Skip To Main Content

Customer Service

Lulus Privacy Policy

Last Updated: November 27, 2023

YOUR PRIVACY IS OUR PRIORITY

Only the Best

We use your data to give you
the best shopping experience!

Locked Up Tight

Protecting your data and privacy is-
important to us!

No Spam

You decide when and how you
hear from us. Unsubscribe anytime!

Clear Communication

Have a question about your data?
We're happy to answer!

Table of Contents
I) Introduction
II) Personal Information We Collect
III) Personal Information We Disclose
IV) Your Profile
VI) Security and Storage
VI) U.S. Privacy Rights
VII)EEA/UK/Switzerland/Canada Privacy Rights
I. Introduction

WHO WE ARE

Lulu’s Fashion Lounge, LLC, which is known as Lulus or Lulus.com, along with our representatives, officers, shareholders, subsidiaries, affiliates, parents, employees, and agents (collectively “Lulus” or “we” or “us” or “our”), respects your privacy and in this Privacy Policy (“Policy”) describes our current privacy practices concerning the collection and use of your personal information and your choices concerning our use and collection. This Policy applies to personal information we obtain from and about individuals interacting with any Lulus’ websites, mobile applications, social media sites, online advertisements, or other digital properties (collectively, the "Digital Properties" unless otherwise noted), as well as our products and services, and through other online and offline interactions.
Capitalized terms not defined in this Privacy Policy are defined in the Terms of Service on Lulus.com.

You may contact us regarding this Policy by emailing privacy@lulus.com or through the mail: Lulus, Attn: Privacy, 195 Humboldt Ave., Chico, CA 95928.


WHO YOU ARE

This Policy applies to information we obtain from and about individuals interacting with any Lulus’ Digital Properties, products and services. However, it does not apply to the following:

  • Information about our own employees, contractors, agents, and job applicants; or
  • Information about individuals that we collect in the context of business-to-business communications and transactions.

  • Under Lulus’ Terms of Service, you must be at least 18 years old and not a person barred from receiving services under the laws of the United States or other applicable jurisdictions to use our Digital Properties. Persons under the age of 18 should use our website only with the consent and supervision of your parents or guardian.

    We do not knowingly collect personally identifiable information from children under the age of 18. If you are under 18, please do not submit personal information to us or use the website.

    We may amend or change this Privacy Policy from time to time. Changes to the Privacy Policy will be posted to our Digital Properties.

    II. Personal Information We Collect

    To provide you with the full Lulus shopping experience, we collect and use your personal information in a number of different ways. We, and our service providers, may combine your personal information with other personal information we collect from you. Why we collect your information depends on how you interact with us. The tables below lists common uses of the data we collect. In addition, we may use your personal information for some or all of the following purposes:


  • To provide you products and services, such as providing and delivering you the goods and services you request, providing customer service; processing or fulfilling orders and transactions; verifying customer information; processing payments; communicating with you about your product, service or subscription; verifying eligibility for certain programs or benefits; responding to requests, complaints, and inquiries; and providing similar services or otherwise facilitating your relationship with us.
  • For our internal business purposes, such as maintaining or servicing accounts; operating our Digital Properties and customizing the content; maintaining internal business records; enforcing our policies and rules; organizational analysis; management reporting; managing Company assets and our global workforce; work planning, both administratively and organizationally (including work schedules); project management; auditing; maintaining records on business activities, such as accounting, commercial, procurement, document management and other similar activities; budgeting; real estate management; IT administration of our network, intranet, and other technologies; and IT security management and tasks.
  • For our internal research and product improvement purposes, such as verifying or maintaining the quality or safety of our products or services; improving our products or services; designing new products and services; evaluating the effectiveness of our advertising or marketing efforts; and debugging and repairing errors with our systems, networks, and equipment.
  • For legal, safety or security reasons, such as complying with legal requirements, processes, or orders; complying with reporting and similar requirements; complying with government inspections and other requests from government or other public authorities; pursuing legal rights and remedies; investigating and responding to claims against the Company and its customers and employees; protecting our employees, our customers’, and other individuals’ safety, property or rights; addressing security and health and safety issues (including managing spread of communicable diseases) and malicious, deceptive, fraudulent, or illegal activity; and receiving legal advice or approval.
  • In connection with a corporate transaction, such as if we acquire, or some or all of our assets are acquired by, another entity, including through a sale in connection with bankruptcy and other forms of corporate change.
  • For marketing and targeted advertising, such as marketing our products or services or those of our affiliates, business partners, or other third parties (for purposes of this paragraph alone, “we’” or ”our” includes our affiliates, business partners, or other third parties we may be working with to provide marketing). For example, we may use personal information we collect to personalize advertising to you on this website or others, to analyze interactions with our email communications or website areas viewed, to develop product, brand or services audiences (including by identifying you across devices/sites) to better target our advertising to you, or to send you newsletters, surveys, questionnaires, promotions, or information about events or webinars. You can unsubscribe to our email marketing via the link at the bottom of any Lulus email or by contacting us using the information in the Who We Are section above.

