Privacy & Security
We collect what we need to deliver your order and improve your experience — nothing more. Here’s exactly what we store, why, and how to control it.
What we collect
Account details (email, name), shipping address, optional prescription data, browsing patterns on lool.com, and payment tokens (we never store full card numbers — they’re tokenized by our PCI-DSS Level 1 processor).
Why we collect it
To process and ship orders, recommend better-fitting frames, improve site performance, and (with your consent) send marketing you’ve opted into. We don’t sell your data.
Your rights
Request a full export of your data, deletion of your account, or correction of any field — anytime, free, by emailing privacy@lool.work. We respond within 30 days, in line with GDPR and CCPA.
Security
TLS 1.3 in transit, AES-256 at rest, mandatory 2FA for staff access, annual external penetration testing, and an active bug-bounty program.