Country

SHOPPING BAG

Your shopping bag is empty
Sign up today to unlock personalised skin and longevity tips, expert advice and exclusive offers, delivered straight to your inbox.

Privacy Policy

Last updated: May 9, 2025

This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from www.loya.com.

Personal information in this regard shall mean any information relating to an individual who can be identified, directly or indirectly.

SkyLab AG, registered under company number CHE-339.857.266, is the Data Controller responsible for the processing of personal data in the project LOYA. Our registered office is located at Route de la Corniche 6, Biopôle, 1066 Epalinges, Switzerland, contact us at  office@skylaboratory.ch  or call us at +41442174747.

At LOYA we are committed to protecting your personal data in accordance with the highest standards of privacy and data protection. We comply with the General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and the new Federal Act on Data Protection (nFADP) in Switzerland. Our data processing activities are designed to ensure that your personal data is processed lawfully, fairly, and transparently. We implement robust security measures, including Privacy by Design and Privacy by Default principles, to safeguard your data. We provide clear information about our data processing practices and obtain your explicit consent where required. In the event of a data breach, we promptly notify the relevant authorities, including the Information Commissioner's Office (ICO) in the UK and the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland. We also respect your rights to access, rectify, erase, and port your data, and to object to or restrict its processing. Our commitment to these regulations ensures that your data is handled with the utmost care and respect.


PERSONAL INFORMATION WE COLLECT AND SHARE


We collect and use your name and email address provided by you solely and independently for the purpose of registering in loyalty program, managing online store activities, to receive newsletters and feedback with you in the event of an email sent to us.

Our loyalty program is designed and powered by Smile.io platform. Smile collects your contact details, purchase history, and information collected through some cookies. The collected information is used to provide services and support users. Personal information is stored securely and retained until you leave the loyalty program sending request to contact email address given below. You can find Smile.io privacy statement here: https://smile.io/privacy-policy.

Smile integrates seamlessly with Shopify to power our online store. Shopify collects your contact, ordered goods, shipping address to create and manage your online orders. Shopify retains personal data for as long as providing services, complying with legal requirements, or for security and fraud prevention. Specifically, personal data is typically purged two years after a store becomes inactive.  As well as you can reach out directly to us via our contact email address given below and request that your personal data be deleted or that the processing be stopped. That your personal data deleted in Shopify will also be automatically deleted in Smile.io. You can read more about how Shopify uses your personal information here: https://www.shopify.com/legal/privacy.


All payments made on www.loya.com are processed by Shopify Payments is compliant with the Payment Card Industry Data Security Standard (PCI DSS). Shopify is certified as a Level 1 PCI DSS compliant service provider. This means that Shopify adheres to strict security standards to ensure secure processing of payment transactions. All payment data collected by Shopify Payments is not accessible to us.


For personalized email communication we use marketing platform Klaviyo.com integrated with Shopify. Klaviyo collects personal data from sign-up form like your email address, phone number, name and from Shopify platform like order data, customer actions, and other events. You can manage your subscription preferences, including opting out of communication, through preference centers linked in email. You can also request the deletion of personal data through contact email address given below. Klaviyo complies with major data protection regulations including GDPR. Privacy FAQs you can find here: https://www.klaviyo.com/legal/privacy-faqs.


We also offer service platform Haut.AI, AI-powered smart camera that provides personalized skincare assessments and recommendations and simulate how your skin will change over time with certain skincare products. Personal data collection includes images of face and derived information such as skin condition and perceived age. Haut.AI retains this data for as long as it is necessary to fulfill the purpose of providing the service. This means the data will be stored until you no longer need the service or request deletion. Haut.AI is owned by HautAI OÜ, based in Estonia, is responsible for ensuring that your personal data is processed in accordance with this Privacy Notice (Privacy Notice HautAI 06022024.docx) and applicable data protection laws, in particular with the General Data Processing Regulation (EU) 2016/679 (“GDPR”). 

We may also share your personal information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.

AUTOMATICALLY COLLECTED DATA


When you visit www.loya.com, we may automatically collect certain data through using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include a unique anonymous identifier.

  • “Log files” track actions occurring on www.loya.com, and collect data including your IP address, time zone, browser type, referring/exit pages, and date/time stamps.

  •  “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the www.loya.com.


The next categories of cookies may be effective: 

  • Functional cookies: Necessary for www.loya.com to function, these cookies do not store any personally identifiable information and cannot be switched off. 

  • Personalization cookies: Enhanced functionality and usability for users. 

  • Marketing cookies: Set by our advertising partners to create a profile of your interests and show you relevant ads.


We use Google Analytics to understand user behavior, improve user experience, and personalize advertising. Google Analytics complies with privacy laws such as GDPR and other regional regulations. 

We use a Consent Management Platform (CMP) to manage your preferences. You can grant, refuse, or withdraw consent at any time through our CMP.