  • A. Lulus Digital Properties

    When you use Lulus digital properties, such as our website or mobile app, or contact customer service via the Lulus website, we may collect the information described below.


    YOUR NAME AND CONTACT DETAILS

    If you create a Lulus account or place an order with us, we collect your name and contact details, such as your email address, shipping addresses, and phone number. We also collect your email address if you enter it on our website to join our mailing list, sign-up for our Love Rewards Loyalty Program (“Love Rewards”) or participate in our Refer-a-Friend Program.


    Information Collected Why?
    Name
    • For shipment or billing details
    • When you create an account or place an order
    • To personalize your contact or website experiences
    • To prevent and detect fraud against either you or Lulus
    Email
    • To send updates about your order
    • When you create an account or place an order
    • To contact you regarding issues around your order, experience, contests entered, or requested product information
    • To update you on items in your cart or on a waitlist
    • To keep you up to date about Lulus products, promotions, and Love Rewards (if a member). We will only send you these promotional emails if you have opted-in to receiving them, and you can unsubscribe at any time – just use the “unsubscribe” link at the bottom of any Lulus email
    • To prevent and detect fraud against either you or Lulus
    • To communicate about your participation in the Refer a Friend Program (if applicable)
    • To personalize your browsing experience, to send or show you relevant products, promotions or services from Lulus as you engage with us
    Phone Number
    • To contact you for urgent issues surrounding your order
    • To prevent and detect fraud against either you or Lulus
    • To support you as a customer when requested
    • If you opt into SMS messaging, to send you SMS messages about your order and/or for marketing purposes
    Shipping Address(es)
    • To complete the shipment of your order
    • To determine applicable shipping restrictions, charges, taxes, and duties
    • To prevent and detect fraud against either you or Lulus
    • To allow us to understand and improve the experience for users like you
    • To determine Love Rewards eligibility
    • To send you invitations to local events and focus groups, where applicable, if you are subscribed to our promotional emails
    YOUR DATE OF BIRTH INFORMATION
    Information Collected Why?
    Birthday
    • To prevent and detect fraud against either you or Lulus
    • To send you personalized offers and promotions, if you are subscribed to our promotional emails
    • To send a birthday gift under Love Rewards, if you are a member
    Birth Year
    • To improve and personalize your shopping experience
    YOUR PAYMENT INFORMATION

    When you place an order, we require payment information. When you enter your payment information (credit card number, expiration date, and CVV code) it is sent directly to a secure third-party credit card processing center. Lulus does not store any full credit card or third party payment information. We do store billing addresses, generic payment type, and, if you opt in, the last four digits of your credit card for your convenience during the ordering process.


    Information Collected Why?
    Billing Address
    • Our payment partners require this information to process an order
    • To prevent and detect fraud against either you or Lulus
    Generic Payment Type
    • To give reference for support issues
    • To alert you when we detect or are verifying fraudulent activity
    • To allow us to understand and improve the experience for users like you
    Last Four Digits of Credit Card
    • To provide convenience for you when you choose to order again
    YOUR CONTACT HISTORY WITH US

    What you’ve said to us — for example, over the phone, on email, or on live chat.


