Privacy Policy

DALU COSMETICS d.o.o., Slomškova ulica 8, 3215 Loče, Slovenia



DALU COSMETICS d.o.o. processes personal data in accordance with the Personal Data Protection Act (ZVOP-1) and the Regulation (EU) 2016/679 Of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation).

The controller of personal data entered on the website or obtained on the basis of this information, DALU COSMETICS d.o.o. The company does not perform profiling and the processing is carried out in such a way that traceability is ensured. To the extent that the controller processes personal data with contract processors, a processing contract will be concluded for this purpose in accordance with the requirements of current legislation.

The company would consider the following as a guide for the handling of personal data:

  • The processing is legal, fair and transparent. Information and messages relating to the processing of personal data are easily accessible and understandable to individuals, expressed in clear and simple language.
  • The information is collected for explicit and legitimate purposes and is not further processed in a manner incompatible with those purposes.
  • The minimum amount of data is processed, which means that personal data are suitable, relevant and limited to the purposes for which they are processed.
  • The information is accurate and, where necessary, up-to-date and measures are therefore envisaged and implemented to update it.
  • Data is only stored for as long as is necessary for the purposes for which it is being processed (storage limit).
  • The processing of personal data is carried out in such a way as to ensure their security, including protection against unauthorized or unlawful processing and malicious loss, destruction or damage. Appropriate technical and organizational measures are foreseen for this purpose.

The seller processes personal information on the following basis:

  • Consent – The data subject has consented to the processing of his or her personal data for one or more specific purposes. An individual can always revoke consent and revocation is as easy as consent itself. Consent is voluntary.
  • Processing is necessary for the performance of a contract to which the data subject is a contracting party or for the implementation of measures at the request of such an individual before the conclusion of the contract. For example, the address of the online subscriber to whom the goods are sent is processed.
  • Processing is required in order to fulfill the legal obligation imposed on the controller (eg data processing for account management).
  • Processing is necessary to protect the vital interests of the data subject or other natural persons (this basis will be very exceptional in the case).
  • Processing is necessary for the performance of a task in the public interest or in the exercise of public authority conferred on the controller.
  • Processing is necessary for the legitimate interests pursued by the controller or a third party, except where such interests outweigh the interests and fundamental rights and freedoms of the data subject, which requires the protection of personal data, in particular where the individual is a child. An example is direct marketing.

The consumer has the right, involving his personal data, to

  • transparency regarding his personal data (all information provided is in a concise, transparent, understandable and easily accessible form and in clear and simple language),
  • accessing or acquaintance with personal data,
  • correction,
  • erasure (right to forget)
  • restrictions on use
  • portability and
  • objection

For all information and requests regarding personal data, the authorized person of the company is available, available at the following e-mail address: The manager will answer your questions and requests without delay.

The personal information that the manager processes is as follows:

To conclude and execute a contract for the purchase or sale of goods and for delivery Name and surname of the buyer, products he ordered, payer’s address and delivery address, email address, username and password, telephone number, bank account, eventual cancellation, payment card number, credit card expiry date, credit card security code, purchase history. The information is retained during contracting and for two years after the delivery of the products.

For marketing services

Email, first and last name, age or date of birth, skin condition / skin type, skin concerns, contact information for friends and other people they want sent on their behalf (they must obtain their consent), information submitted by the customer (e.g. photos, product descriptions, articles, comments, questions …), information you provide to us through social networks when you visit our social networks (e.g. Fb, Instagram, Twitter …).
Error logs Mistake and link to the contract, customer name, address, email address, telephone number, bank account, payment card details.


A cookie is a file that stores the settings of a web page. The websites store cookies in users’ devices to access the Internet in order to identify the individual devices and settings that users have used in accessing. Cookies allow web pages to recognize if a user has already visited this site, and in advanced applications, they can adjust their individual settings accordingly.


Website cookie settings. Saving and managing cookies is under the complete control of a browser used by the user, which allows him to restrict or disable cookies if desired. The cookies that the browser has saved can also be easily deleted.


Domain Name Purpose Validity PHPSESSID A cookie allows you to save sessions between individual requirements within the content management system. Session moove_gdpr_popup A cookie serves to automatically detect whether or not you accept cookies. 1 year pll_language A cookie is used to differentiate the page language. 1 year _ga A cookie is used to distinguish unique users. 2 years _gat A cookie is used for analysis. Session _gid A cookie is used to distinguish unique users. 1 day


Domain Name Purpose Validity PHPSESSID A cookie is used to transcribe security restrictions based on the IP address of the visitor. 1 year,
NID A cookie contains a unique ID that Google uses to store your preferences and other information. 6 months


Most web browsers automatically accept cookies. You can turn off cookies in your browser settings. How:

If you turn off cookies, the web site might not work again anymore, and certain features will be disabled. By turning off all cookies by turning off the cookie, the browser will still receive certain information that is necessary for the basic operation of the website.