You can control cookies using your web browser settings:

  • In Google Chrome: Settings -> Privacy and security 

  • In Edge: Settings -> Cookies and site permissions 

  • In Firefox: Settings -> Privacy and security

YOUR RIGHTS

You may be entitled to exercise some or all the following rights pertaining to your privacy and personal data processing, free of charge:

a. Right to Access: You have the right to request (i) confirmation of whether your personal data is being processed, (ii) access to your personal data, and (iii) copies of your personal data, including information on the purposes of the processing, the categories of data concerned, and the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period.

b. Right to Rectification: You can request the correction of inaccurate or incomplete personal data.

c. Right to Erasure: You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, if you withdraw your consent, or if the data has been unlawfully processed.

d. Right to Restrict Processing: You can request the restriction of processing your personal data under certain conditions, such as when you contest the accuracy of the data or object to the processing.

e. Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit those data to another controller without hindrance. Where technically feasible, you have the right to have the personal data transmitted directly from us to another controller.

f. Right to Object: You can object at any time to the processing of your personal data for direct marketing purposes or, based on grounds relating to your particular situation, to the processing of your personal data for other purposes.

g. Right to Avoid Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affect you.

h. Right to Lodge a Complaint: You have the right to take legal action in relation to any breach of your rights regarding the processing of your personal data and to lodge complaints before the competent data protection regulators, such as the Information Commissioner's Office (ICO) in the UK or the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland.


If you signed up for personalized skin, hair, and longevity tips and expert advice and no longer wish to receive our newsletter, you can opt out at any time by clicking the "Unsubscribe" link at the bottom of any of our emails.


CONTACT

For more information about our privacy practices, if you have questions, or if you would like to exercise your subject rights, please contact us by e-mail at office@skylaboratory.ch.

SkyLab AG has appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws and to ensure that your personal data is handled responsibly. Our DPO is responsible for monitoring our data protection practices, providing advice and guidance on data protection issues, and acting as a point of contact for data subjects and supervisory authorities. If you have any questions or concerns about how your data is being processed, or if you wish to exercise your rights, you can contact our DPO at office@skylaboratory.ch or call at +41442174747.

Privacy Policy

Last updated: May 9, 2025

This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from www.loya.com.

Personal information in this regard shall mean any information relating to an individual who can be identified, directly or indirectly.

SkyLab AG, registered under company number CHE-339.857.266, is the Data Controller responsible for the processing of personal data in the project LOYA. Our registered office is located at Route de la Corniche 6, Biopôle, 1066 Epalinges, Switzerland, contact us at  office@skylaboratory.ch  or call us at +41442174747.

At LOYA we are committed to protecting your personal data in accordance with the highest standards of privacy and data protection. We comply with the General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and the new Federal Act on Data Protection (nFADP) in Switzerland. Our data processing activities are designed to ensure that your personal data is processed lawfully, fairly, and transparently. We implement robust security measures, including Privacy by Design and Privacy by Default principles, to safeguard your data. We provide clear information about our data processing practices and obtain your explicit consent where required. In the event of a data breach, we promptly notify the relevant authorities, including the Information Commissioner's Office (ICO) in the UK and the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland. We also respect your rights to access, rectify, erase, and port your data, and to object to or restrict its processing. Our commitment to these regulations ensures that your data is handled with the utmost care and respect.


PERSONAL INFORMATION WE COLLECT AND SHARE


We collect and use your name and email address provided by you solely and independently for the purpose of registering in loyalty program, managing online store activities, to receive newsletters and feedback with you in the event of an email sent to us.

Our loyalty program is designed and powered by Smile.io platform. Smile collects your contact details, purchase history, and information collected through some cookies. The collected information is used to provide services and support users. Personal information is stored securely and retained until you leave the loyalty program sending request to contact email address given below. You can find Smile.io privacy statement here: https://smile.io/privacy-policy.

Smile integrates seamlessly with Shopify to power our online store. Shopify collects your contact, ordered goods, shipping address to create and manage your online orders. Shopify retains personal data for as long as providing services, complying with legal requirements, or for security and fraud prevention. Specifically, personal data is typically purged two years after a store becomes inactive.  As well as you can reach out directly to us via our contact email address given below and request that your personal data be deleted or that the processing be stopped. That your personal data deleted in Shopify will also be automatically deleted in Smile.io. You can read more about how Shopify uses your personal information here: https://www.shopify.com/legal/privacy.


All payments made on www.loya.com are processed by Shopify Payments is compliant with the Payment Card Industry Data Security Standard (PCI DSS). Shopify is certified as a Level 1 PCI DSS compliant service provider. This means that Shopify adheres to strict security standards to ensure secure processing of payment transactions. All payment data collected by Shopify Payments is not accessible to us.


