Privacy policy

Last updated: December 7, 2023 (Version has been translated, in case of doubt the Italian version applies)

This Privacy Policy describes how Lookalike SA (hereinafter "Lookalike" or "we") collects, uses, discloses, manages, transmits and deletes - your personal data when you visit, use our services or make a purchase from lookalike.ch (hereinafter, the "Site") or otherwise communicate with us (hereinafter collectively, the "Services"). This Privacy Policy covers not only personal data collected from you in the future in accordance with this Privacy Policy, but also personal data about you already stored by us.

For the purposes of this Privacy Policy, "you" and "your" means you as a user of the Services, whether you are a customer, website visitor, or other person whose information we have collected pursuant to this Privacy Policy.

Personal data or personal information means any information about an identified or identifiable individual. When we talk about processing your personal information in this Privacy Policy, we mean any processing of your personal information. If you provide us with personal information about other people, you must ensure that they are aware of this Privacy Policy, that their information is correct, and that you have been authorized to provide it.

This Privacy Policy is designed to meet the requirements of the EU General Data Protection Regulation ("GDPR") and the new Federal Act on Data Protection ("FADP"), effective as of 1/9/2023.
Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.

1. How we collect and use your personal information
To provide the Services, we collect personal information about you from a variety of sources, as outlined below. The information we collect and use varies depending on how you interact with us.

In addition to the specific uses set forth below, we may use the information we collect about you to communicate with you, to provide the Services, to comply with any applicable legal obligations, to enforce applicable terms of service, and to protect or defend the Services, our rights, and the rights of our users or others.

2. What personal information we collect
The types of personal information we obtain about you depend on how you interact with our Site and use our Services. When we use the term "personal information," we are referring to information that identifies, relates to, describes, or can be associated with you. The following sections describe the specific categories and types of personal information we collect.

3. Information we collect directly from you
In accordance with Article 19(1) FADP, the types of information collected by us directly from the user are disclosed below: 
- Basic contact information including name, address, phone number, e-mail.
- Order information including name, billing address, shipping address, payment confirmation, e-mail address, phone number.
- Account information including username, password, security questions.
- Purchase information, including items viewed, placed in cart, or added to wish list.
- Customer service information, including information you choose to include in your communications with us, such as when you send a message through the Services.

Some features of the Services may require you to provide us directly with certain personal information. If you choose not to provide this information, this may prevent you from using or accessing these features.

4. Information we obtain from third parties
Finally, we disclose, pursuant to Article 19(3) FADP, that we may obtain information about you from third parties, including vendors and service providers, who may collect information on our behalf, such as:

- Companies that support our Site and Services, such as Shopify.
- Our payment processors, who collect payment information (e.g., bank account, credit or debit card information, billing address) to process payment in order to fulfill orders and provide requested products or services in order to perform our contract with you.
- When you visit our Site, open or click on emails we send you, or interact with our Services or advertisements, we, or third parties we partner with, may automatically collect certain information using online tracking technologies such as pixels, web beacons, software development kits, third-party libraries, and cookies.

Any information we obtain from third parties will be treated in accordance with this Privacy Policy. We are not responsible for the accuracy of information provided to us by third parties and are not responsible for the policies or practices of third parties. For more information, please see the section below, Third-Party Websites and Links.

5. How we use your personal information.
- Provision of Products and Services. We use your personal information to provide you with the Services in order to perform our contract with you, including processing payments, fulfilling orders, sending notifications regarding your account, purchases, returns, exchanges or other transactions, to create, maintain and otherwise manage your account, to arrange shipping, to facilitate any returns and exchanges, and to allow you to post reviews.
- Marketing and Advertising. We use your personal information for marketing and promotional purposes, such as sending you marketing, advertising and promotional communications via email, text message or regular mail and to show you advertisements for products or services. This may include using your personal information to better customize the Services and advertising on our Site and other websites.
- Security and Fraud Prevention. We use your personal information to detect, investigate, or take action regarding possible fraudulent, illegal, or harmful activity. If you choose to use the Services and register an account, you are responsible for the security of your account credentials. We strongly advise the user not to share the user name, password or other login details with anyone else. -If you believe that your account has been compromised, you should contact us immediately.
- Communicating with the user. We use your personal information to provide customer support and improve our Services. This is in our legitimate interest in order to be responsive to you, to provide you with effective services, and to maintain our business relationship with you.