    Information Collected Why?
    Email Correspondence
    • To respond to your requests to make sure you receive great customer service and ensure that any and all concerns or issues have been addressed
    • For a historic record of your contacts to save time during your inquiries
    • To ensure issues and questions you raised are proactively addressed for other customers
    • To train our staff to ensure the best experience possible for all customers who contact us
    Phone Correspondence
    • To respond to your requests to make sure you receive great customer service and ensure that any and all concerns or issues have been addressed
    • To train our staff to ensure the best experience possible for all customers who contact us
    Live Chat/SMS Text Correspondence
    • To respond to your requests to make sure you receive great customer service and ensure that any and all concerns or issues have been addressed
    • For a historic record of your contacts to save time during your inquiries
    • To train our staff to ensure the best experience possible for all customers who contact us
    Correspondence and Engagement through our Social Media Accounts
    • To respond to your requests to make sure you receive great customer service and ensure that any and all concerns or issues have been addressed
    • To ensure issues and questions you raised are proactively addressed for other customers
    • To engage with users and customers regarding our products, brand, social posts, and pop culture moments
    • To measure customer sentiment towards brand and products
    • To assess trends within communications with users regarding products and brand sentiment
    • To assess the success of marketing efforts and campaigns
    • To measure success and make sure accounts are meeting yearly and quarterly KPI goals
    Survey or Site Feedback
    • To respond to your requests to make sure you receive great customer service and ensure that any and all concerns or issues have been addressed
    • To improve the experience for you and other users
    PURCHASE AND PRODUCT FEEDBACK HISTORY AND SAVED PRODUCTS

    What you’ve bought, what’s in your shopping cart, what’s on your wishlist, and your loves (favorite items you’ve identified by clicking the Lulus heart)


    Information Collected Why?
    Purchased Items, including Prior Purchases, Returns, and Exchanges
    • To fulfill and ship your order as requested
    • To allow you to return and review delivered items
    • To tailor your experience around your interests
    • To improve our product selection and experience for you and other users
    • To help our buyers make sure we have the best items in stock for you and other customers
    • To prevent and detect fraud against either you or Lulus
    • If you have a Love Rewards account, to track or adjust your points and determine your tier status within the Love Rewards program
    Items Added to Your Cart
    • To allow your order to be completed smoothly when you’re ready to check out
    • To update you on items in your cart, including low quantity or sale status
    • To tailor your experience around your interests
    Items You Have Saved (by adding to your wishlist, saving for later, adding to your love list, and/or requesting to be added to a waitlist)
    • To allow you to save, organize, recall, and share items you’ve selected
    • To allow us to personalize product recommendations toward your interests
    • To notify you when an item is back in stock
    Reviewed Items (including written comments, ratings, and photos)
    • To better inform other customers about the pros and cons of a product
    • To provide feedback on fit based on various physical attributes (eg: height, weight, body type, etc.)
    • To help others see what our clothing looks like in real life
    • To improve our products in the future
    • To enter you into our monthly Wear. Write. Win. Giveaway
    INFORMATION ABOUT YOUR DEVICE TYPE, AND HOW YOU USE OUR WEBSITE

    We automatically receive and record information from your browser or device when you visit our site, including your IP address and device type (i.e. computer, tablet, or smartphone), cookies, and data about which pages you visit. This information is stored in log files and is collected automatically. We use this information for a range of purposes, including targeted advertising, analytics, and other functions. This information is stored in log files and is collected automatically. We may combine this information with other personal information we collect about you. Additional information related to cookies and online trackers are further fully described in our Cookie Policy.


    Information Collected Why?
    IP Address
    • To ensure the security of our website and determine, on an anonymous basis, where our customers are located
    • To prevent and detect fraud against either you or Lulus
    • To determine Love Rewards eligibility.
    • To provide an optimal experience when you contact our Customer Service team
    Device Type
    • To improve the experience for you and other users like you
    • To resolve customer issues that center around devices, operating systems, or browsers used
    • To prevent and detect fraud against either you or Lulus and to keep your data secure
    Page Visit History
    • To improve the experience for you and other users like you
    • To respond to and resolve any customer issues based on a specific page or page type
    Cookies and Other Information Collected through Tracking Technologies (First and Third Party)
    • To provide you with Lulus advertising, including across your devices
    • To provide you with a personalized shopping experience and ensure our product recommendations are relevant to you
    • For analytics and other purposes described in our Cookie Policy
    Unique Device ID
    • For mobile application users, we may collect the Unique Device ID to provide you with a personalized shopping experience and to synch with your online account
    Location Information
    • We also may infer your location, for example by using your IP address
    • In order to improve the experience for you and users like you.
    • To determine, on an anonymous basis, where our customers are located
    • To prevent and detect fraud against either you or Lulus
    SPECIFIC DETAILS ABOUT YOU

    You may enter some specific details about yourself to help other customers or for personalization towards yourself. We collect body information related to fit measurements and photographs for product representations. You can choose to enter your fit details (height, body type, weight, and measurements) in your profile or as part of leaving product reviews for other customers. There are a few ways we might have your photographs: if you post a photograph review, if you participate in a Lulus-sponsored photography contest or giveaway on social media, if you accepted our request to use your photo from a third-party site (like Instagram), or if you send a photograph to us as part of a customer service request.


