensures compliance with EU data protection standards.

This website also uses Google Analytics for cross-device analysis of visitor flows carried out via a user ID. When a page is accessed for the first time, a unique, permanent, and anonymized ID is assigned to the user, which is set across devices. This allows interaction data from different devices and sessions to be assigned to a single user. The user ID does not contain any personal data and does not transmit such data to Google.

You can object to data collection and storage via the user ID at any time with effect for the future. To do this, you must disable Google Analytics on all systems you use, for example in another browser or on your mobile device.

The deactivation can be done using a Google browser plug-in:
https://tools.google.com/dlpage/gaoptout?hl=en

Further information on Universal Analytics can be found here:
https://support.google.com/analytics/answer/2838718?hl=en&ref_topic=6010376

…which automatically enables interest-based advertising using a pseudonymous cookie ID and based on the pages you visit. Processing takes place on the basis of our legitimate interest in the optimal marketing of our website pursuant to Art. 6(1)(f) GDPR.

Further data processing only occurs if you have consented to Google linking your web and app browsing history with your Google account and using information from your Google account to personalize ads you view online. If you are logged in to Google while visiting our website, Google will use your data together with Google Analytics data to create and define audience lists for cross-device remarketing. For this purpose, your personal data will be temporarily linked by Google with Google Analytics data to form target groups.

You can permanently deactivate cookies for ad preferences by downloading and installing the browser plugin available at the following link:
https://www.google.com/settings/ads/onweb/

Alternatively, you can find out about the setting of cookies and make preferences via the Digital Advertising Alliance website at www.aboutads.info. Finally, you can set your browser so that you are informed about the setting of cookies and individually decide on their acceptance or exclude the acceptance of cookies for certain cases or in general. If cookies are not accepted, the functionality of our website may be limited.

Google LLC, based in the USA, is certified under the EU-U.S. Privacy Shield framework, which ensures compliance with EU data protection standards.

For more information on advertising and Google's privacy policies, please visit:
https://www.google.com/policies/technologies/ads/

13) RIGHTS OF THE DATA SUBJECT
13.1 Applicable data protection law grants you comprehensive rights with respect to the processing of your personal data by the controller, which we inform you of below:

Right of access pursuant to Art. 15 GDPR: You have the right to obtain information about your personal data we process, the purposes of the processing, the categories of processed data, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of rights to rectification, erasure, restriction of processing, objection to processing, lodging a complaint with a supervisory authority, the source of your data if not collected by us, the existence of automated decision-making including profiling, and, where applicable, meaningful information about the logic involved as well as the significance and intended effects of such processing on you, as well as your right to be informed of the safeguards pursuant to Art. 46 GDPR when your data is transferred to third countries.

Right to rectification pursuant to Art. 16 GDPR: You have the right to obtain the prompt correction of inaccurate data concerning you and/or the completion of your incomplete data stored by us.

Right to erasure pursuant to Art. 17 GDPR: You have the right to request the erasure of your personal data where the conditions of Art. 17(1) GDPR are met. However, this right does not exist in particular if the processing is necessary for exercising the right to freedom of expression and information, for complying with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.

Right to restriction of processing pursuant to Art. 18 GDPR: You have the right to request the restriction of processing of your personal data where the accuracy of the data is contested by you, if you oppose the erasure of your data due to unlawful processing and instead request the restriction of its use, if you need your data for the establishment, exercise, or defense of legal claims after we no longer need it for the purposes for which it was collected, or if you have objected to processing pending verification of whether our legitimate grounds override yours.

Right to notification pursuant to Art. 19 GDPR: If you have asserted the right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to communicate any rectification or erasure of data or restriction of processing to each recipient to whom your personal data has been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about those recipients.

Right to data portability pursuant to Art. 20 GDPR: You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format or to request its transmission to another controller, where technically feasible.

Right to withdraw consent pursuant to Art. 7(3) GDPR: You have the right to withdraw your consent to data processing at any time with effect for the future. Upon withdrawal, we will delete the affected data immediately unless further processing can be based on a legal basis allowing processing without consent. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Right to lodge a complaint pursuant to Art. 77 GDPR: If you believe that the processing of your personal data infringes the GDPR, you have the right—without prejudice to any other administrative or judicial remedy—to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work, or place of the alleged infringement.

13.2 RIGHT TO OBJECT

IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR OVERRIDING LEGITIMATE INTERESTS WITHIN THE FRAMEWORK OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING PURPOSES. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING THE AFFECTED DATA FOR DIRECT MARKETING PURPOSES.

14) DURATION OF STORAGE OF PERSONAL DATA
The duration of the storage of personal data is determined by the respective statutory retention period (e.g., commercial and tax retention periods). After the expiration of the period, the corresponding data is routinely deleted, provided it is no longer required for the fulfillment or initiation of a contract and/or we have no legitimate interest in continued storage.

Privacy Policy