6. How we protect your personal data
Article 8(1-2) FADP requires the data controller to have technical and organizational security procedures in place to maintain the security of your personal data and prevent breaches.
Our site has technical and organizational security procedures in place to maintain the security of user's personal data and to protect session data and user's personal data from unauthorized or unlawful processing and/or accidental loss, alteration, disclosure or access. Such security is provided by Lookalike's URL beginning with https://, which means that our site is protected, as also shown by the closed padlock icon that appears on the left side.
However, you should always be aware that the transmission of information via the Internet and other electronic means carries certain security risks and that we cannot guarantee the security of information transmitted in this way.

7. Payment security
The payment platforms we use guarantee simple and secure credit and debit card payments, protecting the information you enter to purchase products.
The payment platforms we use are provided below:

-Google Pay
-Apple Pay
-VISA
-Maestro
-Mastercard
-Twint

The aforementioned payment platforms all use appropriate tools to guarantee the security of the payment data provided by the user, such as HTTPS protocol encryption technologies and the Transport Layer Security standard, or state-of-the-art programmes to identify the user prior to purchase.

8. Security and storage of user information
You should be aware that despite the fact that we take appropriate security measures to protect your personal information, a breach may still occur despite ourselves.
In the aforementioned case, we ensure to notify the Federal Data Protection and Information Commissioner ("FDPIC") as soon as possible of any breach of data security that would result in a high risk to the user's personality or fundamental rights, as well as to inform the user if this is necessary for his or her protection, as mandated by Article 24, para. 1 and 4, FADP.
We also inform you that the information you send us may not be secure during transit. We therefore advise the user not to use unsecured channels to communicate sensitive or confidential information to us.
In accordance with Article 25(2)(d) FADP, we make it clear to you that since we cannot predict in advance how long we will retain your personal information, we have taken steps to outline the criteria, below, for how long we will retain it.

We will retain user data for the duration necessary to:
a. maintain the user's account
b. provide services
c. comply with legal obligations
d. resolve disputes
e. enforce other applicable contracts and policies

Users are advised that the above list of criteria is not exhaustive.
In any case, you have the right to cancel your customer account at any time. To that effect, any further processing of your data will be restricted and your data will be deleted upon expiration of the applicable retention period as no longer necessary for the purpose of processing, in accordance with Article 6(4) FADP.

9. How we disclose personal information
Under certain circumstances, we may disclose your personal information to third parties for legitimate purposes subject to this Privacy Policy. Such parties/circumstances may include:
- vendors or other third parties who perform services on our behalf (e.g., IT management, payment processing, data analytics, customer service, cloud storage, order fulfillment, and shipping).
- business and marketing partners, including Shopify, to provide services and advertise to you. Our business and marketing partners will use your information in accordance with their own privacy policies.
- situations where you indicate, request, or otherwise consent to the disclosure of certain information to third parties, such as for product shipment or through the use of social media widgets or login integrations, with your consent.
- our affiliates or otherwise within our business group, in our legitimate interest in running a successful business.
- situations related to a business transaction such as a merger or bankruptcy, to comply with any applicable legal obligations (including responding to subpoenas, search warrants and similar requests), to enforce applicable terms of service, and to protect or defend the Services, our rights and the rights of our users or others.

We do not use or disclose personal information worthy of special protection for the purpose of inferring characteristics about you.

10. User Generated Content
The Services may allow you to post product reviews and other user-generated content. If you choose to post user-generated content to any public area of the Services, that content will be public and accessible by anyone.
We do not control who will have access to the information you choose to make available to others, and we cannot guarantee that parties with access to such information will respect your privacy or keep it secure. We are not responsible for the privacy or security of the information you make publicly available, nor for the accuracy, use, or misuse of any information disclosed or received by third parties.

11. Third Party Websites and Links
Our Site may provide links to Web sites or other online platforms operated by third parties. If you follow links to sites not affiliated with or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of those sites, including the accuracy, completeness, or reliability of the information on those sites. Information provided by you in public or semi-public places, including information shared on third-party social networking platforms, may also be viewed by other users of the Services and/or users of such third-party platforms, without limitation as to its use by us or third parties. The inclusion of such links by us does not, in and of itself, imply any endorsement of the content of such platforms or their owners or operators, except as noted on the Services.