    Information Collected Why?
    Uploaded Photos
    • To help other customers see what our clothing looks like on actual customers
    • To offer other customers the products and shopping experience most relevant to them
    • To showcase styling ideas and product fit from other customers
    Your Fit Details
    • To help us better suggest products and sizes for you
    • To help other customers better understand how products may fit them
    • To help our buyers keep the best items in stock for you and other customers
    • To help our customer service representatives guide you to the correct size
    YOUR PUBLIC REVIEWS AND BLOG COMMENTS

    We allow our customers to provide public feedback in the form of reviews about our website and comments on our blog posts. Please remember that any information that you disclose on public portions of the website, such as the reviews and blog comments, are not private and may be viewed (and potentially shared) on the Lulus.com and beyond. Please use caution when deciding to disclose your personal information in the public portions of our website. In addition, we may read, collect, or respond to reviews about Lulus or Lulus products on third party websites.


    Information Collected Why?
    Product Reviews
    • To improve the experience for you and other users like you
    • To respond to your requests and ensure you receive great customer service
    • To enter you into our Wear.Write.Win monthly giveaway. See Wear.Write.Win Giveaway Rules
    • For any reason identified in our Terms of Service, which you agree to when you post a review
    Blog Comments
    • To provide feedback based on your communications
    • To allow us to reference contest entries
    Public Reviews on Third Party Websites (i.e. Trustpilot)
    • To make sure you receive great customer service and ensure that any and all concerns or issues have been addressed
    • To ensure issues and questions you raised are proactively addressed for other customers
    B. Physical Locations

    When you visit our physical locations, such as a retail store or pop-up shop, we may collect the following information.


    RETAIL STORE SERVICES

    In our retail store, you can engage with our associates and/or stylists, make event appointments, sign-up for services or promotions. We may request your personal information to provide you these services, or to send you personalized recommendations or promotions you have signed up to receive.


    Information Collected Why?
    Name
    • To complete your purchase in our stores
    • To prepare for, or manage, your event appointment
    • To contact you regarding your experience in our store or in reference to your event appointment
    • To send you personalized recommendations and promotions if you have opted in to receive them
    Last Four Digits of Credit Card
    • To complete your purchase in our stores
    Email Address
    • To prepare for, or manage, your event appointment
    • To contact you regarding your experience in our store or in reference your event appointment
    • To send you a receipt of your purchase if you opt in to receive it via email
    • To send you personalized recommendations and promotions if you have opted in to receive them
    Phone Number
    • To prepare for, or manage, your event appointment
    • To send you a receipt of your purchase if you opt in to receive it via text message
    • To contact you regarding your experience in our store or in reference your event appointment
    • To send you personalized recommendations and promotions if you have opted in to receive them
    Style Preferences
    • To prepare for, or manage, your event appointment
    • To provide you services if you engage with our in store experiences, or work with a stylist
    Details about your event
    • To prepare for, or manage, your event appointment
    • To provide you services if you engage with our in store experiences, or work with a stylist
    Video of you (without audio)
    • To ensure the security of you and our employees in our stores
    • To prevent theft and help detect fraud
    Mobile Device Type and Device Name
    • If you access the guest wifi when in our retail store to ensure the security of our systems
    III. Personal Information We Disclose

    We may disclose personal information to third parties, who may disclose it to their subprocessors, i including the categories of recipients described below:

    A. Affiliates and subsidiaries, including parent entities, corporate affiliates, subsidiaries, business units, and other companies that share common ownership.

    B. Service providers that work on our behalf to provide the products and services you request or support our relationship with you, such as IT providers, internet service providers, web hosting providers, data analytics providers, and companies that provide business support services, financial administration, or event organization.

    C. Professional consultants, such as accountants, lawyers, financial advisors, and audit firms.

    D. Vendors necessary to complete transactions you request, such as shipping companies and logistics providers.

    E. Law enforcement, government agencies, and other recipients for legal, security, or safety purposes, such as when we share information to comply with law or legal requirements, to enforce or apply our Terms of Service and other agreements or policies, and to protect ours, our customers’, or third parties' safety, property, or rights.

    F. To other entities in connection with a corporate transaction, such as if we, or some or all of our assets, are acquired by another entity, including through a sale in connection with bankruptcy or other forms of corporate change.

