Privacy Policy

The company QUAI DES CELESTINS, a simplified joint-stock company with a capital of €9,050, registered with the Paris Trade and Companies Register under number 522 306 265, having its registered office at 207 rue du Faubourg Saint-Martin, 75010 Paris (hereinafter referred to as the "Company" or "QUAI DES CELESTINS"), represented by Mrs. Fleur PHELIPEAU in her capacity as President, collects and processes personal data concerning the Company's clients, users of the Company's website (hereinafter the "Site") and users of the services (hereinafter the "Services", as defined in the General Terms and Conditions of Sale accessible at the following link: https://dailylab.com/pages/conditions-generales-de-vente, hereinafter referred to as the "GTC"), collectively referred to as the "Users" or "You" or "Clients".

The Company is concerned about the protection of Users' privacy and personal data. Thus, it ensures to adopt and comply with a personal data processing policy in accordance with the applicable regulations, particularly the General Data Protection Regulation No. 2016/679 of April 27, 2016 (the "GDPR") and the Data Protection Act of 1978 as amended.

Thus, this policy regarding confidentiality and the protection of personal data (the "Policy") aims to outline the terms and conditions for the processing of personal data by the Company concerning Users.

The Company reserves the right to modify the Policy at any time and commits to informing Users of these changes via a notification when using the Services.

1. The data controller

The Company is the data controller of the personal data collected and processed under the conditions of this Policy applicable to Users.

You can contact the Company at the contact details provided in Article 8 "Contact" of this Policy.

The data controller is the person, in this case the Company, who determines the methods and purposes of processing personal data. As its name suggests, it assumes responsibility for the processing of personal data that it carries out and is the main contact for the User to assert their rights regarding the processing.

2. Sources and categories of personal data


2.1. Source and collection of personal data

The Company collects Users' personal data as part of the use of the Services. In particular, the Company collects and processes Users' personal data when:

  • order taking;
  • the provision of Services;
  • billing and payment of orders, as well as preliminary checks on credit cards;
  • the creation of the User profile on the Site (hereinafter the "Profile");
  • navigation on the Site (notably by cookies); and/or
  • the statistical and commercial analysis of data;
  • the sending of mass or targeted informational emails;
  • the sending of emails related to order tracking and the creation of finished products

The Company also processes all personal data communicated spontaneously and voluntarily, particularly when Users contact the Company.

2.2. Categories of personal data

The Company collects and processes the following categories of personal data:

  • Necessary information for placing an order:
    • Personal data: name, first name, phone number, and email address of the client (if an individual) or the main contact within the client company.
  • Necessary information for any exchanges with You:
    • Personal data: name, first name, phone number, and email address of the client (if an individual) or the main contact within the client company.
  • Necessary information for billing and payment of orders:
    • Personal data: name, first name, phone number, and email address of the client (if an individual) or the main contact within the client company, as well as the billing postal address. We do not retain bank details in the case of payment by credit card.
  • Necessary information for creating the Profile:
    • Personal data: email address, phone number, username, password
  • Information collected when using the "Contact" form:
    • Personal data: name, first name, email address, as well as any other information that You would voluntarily communicate to us in your message.
    • Company data: distribution sector, country/city of marketing
  • Information related to the type of device used, the IP address, the type and language of the browser.
  • Information collected by cookies installed on our Site that have been previously accepted or refused, such as the pages viewed.

2.3. The mandatory nature of data provision

Certain information may be mandatory for the implementation of the Services. When placing an order, creating a Profile, or using the "Contact" form, the mandatory data is indicated on our forms by an asterisk or by the explicit mention "Mandatory Information". If the mandatory data is not provided, we will not be able to implement the relevant Services.

2.4. Accuracy of data

The Company makes its best efforts to keep personal data accurate and complete. To ensure that we have up-to-date information, you can inform us of any changes to your contact details or any other data by contacting the Company at the contact details mentioned in Article 8 "Contact" below, or by regularly updating your Profile.

2.5. Localization of personal data

The personal data collected on our Site and for which the Company is responsible is hosted in France on the servers of the Site which is hosted by the Company Shopify.

More details regarding the guarantees taken for data transfers outside the European Economic Area are provided in Article 6.


3. Purposes and legal bases of processing

Personal data is processed by the Company to achieve the following purposes:
In the context of the execution of the GTC or pre-contractual measures for the provision of the Services:
  • Execution of Services for Users, as defined in our GTC, the delivery of ordered products.
  • Manage the relationship with Users
    • Creation of a Profile;
    • Management of the acceptance of the General Terms and Conditions and this Policy;
    • Communication with Users; and
    • Management of any potential complaints.

In the context of our legitimate interest, in respect of your rights:
  • Establish statistics on the use of the Services and on User behavior;
  • Sending newsletter;
  • Company Service Proposals; and
  • Provision, maintenance, and improvement of our Services and Website.

Furthermore, processing under legitimate interest also allows for:

  • Manage the collection;
  • Detect, investigate, prevent or take action regarding illegal activities, abuses, suspicions of fraud, or situations involving potential threats to the safety or rights of a person or entity and to use it as evidence in case of litigation;
  • Investigate, prevent, and stop violations of our GTC and this Policy; and
  • Protect and defend our rights and interests, including our intellectual property rights, before the competent courts or jurisdictions.