12. Data from minors
The Services are not intended for use by minors and we do not knowingly collect any personal information about minors.
If a parent or guardian of a minor has provided us with personal information of the minor, please contact us using the contact details below to request the deletion of this information.
With regard to the data of minors, the only information collected by the site is only that related to the size of clothing, which remains, in any case always anonymous.
As of the effective date of this Privacy Policy, we are not aware that we "share" or "sell" (as those terms are defined in applicable law) personal information of persons under the age of 16.

13. Your rights and choices
Depending on where you reside, you may be able to exercise some or all of the rights listed below. However, these rights are not absolute, may apply only in certain circumstances, and in some cases, we may refuse your request as permitted by law.

- Right of Access (Article 25 FADP). You may ask at any time whether personal data concerning you are being processed. You may have the right to request access to the personal information we hold about you, including details about how we use and share your information. The information is provided free of charge, usually within 30 days of the request.
- Right to erasure (Article 32(2)(c) FADP). You may have the right to request the deletion of personal information about you in our possession.
- Right of correction (Article 32(1) FADP). You may have the right to request the correction of inaccurate personal information we hold about you. 
- Right to portability (Article 28(2) FADP). You may have the right to receive a copy of the personal information we hold about you and to request its transfer to third parties under certain circumstances and with certain exceptions. The data will be transferred free of charge, unless it requires a disproportionate burden.
- Limitation of processing (Article 32(2)(a) FADP): you may have the right to ask us to stop or limit our processing of personal data.
- Revocation of consent: where we rely on consent to process your personal data, you may have the right to revoke that consent.
- Appeal: you may have the right to appeal our decision if we refuse to process your request, under' the provisions granted by Article 26 FADP. You can do this by responding directly to our refusal.
- Management of communication preferences: we may send you promotional emails and you can opt out of receiving them at any time by using the unsubscribe option displayed in our emails. If you opt out, we may still send you non-promotional emails, such as those related to your account or orders you have placed.

You may exercise any of these rights where indicated on our Site or by contacting us using the contact details provided below.
We will not discriminate against you for exercising any of these rights. We may need to collect information from you to verify your identity, such as your e-mail address or account information, before providing a substantive response to your request. In accordance with applicable laws, you may designate an authorized agent to submit requests on your behalf to exercise your rights. Before we accept such a request from an agent, we will require that the agent provide proof that you have authorized him or her to act on your behalf, and we may need you to verify your identity directly with us. We will respond to your request in a timely manner as required by applicable law.

14. SHIPPING/DELIVERY - Data Processing
For the delivery of the order, the user's data will be forwarded to the following courier company:

Die Schweizerische Post AG

Wankdorfallee 4

3030 Bern
Schweiz

We will transmit in addition to the shipping address also the user's e-mail address and/or telephone number to the selected shipping service provider, in order to enable to contact the user for the purpose of notification or coordination of the shipment.
This consent may be revoked at any time by sending a message to the contact information described in this privacy policy or directly to the shipping service provider using the contact address below.

Die Schweizerische Post AG contact center number : +41 848 888 888
Other contact methods are available at the following link: https://www.post.ch/en/help-and-contact

After revocation of consent, we will delete the data that you have provided to us for this purpose, unless you have expressly consented to further use of the data or we have reserved the right to use such data for other purposes permitted by law.

15. Cookies
Like many websites, we use cookies on our site.

A cookie is a file of information that websites store on your computer, or mobile device, for the purpose of identifying and recognizing you when you return to the site. For specific information about the cookies we use in connection with powering our store with Shopify, please see our "Cookie settings". We use cookies to enhance and improve our Site and Services (including to remember user actions and preferences), to perform analytics, and to better understand user interaction with the Services (in our legitimate interest to administer, improve, and optimize the Services). We may also allow third parties and service providers to use cookies on our site to better customize services, products, and advertising on our site and other websites.

Data collected through cookies may include information about how you access and use our Site and your account, including device information, browser information, network connection information, IP address, and other information related to your interaction with the Services.

No personal information is stored in the cookies we use. The cookies we use cannot be assigned to a specific person, and when they are activated they are assigned an identification number.

Our site uses the cookie banner, i.e., a notice that is shown on the user's first visit, which has the function of informing the user of the presence of cookies, his or her rights regarding them and to ask for consent to their installation. Therefore, by refusing to provide consent, the user can choose to remove cookies from the browser . However, you should be aware that removing or blocking cookies may have a negative impact on your experience and may result in the malfunction or unavailability of some Services, including some general features and functionality. Also, blocking cookies may not completely prevent the way we share information with third parties, such as our advertising partners.

