Skip to main content

Privacy policy

B. PRIVACY POLICY

Information collection and POPIA compliance

Daily Skin by Somalogic is committed to protecting your personal information in accordance with the Protection of Personal Information Act (POPIA) and international best practices. We collect only the information necessary to process your orders, improve our services, and provide you with personalised skincare recommendations. This includes your name, contact details, delivery address, payment information, purchase history, and responses to our professional product questionnaires. We obtain your explicit consent before collecting personal information and clearly explain how we'll use it. For professional-grade products, we collect additional health-related information through our consultation questionnaires to ensure product suitability and safety. This sensitive information is stored securely and accessed only by authorised skincare specialists who need it to provide appropriate recommendations. You have the right to access, correct, or request deletion of your personal information at any time by contacting privacy@dailyskin.co.za.

How we use your information

Your personal information enables us to process and fulfill your orders, communicate about your purchases, and provide customer support during our business hours (09:00-17:00). We use your purchase history and skin assessment data to offer personalised product recommendations and notify you about products relevant to your skincare concerns. Marketing communications are sent only with your explicit opt-in consent, and you can unsubscribe at any time through the link in our emails. Professional product questionnaire responses are retained for 24 months to track your skincare journey and ensure continued product suitability. We may analyse aggregated, anonymised data to improve our product selection and service offerings, but this analysis never identifies individual customers. Your information is never sold, rented, or shared with third parties for their marketing purposes.

PayFast payment security and data protection

All payment transactions are processed through PayFast, a PCI DSS Level 1 compliant payment gateway that employs the highest security standards. Your payment information is encrypted using 256-bit SSL encryption and tokenised to prevent unauthorised access. We never store your credit card details on our servers - PayFast handles all payment data through their secure infrastructure with 3D Secure authentication required for all card transactions. Our website uses Extended Validation SSL certificates to ensure all data transmitted between your browser and our servers is encrypted. We implement Web Application Firewall (WAF) protection, regular security audits, and maintain comprehensive data breach notification procedures. In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours as required by POPIA.

Cookies and tracking technologies

We use cookies to enhance your shopping experience, remember your preferences, and analyze website traffic to improve our services. Essential cookies are necessary for website functionality, including maintaining your shopping cart and processing payments. Analytics cookies help us understand how visitors use our site, while marketing cookies (used only with your consent) enable us to show you relevant advertisements on other platforms. You can manage cookie preferences through your browser settings, though disabling essential cookies may affect website functionality. We use Google Analytics with IP anonymisation enabled to protect your privacy, and all analytics data is aggregated and cannot identify individual users. Third-party services like PayFast may set their own cookies to process payments securely, which are governed by their respective privacy policies.

Your rights and data retention

Under POPIA, you have the right to access, correct, or delete your personal information, object to processing, and lodge complaints with the Information Regulator. To exercise these rights, contact privacy@dailyskin.co.za with your request, and we'll respond within 14 working days. We retain transaction data for up to 7 years to comply with tax and legal requirements, while marketing data is kept only as long as you remain subscribed to our communications.

Loyalty program

Daily Skin operates a loyalty rewards program where customers earn points on purchases that can be redeemed for discounts on future orders. Points are automatically credited to your account after successful delivery of your order. Full terms and conditions of our loyalty program are available on your account dashboard. Points expire after 12 months of account inactivity.