The Company also seeks to enable the training of its employees and the conduct of compliance and security audits.

Finally, the data is collected to meet legal obligations:

  • "To comply with the legal and regulatory obligations to which the Company is subject, such as the tax declaration related to transactions and the retention of invoices,"
  • "Training our teams, in accordance with the legal obligations to which the Company is subject as an employer,"
  • Manage User requests regarding their rights concerning personal data.

4. Communication of personal data

Personal data, collected and processed, may be transmitted:

  • To the authorized persons of the relevant services within the Company;
  • In the event of a disaster, theft, or other violation of the General Terms and Conditions or the law, personal data may be transmitted to our insurance company and/or our brokerage firm, which is required to maintain the confidentiality of the transmitted data and, where applicable, to the police and justice services.
  • To administrative, judicial authorities and more generally to public bodies in the context of complying with our legal obligations or to enable us to ensure the defense of our rights and interests,
  • As needed, to our legal advisors and lawyers,
  • If we sell or transfer our business or a part of it and your personal data relates to that sold or transferred part, or if we merge with another company, we will share your personal data with the new owner of the business or our merger partner, respectively.

5. Personal Data Security

The Company implements organizational, technical, software, and physical security measures to protect personal data against any loss, unauthorized access, disclosure, or alteration.

6. Data retention

The Company retains your personal data for the time necessary to achieve the purposes pursued, possibly extended by the legal durations of archiving, retention of certain data, and prescription. At the end of the processing, the personal data will either be deleted or anonymized by the Company.

The retention period depends on the type of personal data and the purpose. The retention period is particularly determined according to the following criteria:

  • The closure of the Profile;
  • The regularity of your use of the Services;
  • The existence of legal or contractual obligations requiring us to retain the data;
  • The existence of a shelf life specifically defined by the applicable regulations; and
  • The type of personal data and in particular their sensitivity (for example, your banking information).

In this context, the Company retains the following retention periods:

  • The data concerning your Profile is retained as long as the account is active and, at the latest, for three years following the last transaction.
  • Once your account is closed, your data will be deleted or anonymized by the Company, unless this data needs to be retained for accounting purposes, in compliance with legal obligations, for dispute resolution, recovery, or fraud prevention.
  • In the event of a dispute regarding a transaction, we retain the data related to said transaction for the applicable limitation periods.


For more information regarding the retention period of your personal data, we invite you to contact us at the contact details provided in Article 8 "Contact" below.

7. User Rights

Users are informed that they have, under the conditions of the GDPR and applicable laws in France, a right of access, rectification, erasure, and portability of their personal data, as well as a right to restriction and objection to the processing of this data.

Users also have the right to determine the fate of their personal data in the event of death, as well as the right to lodge a complaint with the CNIL, whose website is accessible at the following address http://www.cnil.fr and whose headquarters is located at 3 Place de Fontenoy, 75007 Paris.

For processing based on his consent, the User can withdraw it at any time, without affecting the lawfulness of the processing prior to this withdrawal.

The User can exercise, free of charge, their rights with the Company at the contact details provided in article 8 "Contact" below, except in the case of a manifestly excessive request, in which case fees may be applied.

"In addition to the information below, the Company invites the User to consult the CNIL website:"

  • Right of access: the User has the right to obtain from the Company confirmation as to whether or not their personal data is being processed and, when it is, access to such data as well as information regarding the purposes of the processing (Article 15 of Regulation 2016/679 on the protection of personal data ("GDPR")). Clearly unfounded, excessive, or repeated requests may not receive a response or may incur fees.
  • Right to rectification: the User has the right to obtain from the Company, as soon as possible, the rectification of their personal data that they consider inaccurate (art. 16 of the GDPR).
  • Right to erasure: the User has the right to obtain from the Company the erasure of their personal data, under the conditions set out in Article 17 of the GDPR.
  • Right to portability: the User has the right to receive, or to request the sending to a third party, personal data concerning him that he has provided to the Company, in a structured, commonly used and machine-readable format (art. 20 of the GDPR).
  • Right to restrict processing: the User can obtain from the Company the restriction of processing of their personal data under the conditions of Article 18 of the GDPR.
  • Right to withdraw consent: Users have the right to withdraw their consent to the processing of their data if that processing is based on consent. The withdrawal of this consent does not affect the lawfulness of the processing based on consent carried out before the withdrawal.
  • Right to object: The User has the right to object at any time, on grounds relating to his or her particular situation, to the processing of his or her personal data, when it is based on legitimate interests and under the conditions of Article 21 of the GDPR.
  • Right to organize the fate of one's personal data in the event of death: the User can set general or specific directives regarding the retention, deletion, and communication of their personal data after their death (law 78-17 of January 6, 1978 as amended, art. 40, II).
  • Right to lodge a complaint with a supervisory authority: without prejudice to any other administrative or judicial remedy, the User has the right to lodge a complaint with a supervisory authority if he/she believes that the processing of personal data concerning him/her constitutes a violation of the applicable data protection regulations (art. 77 of the GDPR).

8. Contact

For more information on the processing of your personal data or to exercise your rights, you can contact us at the following details:

CELESTINS QUAY / D-LAB
207 Faubourg Saint-Martin Street
75010 Paris

Email : contact@dlabparis.com
Phone: 01 84 80 44 20