16. Use Of Technologies For Web Analytics and Advertising Purposes
If you have given consent, you also agree to the use of third-party technologies by our website. Data collected in this context will be deleted once the purpose has been fulfilled and the use of the relevant technology has ended.
The user has the right to revoke consent at any time with effect for the future.
Further information, including the legal basis for data processing, is available within the respective technologies. if you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this privacy policy.

17. Use of Google services
We use the following technologies from Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Information automatically collected by Google's technologies about your use of our website is usually transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there.

In this regard, the Federal Council has not included the U.S. in the list of states that guarantee adequate data protection in accordance with Article 16(1) FADP. Therefore, our cooperation is based on the data protection clauses previously communicated to or approved by the FDPIC in accordance with Article 16(2)(b) and (d) FADP .

If your IP address is collected using Google technologies, it will be shortened by activating IP anonymization before it is stored on Google's servers. Only in exceptional cases will the full IP address be transferred to a Google server and abbreviated there.
More information about data processing by Google can be found in Google's privacy policy [https://policies.google.com/privacy?hl=en].

A) GOOGLE ANALYTICS
For the purpose of analyzing the website, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information, and information about the use of our website), from which pseudonymized usage profiles are created. Cookies may be used for this purpose.
The user's IP address will not be merged with other data from Google.
Data processing is based on a data processing agreement with Google.

B) GOOGLE MAPS.
For the visual representation of geographic information, Google Maps collects data about your use of Maps functions, in particular IP address and location data, transmits it to Google and processes it.
We have no influence on this subsequent data processing.

C) GOOGLE TAG MANAGER
Google Tag Manager funge da strumento per la gestione e il controllo di cookie, pixel di conversione o codici di monitoraggio da programmi come Google Analytics. L’applicazione stessa funziona con tag e trigger e inoltra le informazioni raccolte sul sito Web tramite i cookie direttamente agli strumenti appropriati per l’ulteriore elaborazione.

Non abbiamo alcuna influenza su questa successiva elaborazione dei dati.

18. How We Use Log Files
Whenever you access our Internet pages, we receive from your Internet browser the transmission of certain usage data for technical reasons, which is stored in log files.

This is the following usage data:
- IP address of the contact device
- date and time
- URL of the page visited
- Referral URL
- browser and other device information
Analysis of log files help us to further improve our Internet services and make them easier to use, to find and correct errors more quickly, and to control server capacity. Based on the log files we can determine, for example, at what time the use of our Internet services is particularly popular and provide the corresponding volume of data to ensure the best possible use for the user.

19. How We Use Analysis Tool
To constantly improve and optimize our Internet offerings, we use so-called tracking technologies (Google Analytics). Web analysis tools provide us with statistics and graphs that inform us about the use of our Internet pages. In the process, data about the use of an Internet page is transmitted to the server used for data management. This is a service provided by a third party, which may be based in any country in the world (in the case of Google Analytics, this is Google Ireland (based in Ireland), Google Ireland relies on Google LLC (based in the USA) as its order processor (both "Google"), www.google.com), which allows us to measure and evaluate the use of the website (non-personal). Permanent cookies set by the service provider are also used for this purpose. We have configured the service so that visitors' IP addresses are shortened by Google in Europe before being forwarded to the United States and thus cannot be traced. We have turned off the "Data Forwarding" and "Signals" settings. Although it may be assumed that the information we share with Google is not personal data for Google, it is possible that Google may draw conclusions about the identity of users from this data for its own purposes, create personal data, and create an identity of visitors.

If the user has personally registered with the service provider, the service provider also acknowledges this. The processing of your personal data by the service provider is therefore under the responsibility of the service provider in accordance with its data protection provisions. The service provider only informs us about the use of our website (does not provide us with personal information).

20. Use of social media

A) Social plugins from Meta / Facebook, Instagram and Pinterest
Social buttons from social networks are used on our website. These are integrated into the page as links so that no connection is established with the servers of the respective provider when our website is accessed. If you click on one of the buttons (links), the website of the respective social network will open, where you can click on the "Like" or "Share" button, for example. The operator of the respective social network can register that you are on our website and where and can use this information for their purposes. The processing of your personal data is then the responsibility of this operator in accordance with its data protection provisions.

