Privacy policy

At Twelve Beauty, your privacy matters to us. We want to explain clearly how we handle your personal data when you visit our website, make a purchase or get in touch with us.


In this Privacy Policy, we explain what data we collect, how we use it, how long we keep it, who we may share it with, and what rights you have over it.


1. Who is responsible for your data?

The data controller responsible for your personal data is BEAUTY LAB TWELVE, S.L.
Company number: B22850226
Registered address: Calle Santísima Trinidad, 8, 03760, Ondara, Alicante (Spain)
Contact email: info@twelvebeauty.com

In this policy, when we refer to “Twelve Beauty”, we mean BEAUTY LAB TWELVE, S.L.


2. What personal data do we process?

We process the personal data you provide directly to us when you:


  • browse our website

  • create an account

  • make a purchase

  • get in touch with us

  • subscribe to our communications


Depending on the situation, we may process the following data:


  • name and surname(s)

  • postal address and postcode

  • telephone number

  • email address

  • data related to your orders, payments, invoicing, deliveries, returns or issues

  • data arising from the commercial relationship or customer service interactions

  • browsing and website usage data, in accordance with our Cookie Policy


Fields marked as required are necessary to register, process an order or handle a request. If you do not provide them, we may not be able to provide the service correctly.


3. How do we use your data?

a) To manage your purchase and your relationship with Twelve Beauty

We use your data to:

  • create and manage your user account

  • process your orders

  • handle payments, deliveries, returns and refunds

  • send you updates on the status of your order

  • issue invoices and other documents related to your purchase

  • handle queries, issues or requests related to our products or services

Legal basis: this processing is necessary to manage your purchase or to handle requests related to it.


b) To meet our legal obligations

We also process your data when we need to comply with legal obligations, for example in relation to tax, accounting, consumer law, or when required by a competent authority.

Legal basis: compliance with legal obligations.


c) To keep our website secure and prevent fraud

We may use certain data to protect our website, prevent unauthorised access, detect misuse and avoid fraudulent transactions.

Legal basis: legitimate interest of Twelve Beauty in ensuring the security of its operations, website and customers.


d) To send you marketing communications

If you give us your consent, we may send you emails about new products, promotions and content related to Twelve Beauty.

Legal basis: your consent.


e) To analyse and improve our website

If you accept the relevant cookies, we may use browsing data to understand how our website is used, measure its performance and improve our content, products and services.

Legal basis: your consent.

You can withdraw your consent at any time by emailing us at info@twelvebeauty.com or through the relevant mechanisms on the website. Withdrawing your consent will not affect any processing carried out before that point.


4. How long do we keep your data?

We will keep your personal data for as long as necessary to fulfil the purpose for which it was collected and, after that, for as long as the law requires in each case.

As a general rule:

  • data related to purchases, invoicing and the contractual relationship will be kept for as long as necessary to manage the purchase and, after that, for the applicable legal retention periods

  • data processed on the basis of your consent will be kept until you withdraw that consent

  • data related to queries or issues will be kept for as long as necessary to resolve them and carry out any follow-up

  • data used to prevent fraud or protect security may be kept for as long as necessary for that purpose

Once the applicable retention periods have ended, data may be kept in a blocked state for as long as necessary to deal with any potential legal liability and will then be deleted.


5. Who do we share your data with?

Your data may be shared with or made accessible to:

  • public authorities and competent bodies, where there is a legal obligation to do so

  • transport and logistics companies, to deliver your orders

  • payment service providers, to process payment for your purchases

  • technology providers that supply us with services related to our website, online shop, maintenance, analytics, customer service or marketing communications

Where these providers process data on behalf of Twelve Beauty, they do so under our instructions and with the appropriate legal safeguards in place.

We do not share your data with third parties for their own commercial purposes, unless we inform you of this and there is a legal basis for doing so.


6. Are international data transfers made?

Some of our technology providers may be based outside the European Economic Area or may provide services that involve international access to personal data.

Where this is the case, Twelve Beauty will take the necessary steps to ensure your data remains protected with the appropriate safeguards required by applicable law.

If you would like more information on this, please email us at info@twelvebeauty.com.


7. How do we protect your data?

We apply appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration or misuse.

These measures are reviewed taking into account the type of data we process and the associated risks.


8. What are your rights?

You can exercise the following rights under data protection law at any time:

  • access your personal data

  • request the correction of inaccurate or incomplete data

  • request the deletion of your data where applicable

  • request that processing be restricted

  • object to certain types of processing

  • request the portability of your data

  • withdraw your consent where processing is based on it

To exercise any of these rights, please email us at info@twelvebeauty.com.

If you believe we have not handled your data correctly, you can lodge a complaint with the Spanish Data Protection Agency (AEPD).


9. Minors

Our website is not directed at children under the age of 14 and we do not knowingly collect personal data from children under that age.


If we become aware that personal data has been provided by a child under 14 without valid authorisation, we will take the necessary steps to delete it as soon as possible.


10. Changes to this Privacy Policy


We may update this Privacy Policy when necessary due to legal or technical changes, or changes in the way we process personal data.


When changes are significant, we will let you know via the website or through other appropriate means.


Last updated: 4/05/2026