Privacy policy


Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymised data). The personal information we may collect and store about you includes, but is not limited to, the following information:

  • Title
  • Name and surname
  • Date of birth
  • Gender
  • Email address
  • Contact phone number(s)
  • Billing and delivery address  
  • Bank account and payment card details
  • Transaction data including purchase information and payment details
  • Technical data including IP address, log-in data and computer/device settings  
  • Interests, preferences and website usage data  
  • Interactions with us e.g. contacting our Customer Services Team (we may record your calls), or visits to our website
  • Personal information you put on social media information you provide in your reviews of us or survey responses
  • Attendance at events (and travel preferences)
  • Information from cookies, including information on the devices you may use to make a purchase - please see our separate Cookies Policy

We may also use and share aggregated data, which may be derived from your personal data but due to the way the data is handled (by anonymising and/or combining it with other data) it is not considered by law to be personal data.

During your interactions with this site we do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. However, if you use our in-store piercing service we will collect special category health data. You will provide your consent for us to collect and store this data at the time of your piercing appointment.


The site may include links to third-party websites, plug-ins and applications. By clicking on those links or enabling those connections you may allow third parties to collect or share data about you. Please note that we do not control these third-party websites and are not responsible for their privacy statements. As such, we recommend that you read the privacy policy of every website you visit.


We use different methods to collect data from and about you including through:

Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you: apply for our products or services; create an account on our website; subscribe to our publications; request marketing to be sent to you; enter a competition, promotion or survey; or give us feedback or Contact Us.

Automated technologies or interactions.  As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our cookie policy below for further details.

Third parties or publicly available sources. We will receive personal data about you from various third parties as set out below.

Technical data from the following parties:

(a) analytics providers such as Google based outside the UK;

(b) advertising networks such as Facebook based outside the UK;

(c) search information providers such as Google based outside the UK.

Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Paypal based outside the UK.

Identity and Contact Data from data aggregators based inside or outside the UK.

YOUR PERSONAL DATA (the "Site") is owned and run by LOLA ROSE (HK) LIMITED. ("we", "us" or "our"). Your privacy is taken very seriously and steps are taken to ensure your privacy is protected at all times. We also believe it is important to let you know what information is collected from the Site and why, and what we do with this information.

At Lola Rose, we collect personal information about you. We are the controller and responsible for the information we may collect. We collect this information in order to provide a personalised experience catered to you, offer you promotions and to ensure that Lola Rose is able to continue to improve its standards and services. This also allows us to alert you to administrative, product or service changes, and for marketing purposes. We gather this information about you when you engage in the following ways:

You register with, or subscribe to, and marketing channels.

You use our online services or in-store services and place orders.

You interact with us online via social media, digital advertising on our, or any other, website where Lola Rose is represented.

You ask for information, provide a testimonial or feedback, and comment on blogs and articles that are represented by Lola Rose.

You attend an event hosted by us, or where we are acting as sponsor.

This website is not intended for children and we do not knowingly collect data relating to children. If you are under the age of 16, you must inform a parent or guardian about our privacy policy and obtain their agreement to this privacy policy before using any of our online services, including, but not limited to, registration with Lola Rose, subscribing to our newsletter, or placing an order with us.


1. Consent

If you visit the Site and are not already an existing customer, we might ask for your consent to process your data, so that we can send you our special offers and news, or if you visit a store to use one of our services, we may ask for your consent to process your data to deliver that service safely.

2. Contractual obligations

For example, in order to allow us to fulfil an order when you purchase our products.

3. Legal compliance

In some circumstances, we may be legally required to collect and process your data e.g. to pass it on to the police if criminal activity is suspected.

4. Legitimate Interest

It may be necessary to use your data to help us run and improve our business. For example, to personalise the services we provide, or to improve our internal processes. We will only use your data in these instances, where doing so does not materially impact your rights, freedom or interests.

We will only use your personal data when the law allows us to. Most frequently, we will use your personal data to fulfil a contractual obligation, or where we have a legitimate interest.

Generally, we do not rely on consent as a legal basis for processing your personal data. However, if you are not already a customer, we will get your consent before sending third-party direct marketing communications to you via email or text message. In the event you do not wish for us to use ‘Your Personal Data’ for marketing purposes, please either:

Click on the ‘Unsubscribe’ link in the emails we have sent you (if any).


We share your data with the following categories of third parties:

Service providers who provide IT, finance, logistics and system administration services.

Professional advisers including lawyers, bankers, auditors and insurers.

HM Revenue & Customs, regulators and other similar authorities.Marketing agencies and researchers.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Ordinarily we do not allow the transfer of your data out of jurisdiction. In the rare event that this is necessary, we will ensure that your data is provided with a similar degree of protection as is afforded in your jurisdiction and that the transfer is compliant with all local laws.  

We use a third-party service provider to serve advertisements and/or collect data on our behalf across the Internet and sometimes on this site. Some of these service providers may collect information about your visits to our site, and your interaction with our products and services to tailor marketing messages on this site and other sites or to trigger real-time interaction, customise this site or enhance your profile. Some of these service providers may be able to collect personal information that you share with this site via a web form automatically and prior to your pressing a submit button; and they may be able to use information from your visits to this site to send marketing messages to you in a way that may personally identify you. This information is collected through the use of a cookie, a javascript tag and/or pixel, which is industry standard technology used by most major websites.  

The information collected by these service providers may include your devices IP address, user agent, email addresses (where hashed or otherwise rendered pseudonymous) and other user and device level pseudonymous information.


We ensure that your personal data is protected by the appropriate security measures to prevent accidental loss, unauthorised use, alteration or disclosure. In addition, we only share your personal data with those employees, or third parties who have a business need to know. These individuals and entities are subject to duties of confidentiality and will only process your data on our instructions.  


A cookie is a small file that is sent by our web server to your computer. We use cookies to distinguish you from other website users. This allows us to improve your experience whilst visiting our site.

We use the following cookies on our website:

  • Strictly necessary cookies. These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies services you have asked for, like shopping baskets or e-billing, cannot be provided.
  • Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functional cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to you. We may also share this information with third parties for this purpose.

To process an order, we need your credit/debit card number and expiry date, plus any security details that the credit card processor may require. Lola Rose employs trusted and reputable third-party hosting agents and payment providers to ensure the security of personal data. All credit card details that are given to us by you the customer are done so on a secure server using Shopify Payments. The transfer of the purchase details from our site to Shopify Payments are encapsulated using their encrypted and digitally-signed protocol. This uses a combination of standard methods to ensure that the information passed is secure and tamper-proof. Shopify Payments is PCI DSS compliant and is regulated by qualified security assessor Trustwave. Please note, we do not store any financial information from you.


We reserve the right to modify this Privacy Policy at any time. Any material changes we may make to our Privacy Policy will be updated on the Privacy & Security section of our Site. Please review it occasionally to remain informed and updated.