Privacy policy

Lablaco and SPIN.FASHION are committed to protecting the privacy and security of personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This GDPR policy outlines our practices regarding the collection, use, and protection of personal data.

Your privacy is important to us, as it is for you. Our privacy policies explain the personal data Lablaco and SPIN.FASHION processes, how Lablaco and SPIN.FASHION processes it, and for what purposes. Lablaco is a circular fashion ecosystem, including phygital retail platform, SPIN.FASHION designed to enable brands and retailers to digitize and connect products worldwide, including IoT hardware devices, software that students use at school, and services developers use to create and host what’s next. 

References to Lablaco products, may include SPIN.FASHION and CFS Media, in this statement include Lablaco services, websites, platforms, media, apps, software, servers, and devices. Please read the product-specific details in this privacy statement, which provide additional relevant information. This statement applies to the interactions Lablaco has with you and the Lablaco products listed below, as well as other Lablaco products that display this statement.

1. Data Controllers
Lablaco and SPIN.FASHION act as joint data controllers for the personal data processed in the course of providing our services. Our contact information is:

Level 40, Ocean Financial Centre, 10 Collyer Quay, Raffles Place, Singapore 049315
Tax/Reg Number: 202004882N

(Here represented as “Lablaco” and “SPIN.FASHION”, or We)

Address: 43 O'Connell Street Upper, Dublin 1, D01 DK81, Ireland
Tax/Reg. Number: 718590

(Here represented as “SPIN.FASHION” and “Lablaco”, or “We”)

2. Types of Personal Data Collected
We may collect and process the following types of personal data:

3. Purposes of Processing Personal Data
We only share your personal data with your consent or to complete any transaction or provide any product you have requested or authorized. We also share data with Lablaco-controlled affiliates and subsidiaries; with vendors working on our behalf; when required by law or to respond to legal process; to protect our users; to protect lives; to maintain the security of our products; and to protect the rights and property of SPIN.FASHION and its users.

We process personal data for the following purposes:

4. Legal Basis for Processing
We process personal data on the following legal bases:

5. Data Subject Rights
Users have the following rights regarding their personal data:

6. Data Security
We implement technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, and destruction.

7. Data Retention
We retain personal data only for as long as necessary for the purposes outlined in this policy or as required by law.

8. Data Sharing
We may share personal data with third-party service providers, business partners, or authorities for specific purposes outlined in this policy.

9. International Data Transfers
If we transfer personal data outside the European Economic Area (EEA), we will ensure adequate safeguards are in place.

10. Changes to the Policy
We may update this policy from time to time. Users will be notified of significant changes.
Contact Information for Data Protection Concerns:

11. User freedom of choice
You have choices when it comes to the technology you use and the data you share. When we ask you to provide personal data, you can decline. Many of our products require some personal data to provide you with a service. If you choose not to provide data required to provide you with a product or feature, you cannot use that product or feature. 

Likewise, where we need to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract; or if this relates to an existing product you’re using, we may have to suspend or cancel it. We will notify you if this is the case at the time. Where providing the data is optional, and you choose not to share personal data, features like personalization that use such data will not work for you.

12. How We Use Personal Data
Lablaco uses the data we collect to provide you with rich, interactive experiences. In particular, we use data to:

We also use the data to operate our business, which includes analyzing our performance, meeting our legal obligations, developing our workforce, and doing research. In carrying out these purposes, we combine data we collect from different contexts or obtain from third parties to give you a more seamless, consistent, and personalized experience, to make informed business decisions, and for other legitimate purposes.

Our processing of personal data for these purposes includes both automated and manual (human) methods of processing. Our automated methods often are related to and supported by our manual methods. For example, our automated methods include artificial intelligence (AI), which we think of as a set of technologies that enable computers to perceive, learn, reason, and assist in decision-making to solve problems in ways that are similar to what people do. 

