Policy
Our Privacy Commitments
We believe privacy should be practical, comprehensible, and kind. This page explains how Dermalion Labs collects, uses, protects, and stores information across our website and services.
Compliance Statements
Compliance and Data Protection
At Dermalion Labs, we are committed to ensuring full compliance with all applicable laws and regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize the protection of your data and privacy, implementing industry-standard security measures to safeguard your personal information.
Data Collection and Usage
We collect, store, and process personal information strictly in accordance with legal requirements and ethical standards. Our data-handling practices are regularly reviewed to maintain compliance with evolving regulations and industry best practices.
Transparency and Accountability
Transparency is at the core of our operations. We clearly outline how your data is collected, used, and stored. Our policies reflect our ongoing efforts to maintain compliance and accountability.
User Rights and Choices
As part of our commitment to compliance, we respect your rights to access, update, and delete your personal information. You can request data modifications or removals by contacting us at dermalionlabs@gmail.com.
Details
Who we are. Dermalion Labs is a small-batch skincare studio focused on climate-smart textures for India. This policy applies to our website, communications, and related services.
What we collect. We may collect identifiers (name, email), device data (IP address, browser type), usage data (pages viewed, time on page), and limited purchase/fulfillment information when applicable. We do not intentionally collect sensitive categories unless you explicitly provide them.
How we obtain data. Information comes directly from you (when you write to us), automatically via cookies or similar tools, and from service providers that help us run the site (for analytics, hosting, or email delivery).
Legal bases (GDPR). We rely on one or more lawful bases: consent, performance of a contract, legitimate interests (such as site security and service improvement), and compliance with legal obligations.
How we use data. To respond to your messages, provide requested content, maintain security, measure performance, improve the site, and comply with applicable laws and regulations.
Retention. We keep personal data only as long as necessary for the purposes set out here, or as required by law. When data is no longer needed, we delete or anonymize it safely.
International transfers. Where data is moved outside your country, we take appropriate safeguards (such as standard contractual clauses) to protect it to an equivalent standard.
Security. We implement administrative, technical, and physical measures—access controls, encryption in transit, and regular reviews—to reduce risks of unauthorized access, alteration, or loss.
Cookies & similar technologies. We use strictly necessary cookies to run the site and optional analytics to understand usage patterns. You can adjust browser settings to manage cookies.
Third-party service providers. Vendors (hosting, analytics, email) process data on our instructions and under contracts that require confidentiality and appropriate security.
Children’s privacy. Our services are not directed to children under 13. If we learn we’ve collected personal information from a child, we will delete it promptly.
Changes to this policy. We may update this page to reflect changes in laws or our practices. We will adjust the “Effective date” above and, where appropriate, provide additional notice.
Contact. For privacy questions or to exercise your rights, email us at dermalionlabs@gmail.com. We aim to respond within a reasonable time.