    G. Business partners that can use personal information for their own purposes, such as companies that operate cookies and other tracking technologies, social media companies, data brokers, and other business partners for their own marketing, research, or analytics purposes. Where required by law, we will obtain your consent prior to disclosing your personal H. information to our business partners. Where recipients use your personal information for their own purposes independently from us, we are not responsible for their privacy practices or personal information processing policies. You should consult the privacy notices of those third-party services for details on their practices.

    H. Entities to which you have consented to the disclosure. Where possible, Lulus may also share anonymized demographic information about our website visitors with vendors.

    V. Security and Storage
    HOW WE PROTECT YOUR INFORMATION

    We take commercially reasonable steps to safeguard and deter unauthorized access to your information. Lulus complies with the Payment Card Industry Data Security Standard (PCI DSS). This means that when we collect or transmit sensitive information such as a credit or debit card number, we use industry-standard methods to protect that information.

    Although we take reasonable measures to safeguard against unauthorized disclosures of your information, no e-commerce platform, website, electronic database or system is completely secure.

    HOW WE STORE YOUR INFORMATION

    Unless you have exercised one of your rights listed in this Policy, Lulus will retain your information for as long as is necessary for our legitimate business purposes. This includes retaining your information to provide you with the products or services you have requested and interact with you; maintain our business relationship with you; improve our business over time; ensure the ongoing legality, safety and security of our services and relationships; or otherwise in accordance with our internal retention procedures. Once you have terminated your relationship with us, we may retain your information in our systems and records in order to ensure adequate fulfillment of surviving provisions in terminated contracts; for other legitimate business purposes, such as to demonstrate our business practices and contractual obligations or provide you with information about our products and services in case of interest; or otherwise in accordance with our internal retention procedures. Lulus will always retain data to the extent necessary to comply with our legal and financial obligations (for example, to satisfy our auditors, to comply with applicable tax/revenue laws, to enforce our agreements, and as otherwise described in this policy) If you would like to know more about the retention periods applicable to your personal information, you can contact us using details provided in the Who We Are section above.

    WHERE WE ARE LOCATED

    Lulus is located in the United States, and we primarily store your information in the United States. By using our website and/or providing us with information, you understand that your personal information may be transferred to and stored in the United States. For customers in the European Economic Area (“EEA”), United Kingdom (“UK”), Switzerland or Canada, see the EEA/UK/Switzerland/Canada Privacy Rights section below for more details on our processing of your personal information and your rights.

    At times, we may transfer your personal information outside of the United States, in which case we take reasonable steps to make sure your personal information continues to be appropriately protected. However, no data transfer system is completely secure.

    Lulus.com contains links to other websites. Other websites we link to include social platforms. We also use third-party plug-ins in certain places on our website. For example, when you click on an icon on the Lulus website to share our products on a third party social platform, you are also loading content from that third-party site. That site may request cookies directly from your browser. These interactions are subject to the privacy policy and terms of service of the third-party site, not ours. We are not responsible for the privacy practices or the content of such services. We do not make any representations regarding the policies or practices of third parties. When you use third-party sites or services, their own terms and privacy policies will govern your use of those sites or services. We encourage you to read the privacy policies of third parties before disclosing personal information to them. For the purposes of EEA and UK law, these third parties are independent controllers of data.

    VI. U.S. Privacy Rights

    Depending on the state in the United States within which you reside, you may have certain rights regarding your personal information, subject to legal limitations. In addition to the disclosures above, this section also provides supplemental information about how we process your personal information, as further described in subsection G below.

    A. Request to Know / Request to Delete / Request to Correct

    Request to Know

    You may have the right to request that we disclose certain information to you about our collection, use, disclosure, and sale of your personal information. Subject to legal limitations, if you submit a Request to Know, for each category of personal information listed in the Information We Collect section above, we will provide:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting that personal information.
  • The categories of third parties with whom we disclose, sell, or share that personal information.

  • You may also have the right to request that we disclose the specific pieces of personal information we collected about you. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The specific pieces of personal information Lulus has retained about you.

  • Request to Delete

    You may have the right to request that we delete personal information that we collected from you and retained, with certain exceptions.


    Request to Correct

    You may have the right to request that we correct inaccurate personal information that we maintain about you, with certain exceptions.