To build, train, and improve the accuracy of our automated methods of processing (including AI), we manually review some of the predictions and inferences produced by the automated methods against the underlying data from which the predictions and inferences were made. For example, we manually review short snippets of voice data that we have taken steps to de-identify to improve our speech recognition technologies. This manual review may be conducted by Lablaco employees or vendors who are working on Lablaco’s behalf.

13. How to Access and Control Your Personal Data
You can make choices about the collection and use of your data by Lablaco. You can control your personal data that Lablaco has obtained and exercise your data protection rights by contacting Lablaco or using various tools we provide. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law. How you can access or control your personal data will also depend on which products you use. For example, you can:

Not all personal data processed by Lablaco can be accessed or controlled via the tools above. If you want to access or control personal data processed by Lablaco that is not available via the tools above or directly through the Lablaco products you use, you can always contact Lablaco at the address in the How to contact us section or by using our web form.

14. Data Deletion
Once user data is stored in Lablaco, our systems are designed to store the data securely until it completes the stages of Lablaco's data deletion pipeline. This section describes this process in detail.

Stage 1 - Deletion Request
The deletion of user data begins when the user initiates a deletion request. Generally, a deletion request is directed to a specific resource, a Lablaco products (SPIN.FASHION, SPIN Connect, CFS Media), or the user’s SPIN.FASHION account. Deletion requests may be handled in different ways depending on the scope of the user’s request:

While deletion requests are designed primarily to be used by users to manage their data, Lablaco or SPIN.FASHION may issue deletion requests automatically, for instance when a user terminates their relationship with Lablaco or SPIN.FASHION.

Stage 2 - Soft Deletion
Soft deletion is the natural point in the process to provide a brief internal staging and recovery period to ensure that there is time to recover any data that has been marked for deletion by accident or error. Individual SPIN.FASHION assets and products may adopt and configure such a defined recovery period before the data is deleted from the underlying storage systems so long as it fits within Lablaco’s overall deletion timeline.

To illustrate, when assets are deleted, SPIN.FASHION first identifies the unique product or asset, then it broadcasts a suspension signal to the SPIN.FASHION platform and products containing that asset token.

At the end of a recovery period of 30 days, SPIN.FASHION broadcasts a signal to the same products to begin logical deletion of resources tied to the unique asset token.

When a SPIN.FASHION account is closed, Lablaco may impose an internal recovery period up to 30 days, depending on past account activity. Once that grace period expires, a signal containing the deleted billing account user_id is broadcasted to Lablaco products, and SPIN.FASHION resources tied solely to that user_id are marked for deletion.

Stage 3 - Logical Deletion from Active Systems
After the data is marked for deletion and any recovery period has expired, the data is deleted successively from Lablaco's active and backup storage systems. On active systems, data is deleted in two ways.

In all assets and products under Compute, Storage & Databases, and Big Data except SPIN.FASHION Storage, copies of the deleted data are marked as available storage and overwritten over time. In an active storage system, like SPIN Connect, deleted data is stored as entries within a massive structured table. Compacting existing tables to overwrite deleted data can be expensive, as it requires re-writing tables of existing (non-deleted) data, so mark-and-sweep garbage collection and major compaction events are scheduled to occur at regular intervals to reclaim storage space and overwrite deleted data.

Stage 4 - Expiration from Backup Systems
In the case of backup systems, user data is typically stored within large aggregate snapshots of active systems that are retained for static periods of time to ensure business continuity in the event of a disaster (e.g., an outage affecting an entire data center), when the time and expense of restoring a system entirely from backup systems may become necessary. Consistent with reasonable business continuity practices, full and incremental snapshots of active systems are made on a daily, weekly, and monthly cycles and retired after a predefined period of time to make room for the newest snapshots.

When a backup is retired, it is marked as available space and overwritten as new daily / weekly / monthly backups are performed.

Note that any reasonable backup cycle imposes a pre-defined delay in propagating a data deletion request through backup systems. When user data is deleted from active systems, it is no longer copied into backup systems. Backups performed prior to deletion are expired regularly based on the pre-defined backup cycle.

