ToothLab™

1. About Us

This website is operated by ToothLab, a French company based in Lyon, France.

We design and sell personal oral-care devices online, including our UV-Clean retractable toothbrush.

ToothLab acts as the data controller under the EU General Data Protection Regulation (GDPR) and complies with the Australian Privacy Act 1988 for customers located in Australia.

For any questions regarding your personal information or this Privacy Policy, you can contact us at:

📧 support@toothlab.company.com

2. Information We Collect

We collect only the personal information necessary to process your orders and operate our business, including:

• 
  Contact details: name, email address, shipping address, phone number
  
• 
  Order details: products purchased, order value, currency, and date
  
• 
  Payment information: processed securely via third-party providers (Shopify Payments, PayPal, Stripe, etc.) — we do not store card numbers
  
• 
  Communication data: messages you send to our support team
  
• 
  Technical data: IP address, browser type, device, and browsing activity (via Shopify analytics and cookies)
  

We do not collect or store passwords since our website does not offer customer accounts.

3. How We Use Your Information

We use your information to:

• 
  Process, confirm, and deliver your orders
  
• 
  Send transactional emails (order confirmation, shipping updates)
  
• 
  Respond to your questions or support requests
  
• 
  Improve our website’s performance and user experience
  
• 
  Comply with tax, accounting, and consumer-protection obligations
  
• 
  Send marketing communications (only if you opt in)
  

We do not sell, rent, or trade your personal data.

4. Legal Bases for Processing

We rely on the following legal grounds to process your data:

• 
  Contractual necessity: to fulfill your purchase and provide customer service
  
• 
  Consent: for optional marketing communications
  
• 
  Legal obligation: to comply with EU and French tax or accounting laws
  
• 
  Legitimate interest: to prevent fraud and improve our services
  

5. Sharing Your Information

We only share your data with trusted third-party partners essential to running our store:

• 
  Shopify, Inc. — our e-commerce platform and data host
  
• 
  Payment processors — Shopify Payments, Stripe, PayPal, etc.
  
• 
  Shipping providers — La Poste, DHL, or local carriers
  
• 
  Analytics and marketing tools — Google Analytics, Meta (Facebook), or Klaviyo (for email campaigns)
  

These partners are bound by confidentiality and security agreements and are GDPR compliant.

6. Data Retention

We keep your personal information only as long as needed to:

• 
  Complete your orders and provide customer service
  
• 
  Comply with tax and legal obligations (typically 10 years for invoices in France)
  
• 
  Resolve disputes or enforce our rights
  

Once this period expires, your data is securely deleted or anonymized.

7. International Data Transfers

Because we use Shopify and third-party processors, your data may be transferred to servers located outside the European Economic Area or Australia (e.g., in Canada or the United States).

Whenever data is transferred internationally, we ensure that appropriate data protection safeguards are in place (such as Standard Contractual Clauses or equivalent measures approved under GDPR and the Australian Privacy Act).

8. Your Rights

Under GDPR and the Australian Privacy Act, you have the following rights:

• 
  Access: request a copy of the data we hold about you
  
• 
  Correction: update or rectify inaccurate data
  
• 
  Deletion: request deletion of your personal data (“right to be forgotten”)
  
• 
  Restriction: limit processing in specific cases
  
• 
  Portability: receive your data in a structured format
  
• 
  Objection: opt-out of certain processing, including marketing
  

To exercise your rights, contact us at support@toothlab.company.com

We will respond within 30 days.

9. Cookies and Analytics

We use cookies and similar technologies to:

• 
  Enable essential site functionality (shopping cart, checkout, currency conversion)
  
• 
  Analyze traffic and improve performance
  
• 
  Personalize marketing content (only if consented)
  

You can control or disable cookies directly from your browser settings.

For more details, please visit our Cookie Policy.

10. Marketing Communications

We only send promotional emails if you have explicitly opted in (for example, by subscribing to our newsletter).

You can unsubscribe anytime using the link provided in our emails or by contacting us.

11. Data Security

We use SSL encryption and industry-standard security measures to protect your information from unauthorized access, loss, or alteration.

However, no online platform can guarantee 100% security, and you share information at your own risk.

12. Minors

Our website is not intended for individuals under 16 years of age, and we do not knowingly collect data from minors.

If we learn that we have inadvertently collected such data, we will delete it promptly.

13. Updates to This Policy

We may update this Privacy Policy periodically to reflect new regulations or business changes.

Any updates will be posted on this page with a revised “Last updated” date.

14. Contact Us

If you have any questions, requests, or complaints about this policy, please contact:

📧 support@toothlab.company.com