    How to Submit a Request to Know / Request to Delete / Request to Correct

    If you have an account with Lulus, you can make a request to delete or know in your account profile by clicking on the “See My Data” or “Delete My Data” tools. A request to delete through this tool will delete your Lulus account profile.

    If you do not have an account with Lulus, you can make requests by going to https://www.lulus.com/mydata, entering your email address and selecting the “Delete My Data” or “See My Data” tools.

    If you received a referral coupon via email and do not have a Lulus account, please email privacy@lulus.com to request removal of your email address from the Refer a Friend program.

    You can also submit verified consumer requests by calling our toll free number (1-866-918-5858) or by emailing privacy@lulus.com. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your request.

    B. Right to Opt-Out

    You may have a right to opt out of (i) the sale or sharing of your personal information and/or (ii) targeted advertising. While Lulus does not sell your personal information to any other retailers for money, we engage in certain routine practices that may be considered a “sale” or “sharing” under applicable law. For example, our website integrates tracking technologies of trusted advertising partners (third-party companies) that allow the recognition of your device and the collection of information about your browsing activity in order to provide advertisements about goods and services likely to be of greater interest to you. In particular, these partners collect information about your activity on Lulus to enable us to show advertisements for our products and/or services to you on third-party websites and apps. For additional instructions to disable the use of tracking technologies on your specific browser, please see our Cookie Policy.

    In order to fully exercise the Right to Opt Out, you must undertake both of the following steps:

    (1) Click the “Do Not Sell or Share My Personal Info” link on the bottom of our website; and

    (2) Enter your email address, check the reCAPTCHA checkbox, and click “Do Not Sell or Share My Personal Info” to complete the request to opt out.

    To the extent required by law, we will honor opt-out preference signals, such as Global Privacy Control (GPC), sent in a format commonly used and recognized by businesses, such as an HTTP header field or JavaScript object. We will process opt-out preference signals at the browser level.
    • If you change browsers or devices, you must complete these steps on our website from each browser and on each device that you use.
    • If you block cookies using your browser, we may be unable to comply with your request to opt out of sales/sharing/targeting with respect to device data that we automatically collect and disclose to third parties online using cookies, pixels, and other tracking technologies.
    • If you clear cookies, you will need to submit another request to opt-out on each browser and on each device where you have cleared cookies.

    Nevada Residents: Please contact us at the information above to inquire about your right to opt out of the sale of your personal information.

    C. Authorized Agent
    Authorized agents may submit requests on your behalf by submitting a request using the methods described above and indicating that they are submitting the request as an agent. However, we will require written proof of the agent’s permission to do so and verify your identity directly.
    D. Right to Non-Discrimination

    You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights. We will never discriminate against you for exercising your privacy rights. However, there are certain functions of our website and mobile application that are only available to account holders, such as wishlists, “loves,” online credit, certain promotions, and our loyalty program.

    E. Appeals

    If we deny your rights request, you may have the right to appeal. To submit an appeal, contact us at privacy@lulus.com.

    F. Additional Data Processing Disclosures

    Although we have not "sold" personal information for money in the past 12 months, we engage in routine practices involving third parties that could be considered a "sale" or “sharing” as defined under applicable law. We do not knowingly sell or share any personal information of minors under the age of 18.

    Below please find a chart detailing the categories of personal information we collected and with whom it was sold/shared or disclosed for a business purpose in the past 12 months.

