Privacy policy
Last updated: 6th of Julyย 2025
This Privacy Policy describes how Bitnana Lab collects, uses and shares your personal information when you use our service through [bitnanalab.com] or otherwise communicate with us. The data controller of your personal data is Maura Ricercato & Agnese Ricercato GbR. If you have any questions about this Privacy Policy or your data, please contact us at support@bitnanalab.com.
1. Collection of personal data
When you visit the website, we collect certain information about your device, your interaction with the website and information necessary to process your purchases. We also collect other information when you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as "personal data". Below you will find an overview of what personal data we collect and why.
Device information
Examples of personal data collected: Web browser version, IP address, time zone, cookie information, which websites or products you view, search terms and how you interact with the website.
Purpose of collection: to load the website correctly for you and to perform website usage analysis to optimize our website.
Collection source: Collected automatically when you visit our website using cookies, log files, web beacons, tags or pixels.
Sharing for business purposes: with our processors such as Shopify.
Order information
Examples of personal data collected: Name, billing address, shipping address, payment information (including credit card numbers), email address and phone number.
Purpose of Collection: to provide you with products or services, to fulfill our contract, to process your payment information, to arrange shipping and send you invoices and/or order confirmations, to communicate with you, to screen our orders for potential risk or fraud, and to provide you with information or advertising related to our products or services, if consistent with your preferences.
Collection source: Collected directly from you when you place an order.
Sharing for business purposes: with our processors such as Shopify and logistics partners for the delivery of the product.
Customer service information
Examples of personal data collected: Name, e-mail address, content of communication.
Purpose of collection: for customer service.
Source of collection: Collected directly from you.
Disclosure for business purposes: to our processors.
2. Use of personal data
We use your personal data to provide you with our services. This includes the following:ย to process and fulfill orders, communicate with you about your purchase, provide customer support, personalize your shopping experience, recommend products based on your preferences, prevent fraud and ensure website security, and to comply with legal obligations.
To enhance your experience and provide personalized skincare advice, our website features a chatbot that uses an external AI tool to analyze the information you choose to provide, including images of your skin and other personal details (such as age, skin concerns, and preferences). This analysis helps us recommend suitable skincare products and routines tailored to your individual needs. The image and data you submit are processed securely and only for the purpose of generating your skincare profile and recommendations. We rely on your explicit consent before collecting or processing this information, and we do not use it for any other purposes. We provide more information about this processing below.
3. Disclosure of personal data
We share your personal data with service providers who support us in providing our services. We share your personal data to the following categories of data recipients:ย
- Payment service providers
- Shipping and delivery partners
- Order management partners (e.g. Shopify)
- External service providers (e.g. hosting, chatbot providers)
- Marketing platforms/agencies for the optimization of the offer
We may also disclose your personal information to comply with applicable laws and regulations, to respond to subpoenas, search warrants or other lawful requests for information, or to protect our rights.
4. Cookies
We use cookies and similar technologies to improve your experience on our website, remember your preferences, and analyze site traffic. Cookies are small text files that are stored on your device and contain certain information, such as your preferences or session details. Some cookies are technically necessary for the website to function, while others help us analyze user behavior or provide personalized advertising.
You can manage your cookie settings at any time via your browser settings or by using our cookie consent tool [link to cookie banner/preferences]. Please note that disabling cookies may affect the functionality of our website.
Below you can find an overview of the cookies we use:
|
Cookie Name |
Provider |
Purpose |
Retention Period |
Type |
|
_session_id |
Shopify |
Stores session information |
2 weeks |
Functional |
|
_shopify_visit |
Shopify |
Statistical tracking of website visits |
30 minutes |
Analytics |
|
_shopify_uniq |
Shopify |
Counts visits per customer |
2 years |
Analytics |
|
cart |
Shopify |
Stores cart information |
2 weeks |
Functional |
|
secure_customer_sig |
Shopify |
Customer login security |
1 year |
Functional |
|
storefront_digest |
Shopify |
Customer login |
2 years |
Functional |
|
_ga |
Google Analytics |
User behavior analytics |
2 years |
Analytics |
|
_gid |
Google Analytics |
User behavior analytics |
24 hours |
Analytics |
|
_gat |
Google Analytics |
Throttles request rate |
1 minute |
Analytics |
|
_fbp |
Meta/Facebook |
Marketing tracking |
3 months |
Marketing |
|
_gcl_au |
Google Ads |
Conversion tracking |
3 months |
Marketing |
Note: This list may change in the future if new tools or services are introduced. We will update this Privacy Policy accordingly.
5. International data transmission
Your personal data may be processed outside the European Economic Area, including in Canada and the United States. If we transfer your data to countries that do not offer the same data protection standard as the EU, this is done on the basis of suitable guarantees in accordance with Art. 46 GDPR, in particular the standard contractual clauses adopted by the EU Commission.
6. Storage of personal data
We store your personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Your data is stored securely within the EU or with third-party providers that comply with GDPR and have adequate safeguards in place (e.g., Standard Contractual Clauses for international transfers).
7. Automated decision making
We do not use fully automated decision-making with legal effect or similar significant impact.
8. Your rights
If you are based in the EU, you have the right under the GDPR:
-
to information about the personal data that we have stored about you,
-
the correction of incorrect or incomplete data,
-
to the deletion of your data,
-
to restriction of processing,
-
to data portability,
-
to object to the processing and
-
to lodge a complaint with a data protection authority.
If you wish to exercise these rights, please contact us at support@bitnanalab.com.
9. AI-supported skin analyses (Renude)
We use an external service provider, Skin Glossary Ltd (trading as "Renude"), to provide AI-powered skin analysis and personalized skincare recommendations.
When using this service, personal data such as name, e-mail address, date of birth, facial images and the content of online communication (e.g. chat histories) may be collected and processed exclusively for the purpose of providing this service.
Skin Glossary Ltd acts as our processor on the basis of a formal data processing agreement and uses the data solely for the purposes described. Some anonymized data may be used to further develop the technology.
Data processing may take place outside the European Union, but is always carried out in accordance with the GDPR on the basis of suitable guarantees (e.g. standard contractual clauses in accordance with Art. 46 GDPR).
You can withdraw your consent to the use of this service at any time by contacting us at support@bitnanalab.com.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will post the updated version here with a new โEffective Dateโ at the top. Significant changes will be communicated to you directly if appropriate.ย
11. Contact
If you have any questions or complaints about our data protection practices, please contact us by e-mail at support@bitnanalab.com or in writing at
Bitnana Lab
Bahnhofstraรe 36
64367 Nieder-Ramstadt
Germany
