Privacy Policy

Effective Date: 09.04.2025

At DayOne (“we”, “us”, or “our”), protecting your personal data is of utmost importance.
This Privacy Policy describes how we collect, use, and protect your data when you interact with our website www.dayone.lu in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Luxembourg Law of 1 August 2018 on the protection of individuals with regard to the processing of personal data.

1. Data Controller

The entity responsible for your personal data is:

DayOne Part of Imexlux S.A.
Legal form: S.A.
Registered address: 68, rue de Luxembourg L-8077 Bertrange LUXEMBOURG
RCS Luxembourg: B113653
VAT number: LU 21027052

Email: info@dayone.lu

Phone: +352 26 55 00 53

2. Personal Data We Collect

We may collect and process the following personal data:

Directly from you:

• Name and surname

• Email address

• Telephone number (if provided)

• Messages or inquiries you submit via forms

Automatically through our website:

• IP address

• Browser type and version

• Operating system

• Device information

• Referral source

• Pages visited, time spent, and actions taken

• Cookies and similar tracking technologies (see Section 6)

3. Legal Basis for Processing

We process your data under the following legal bases:

• Consent (Article 6(1)(a) GDPR) – e.g. for newsletter sign-up or cookies.

• Contractual necessity (Article 6(1)(b)) – e.g. to provide requested services or respond to inquiries.

• Legal obligation (Article 6(1)(c)) – e.g. invoicing, accounting.

• Legitimate interest (Article 6(1)(f)) – e.g. website analytics, improving our services.

4. Purposes of Processing

We use your data to:

• Provide access to and maintain our website

• Respond to your inquiries or requests

• Send you newsletters or updates (only with consent)

• Analyze and improve the performance and usability of our website

• Ensure compliance with legal obligations

• Prevent fraud or abuse

5. Data Retention

We retain your personal data:

• As long as necessary for the purpose for which it was collected

• In line with legal or regulatory requirements (e.g. accounting laws)

6. Use of Cookies

We use cookies and similar technologies for:

• Functionality and performance of the website

• Analytics and usage tracking

• Personalized content (if applicable)

Cookie consent is obtained via a cookie banner when you first visit our website. You can update your preferences or disable cookies at any time through your browser settings.

7. Data Sharing and Transfers

We only share your personal data with:

• Our service providers (e.g., hosting, analytics, email)

• Regulatory or legal authorities when required

• No data is sold or rented to third parties

Data Transfers Outside the EU/EEA:
If your data is transferred to a third country (e.g., USA), we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions.

8. Your Rights Under GDPR

As a data subject, you have the right to:

• Access your data (Art. 15 GDPR)

• Rectify inaccurate or incomplete data (Art. 16)

• Erase data (“right to be forgotten”) (Art. 17)

• Restrict processing (Art. 18)

• Object to processing (Art. 21)

• Data portability (Art. 20)

• Withdraw your consent at any time (Art. 7)

• Lodge a complaint with the CNPD Luxembourg (www.cnpd.lu)

To exercise your rights, contact us at: info@dayone.lu

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

10. External Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of such sites. Please review their privacy policies independently.

11. Updates to This Privacy Policy

We reserve the right to update this Privacy Policy at any time.

Changes will be published on this page with a new “Effective Date”.

Please check back regularly.