    Categories of Personal Information we Collect Categories of Third Parties to Whom We disclose Personal Information for a Business Purpose Categories of Third Parties to Whom Personal Information is Sold or Shared
    Identifiers, Such as your name, email address, phone number, billing address, shipping address, and IP address
    • Service Providers (including their sub processors if applicable)
    • Vendors
    • In connection with a corporate transaction
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    • Advertisers, ad platforms and networks, and social media platforms;
    • Third parties whose cookie and tracking tools we use as described in our Cookie Policy;
    • Commercial data partners to whom we make information available for their own marketing purposes; and
    • Partners who work with us on promotional or sponsorship opportunities available through our Services, including co-branded products and services
    Personal information subject to the California Customers Records Act, such as your date of birth and a physical description of you, such as your fit details.
    • Service providers (including their sub processors if applicable)
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    • Third parties whose cookie and tracking tools we use as described in our Cookie Policy;
    Characteristics of protected classifications under California or federal law, such as your gender.
    • Service providers (including their sub processors if applicable)
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    None
    Commercial information, such as your payment information, purchase history, product feedback history, saved products, and details about your content history with us, such as through email or phone correspondence, live chat logs, survey or site feedback and shipping or delivery details.
    • Service providers (including their sub processors if applicable)
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    • Advertisers, ad platforms and networks, and social media platforms;
    • Third parties whose cookie and tracking tools we use as described in our Cookie Policy;
    • Partners who work with us on promotional or sponsorship opportunities available through our Services, including co-branded products and services
    Internet or other electronic network activity, such as your device type, page visit history, identification cookies, unique device ID.
    • Service providers (including their sub processors if applicable)
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    • Advertisers, ad platforms and networks, and social media platforms;
    • Third parties whose cookie and tracking tools we use as described in our Cookie Policy;
    Geolocation data, such as general location information derived from your IP address.
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    • Third parties whose cookie and tracking tools we use as described in our Cookie Policy;
    Audio, electronic, visual, or other sensory information, such as photos you have uploaded to the Lulus website.
    • Advertisers, ad platforms and networks, and social media platforms;
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    None
    Inferences, drawn from any of the information we collect to assess the level of interest in our products and services based on frequency of visits and contact and determine your preferred frequency for receiving offers.
    • Service providers (including their subprocessors if applicable)
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    • Advertisers, ad platforms and networks, and social media platforms;
    • Third parties whose cookie and tracking tools we use as described in our Cookie Policy;
    Sensitive Personal Information, such as your social security number or information about your health.
    • To third parties as necessary to comply with legal process, respond to legal claims, enforce this Privacy Policy or the Terms, or protect the rights, property, or personal safety of Lulus, website users, or the public
    None
    G. Sensitive Personal Information

    We do not collect or disclose Sensitive Personal Information for any purpose other than those specified below:

    • To perform the services or provide goods reasonably expected by an average consumer;
    • To prevent, detect, and investigate security incidents;
    • To resist malicious, deceptive, fraudulent, or illegal actions directed at the business or to prosecute those responsible for those actions;
    • To ensure the physical safety of individuals;
    • For short-term, transient use, including non-personalized advertising;
    • To verify or maintain the quality or safety of a service or device; or
    • To comply with a legal obligation or to exercise or defend legal claims.
    H. Financial Incentives

    These additional disclosures apply only to individuals who reside in California as required by the California Consumer Privacy Act (“CCPA”) and Colorado as required by the Colorado Privacy Act (“CPA”). We offer incentives to customers that involve the sharing of personal information with us. The personal information collected and retained by us in operating these programs is described in this Privacy Policy, and includes your name and contact details, your date of birth information, your payment information, your contact history with us, your purchase and product feedback history, additional details about you, information about your device type and how you use our website, your public reviews and blog comments and inferences from data and other personal information we may collect in connection with your interaction with our service and/or participation in any of our promotional programs. We may share this information with our affiliates and subsidiaries, service providers, professional consultants, and vendors necessary to complete transactions that you request, and as otherwise described in this Privacy Policy. We do not sell or share your personal information with Data Brokers, as defined by the CPA.

    Benefits provided through our promotional programs may be deemed a “financial incentive” (e.g., promotional goods) and/or a different price or rate for goods or services or a different level or quality of goods or services (e.g., discounts, coupons, other promotions) under the CCPA and CPA. We currently offer the following promotional programs in connection with the collection and retention of personal information:

    We treat the value of your Personal Information collected through our promotional programs as equivalent to the value of the benefit provided to you through the program. We calculate the value based on our costs.

    Participation in our promotional programs is always optional, and you can terminate program participation at any time as explained in applicable program terms. You can also contact us at privacy@lulus.com to unsubscribe or cancel your participation.

    I. California Shine the Light

    California Civil Code Section 1798.83 permits customers of Lulus who are California residents to request certain information regarding its disclosure of personally identifiable information to third parties for their direct marketing purposes. However, at this time we do not share any of your personally identifiable information with third parties for their direct marketing purposes.

    VII. EEA/UK/Switzerland/Canada Privacy Rights
    A. Data Controller

    For our customers in the European Economic Area (“EEA”), United Kingdom (“UK”), Switzerland or Canada, Lulu’s Fashion Lounge, LLC is the data controller – the company responsible for your personal information.

    B. Representative in the EU

    Lulus has designated McDermott Will & Emery Belgium LLP as its representative in the EU, whose registered address is at Avenue des Nerviens 9-31, 1040 Brussels, Belgium. For all EU GDPR related issues, you can contact our representative office by post at their registered address or email at Lulus-eu-representative@mwe.com. We recommend you use the email channel for time-saving reasons.