For personalized email communication we use marketing platform Klaviyo.com integrated with Shopify. Klaviyo collects personal data from sign-up form like your email address, phone number, name and from Shopify platform like order data, customer actions, and other events. You can manage your subscription preferences, including opting out of communication, through preference centers linked in email. You can also request the deletion of personal data through contact email address given below. Klaviyo complies with major data protection regulations including GDPR. Privacy FAQs you can find here: https://www.klaviyo.com/legal/privacy-faqs.


We also offer service platform Haut.AI, AI-powered smart camera that provides personalized skincare assessments and recommendations and simulate how your skin will change over time with certain skincare products. Personal data collection includes images of face and derived information such as skin condition and perceived age. Haut.AI retains this data for as long as it is necessary to fulfill the purpose of providing the service. This means the data will be stored until you no longer need the service or request deletion. Haut.AI is owned by HautAI OÜ, based in Estonia, is responsible for ensuring that your personal data is processed in accordance with this Privacy Notice (Privacy Notice HautAI 06022024.docx) and applicable data protection laws, in particular with the General Data Processing Regulation (EU) 2016/679 (“GDPR”). 

We may also share your personal information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.

AUTOMATICALLY COLLECTED DATA


When you visit www.loya.com, we may automatically collect certain data through using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include a unique anonymous identifier.

  • “Log files” track actions occurring on www.loya.com, and collect data including your IP address, time zone, browser type, referring/exit pages, and date/time stamps.

  •  “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the www.loya.com.


The next categories of cookies may be effective: 

  • Functional cookies: Necessary for www.loya.com to function, these cookies do not store any personally identifiable information and cannot be switched off. 

  • Personalization cookies: Enhanced functionality and usability for users. 

  • Marketing cookies: Set by our advertising partners to create a profile of your interests and show you relevant ads.


We use Google Analytics to understand user behavior, improve user experience, and personalize advertising. Google Analytics complies with privacy laws such as GDPR and other regional regulations. 

We use a Consent Management Platform (CMP) to manage your preferences. You can grant, refuse, or withdraw consent at any time through our CMP.

You can control cookies using your web browser settings:

  • In Google Chrome: Settings -> Privacy and security 

  • In Edge: Settings -> Cookies and site permissions 

  • In Firefox: Settings -> Privacy and security

YOUR RIGHTS

You may be entitled to exercise some or all the following rights pertaining to your privacy and personal data processing, free of charge:

a. Right to Access: You have the right to request (i) confirmation of whether your personal data is being processed, (ii) access to your personal data, and (iii) copies of your personal data, including information on the purposes of the processing, the categories of data concerned, and the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period.

b. Right to Rectification: You can request the correction of inaccurate or incomplete personal data.

c. Right to Erasure: You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, if you withdraw your consent, or if the data has been unlawfully processed.

d. Right to Restrict Processing: You can request the restriction of processing your personal data under certain conditions, such as when you contest the accuracy of the data or object to the processing.

e. Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit those data to another controller without hindrance. Where technically feasible, you have the right to have the personal data transmitted directly from us to another controller.

f. Right to Object: You can object at any time to the processing of your personal data for direct marketing purposes or, based on grounds relating to your particular situation, to the processing of your personal data for other purposes.

g. Right to Avoid Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affect you.

h. Right to Lodge a Complaint: You have the right to take legal action in relation to any breach of your rights regarding the processing of your personal data and to lodge complaints before the competent data protection regulators, such as the Information Commissioner's Office (ICO) in the UK or the Federal Data Protection and Information Commissioner (FDPIC) in Switzerland.


If you signed up for personalized skin, hair, and longevity tips and expert advice and no longer wish to receive our newsletter, you can opt out at any time by clicking the "Unsubscribe" link at the bottom of any of our emails.


CONTACT

For more information about our privacy practices, if you have questions, or if you would like to exercise your subject rights, please contact us by e-mail at office@skylaboratory.ch.

SkyLab AG has appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws and to ensure that your personal data is handled responsibly. Our DPO is responsible for monitoring our data protection practices, providing advice and guidance on data protection issues, and acting as a point of contact for data subjects and supervisory authorities. If you have any questions or concerns about how your data is being processed, or if you wish to exercise your rights, you can contact our DPO at office@skylaboratory.ch or call at +41442174747.

AI face & hair diagnostic tool

Access Not Available

Join LOYALIFE Privé to unlock our clinically proven AI face & hair diagnostic tool for a truly personalised experience.

Skincare
Haircare
VISIT HOMEPAGE

SCAN THIS QR CODE TO TAKE A PHOTO
WITH YOUR SMARTPHONE

THE LOYA COMMUNITY

Follow us and stay connected with LOYA.

CONTACT US

Got questions? Reach out and we will get back to you.

LOYALIFE PRIVÉ

Join LOYALIFE Privé and earn rewards with every order.