B) Our presence on Facebook, Instagram and Pinterest
Insofar as you have given your consent to the respective social media operator in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences on the social media mentioned above, from which user profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator as well as a contact option and your rights and settings options for protecting your privacy, please refer to the providers' data protection notices linked below.

Facebook: https://www.facebook.com/privacy/policy
Instagram: https://instagram.com/about/legal/privacy/
Pinterest: https://pinterest.com/about/privacy/

21. Meta Pixel, Custom Audiences and Conversion
Due to our legitimate interests in the analysis, optimisation and economic operation of our offer and for these purposes, the so-called "Meta Pixel" of the social network Meta is used on our website, which is operated by Meta Platforms, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA, or if you are resident in the EU by Meta Platforms, Inc ("Meta"), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Meta" and "Instagram").

Meta is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law.

With the help of the meta pixel, Meta is able to determine the visitors to our website as a target group for the display of advertisements (so-called "meta ads"). Accordingly, we use the meta pixel to display the meta ads placed by us only to those Meta users who have also shown an interest in our posts or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited) that we transmit to Meta (so-called "custom audiences").

With the help of the meta pixel, we also want to ensure that our meta ads correspond to the potential interest of users and are not annoying. With the help of the meta pixel, we can also track the effectiveness of the meta ads for statistical and market research purposes by seeing whether users have been redirected to our website after clicking on a meta ad (so-called "conversion").

Meta processes the data in accordance with the Meta Data Usage Policy. Accordingly, general information on the presentation of Meta Ads is set out in Meta's Data Usage Policy. Specific information and details about the Meta pixel and how it works can be found in the Meta pixel help section.

You can object to the collection by Meta Pixel and the use of your data to display Meta Ads. To set which types of advertisements are displayed to you within Meta, you can go to the page set up by Meta and follow the instructions on the settings for usage-based advertising. The settings are platform-independent, i.e. they are applied to all devices such as desktop computers or mobile devices.

22. Contact form and Newsletter

A) Contact form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

B) Newsletter
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.
After you have given your consent to the storage of the data, the e-mail address and its use for sending the newsletter, you can revoke this at any time, for example via the ""unsubscribe link"" in the newsletter.

23. Complaints
If you have any complaints about the way we process personal information, please contact us using the contact details provided below.
Should you be dissatisfied with our response to your complaint or should we fail to comply with your request, and should you also believe that our data processing may have violated data protection provisions, you may file a complaint with the FDPIC as set forth in Article 49(1) and (4) FADP using the contact details provided below.
In the event that you are a resident of an EU state you will be informed by us of the possibility of lodging a complaint with a supervisory authority and filing a judicial appeal against our decision , pursuant to Art. 12(4) GDPR.

24. International Users
Please note that we may transfer, store and process your personal information outside the country where you live, including the United States. Your personal information is also processed by staff and third-party service providers and partners in these countries.
If we transfer your personal information outside of Switzerland, we will rely on recognized transfer mechanisms such as contractual data protection clauses, which have been communicated to the FDPIC in advance, unless the data transfer takes place in one of the countries identified by the Federal Council that provide an adequate level of protection, in accordance with Article 16(1-2) FADP.

25. Contact data
Lookalike is the controller of your personal data. If you have any questions about our privacy practices or this Privacy Policy, or if you wish to exercise any of the rights available to you, please e-mail us at info@lookalike.ch, contact us at Lookalike SA, Viale Castagnola 27, 6900 Lugano, Switzerland, or contact us via the contact page on our website, available at https://lookalike.ch/pages/contact-us.
In addition, it is your right to:
- contact the FDPIC to report any personal data violations by the data controller, in accordance with Article 49 FADP;
- request advice from the FDPIC regarding the exercise of your data protection rights, in accordance with Article 58(1)(d) FADP.
The details of the Supervisory Authority are provided below:

Federal Data Protection and Information Commissioner ("FDPIC")
Feldeggweg 1
3003 Bern (CH)
https://www.edoeb.admin.ch/edoeb/de/home.html

26. Changes to this Privacy Policy
We may update this Privacy Policy from time to time, including to reflect changes in our practices or for other operational, legal or regulatory reasons. We will post the updated Privacy Policy on the Site, update the "Last Updated" date, and take any other steps required by applicable law.