    C. Representative in the UK

    Lulus has designated McDermott Will & Emery UK LLP as its representative in the UK. For all UK GDPR related issues, you can contact our representative office by email at Lulus-uk-representative@mwe.com.

    D. Legal Bases for Processing

    When you access or use our Digital Properties, we collect, use, and otherwise process your personal information as described in this Policy. We rely on a number of legal bases to use your information:

    • As necessary to perform a contract with you or to take steps in preparation for a contract with you, including enabling you to make a purchase from us;
    • Because you have consented to the processing, such as for receiving marketing messages or third-party data sharing related to advertising;
    • As necessary to comply with a legal obligation, a court order, or to exercise or defend legal claims;
    • As necessary for the purposes of our or a third party’s legitimate interests;
    • As necessary to protect your vital interests, or those of others.

    Here are some of our legitimate interests for collecting and processing your personal information:

    • Detecting and preventing fraud: We have a legitimate interest in detecting and preventing fraud. To do so, it is necessary that we collect and retain information about each transaction made at Lulus. Our auditors require that we keep this information so they can verify that all transactions recorded by Lulus were made by real customers. The credit card companies we work with require this information in the event that fraudulent charges are made using your credit card.
    • Providing access to and improving Lulus.com: We may use your information to improve and customize our website, including sharing of your information for such purposes, and this is necessary to pursue our legitimate interests of improving our website and our products. This is also necessary to enable us to pursue our legitimate interest in understanding how our website is being used, and to develop and expand our customer base. It is also necessary to allow us to pursue our legitimate interest in improving our website’s functionality and in obtaining insights into what our customers and potential customers want.
    • Providing access to and improving our customer service: We may use your information to provide you with customer service, and also to improve the service we provide to all customers. This is necessary for us to pursue our legitimate interest in providing great customer service.
    • Improving our product offerings: We may use your information to improve the products offered at Lulus, and to inform our buying team so they can provide you and our other customers with a great selection of products. This is necessary for us to pursue our legitimate interest in being your destination for affordable luxury.
    • Keeping our website and your data secure: We have a legitimate interest in ensuring the security of our website, including enhancing protection of our company and our customers against spam, harassment, intellectual property infringement, crime, and security risks of all kinds.
    E. Your EEA/UK/Switzerland/Canada Privacy Rights

    If you reside in the EEA, UK, Switzerland or Canada, and you shopped on our website aimed at these markets, you have the following rights, subject to conditions provided in applicable data protection laws:

    a)data access and portability (including the right to obtain a copy of your personal information, some of which is available through your account profile, and receive it in a structured, commonly used and machine-readable format);

    b) data correction (including the ability to update your personal information, much of which you can change directly using your account settings);

    c) data deletion (including the right to have Lulus delete your personal information, except information we are required by law to retain, or as otherwise provided by applicable data protection laws);

    d) withdrawal of consent (when we rely on your consent to process your information, such as for our marketing emails you are free to refuse to give it. If you have given your consent, you may withdraw it at any time without any adverse consequences. The lawfulness of any processing of your personal information that occurred prior to the withdrawal of your consent will not be affected);

    e) objection to processing (when our processing is based on legitimate interests; this includes, in limited circumstances, the right to ask Lulus to stop processing your personal data, including for direct marketing purposes); and

    f) restrict processing of your personal information in certain circumstances.

    If you would like to exercise your rights, please email privacy@lulus.com with your request and your place of residence.

    Without prejudice to any other rights you may have, you have the right to lodge a complaint with your local data protection regulator.

    F. International Transfers

    As noted in the Where Are We Located section, we may process your personal information in countries outside the EEA/UK, Switzerland and Canada that do not provide an adequate level of data protection as defined by EU/UK/Swiss/Canadian data protection laws. Certain third countries have been officially recognized by the European Commission, UK Secretary of State, Swiss and Canadian/or authorities as providing an adequate level of protection. Transfers within our corporate group or to third parties located in such third countries take place using an acceptable data transfer mechanism, such as the EU and/or UK Standard Contractual Clauses, Binding Corporate Rules, approved Codes of Conduct and Certifications, on the basis of permissible statutory derogations, or any other valid data transfer mechanism issued by the EEA/UK/Swiss/Canadian authorities. Please reach out to us if you want to receive further information about how we transfer Personal Data or, where available, a copy of the relevant data transfer mechanism.