15. Deletion Timeline
Lablaco’s platforms are engineered to achieve a high degree of speed, availability, durability, and consistency, and the design of systems optimized for these performance attributes must be balanced carefully with the need to achieve timely data deletion. SPIN.FASHION commits to delete user data within a maximum period of about six months (180 days). This commitment incorporates the stages of Lablaco's deletion pipeline described above, including:

Stage 1 - Deletion Request: Once the deletion request is made, data is typically marked for deletion immediately, and our goal is to perform this step within a maximum period of 24 hours. After the data is marked for deletion, an internal recovery period of up to 30 days may apply depending on the service or deletion request.

Stage 2 - Soft Deletion: The time needed to complete garbage collection tasks and achieve logical deletion from active systems. These processes may occur immediately after the deletion request is received, depending on the level of data replication and the timing of ongoing garbage collection cycles.

From the deletion request, it generally takes about two months to delete data from active systems, which is typically enough time to complete two major garbage collection cycles and ensure that logical deletion is completed.

Stage 3 - Expiration from Backup Systems: SPIN.FASHION’s backup cycle is designed to expire deleted data within data center backups within six months of the deletion request. Deletion may occur sooner depending on the level of data replication and the timing of Lablaco's ongoing backup cycles.

16. Cookie policies
Lablaco uses cookies. Below you can find more information about cookies, how they are used by Lablaco and which control procedures we adopt with respect to the cookies themselves. By continuing to use Lablaco products, after accepting our Banner, you consent to the use of cookies, in accordance with this statement. If you do not agree to the use of cookies, please disable them by following the instructions below in this statement.

17. What are cookies
Cookies consist of small text files which are sent on your electronic device while browsing a website oe app and which provide certain information (“Cookies”). Cookies are then sent back to the original website or app during each subsequent browsing or are sent to a different website able to recognize that specific Cookie. Cookies act as a memory for a website allowing the website to recognize your device at each subsequent visit to that same website. Cookies also allow you to store your browsing preferences offering you a more functional experience of the Site, and making the content of the Site as personalized as possible.

Web browsers allow you to exercise a control over the Cookies through your browser settings. Most of the browsers allow you to block Cookies or block Cookies from certain sites. Browsers can also help you deleting Cookies when you close your browser. However, you should keep in mind that this may mean that any opt-outs or preferences you have set on the site will be lost. We invite you to refer to your browser’s technical information for instruction. If you choose to disable the Cookies setting or refuse to accept a Cookie, some parts of the service may not work properly or may be significantly slower.

18. Types of cookies
Cookies can be technical, analytical and profiling.
The Site uses technical "session" cookies and persistent.
Moreover, the Site uses the following analytical cookies set by third-party providers as:

The Site does not use profiling cookies.

19. Cookies Purposes
The technical cookies used by our Site make possible and facilitate your browsing experience and provide you and allow you to use the services of the Site.

Analytical cookies are used to analyze and monitor the ways you use the Site (e.g. number of accesses and pages viewed), for statistical purposes and to allow us to improve the Site in terms of operation and browsing.

20. How to control and remove cookies
You can authorize the use of Cookies by continuing to browse the Site, after reading the Banner and clicking OK for acceptance. You may not authorize the use of Cookies or otherwise disable them at any time by manually proceeding with the modification of your browser configuration and following the instructions contained in the cookie management policies.

21. How to disable the Cookies
Warning: the provision of data is optional. However, please note that the refusal/deactivation of Cookies may prevent you from using certain features of the Site.


To disable the use of analytical Cookies and prevent Google Analitycs from collecting navigation data it is possible to download the component available at the following link:

To disable Google's use of Cookies, please visit:
To disable directly from your browser the types of Cookies used by this website
Chrome: Explorer:

If you are using a web browser that is not listed above, please refer to your browser's documentation or online help for more information. Users are advised that the Data Controller acts merely as a technical intermediary for the links contained in this document and does not bear any responsibility in the event of changes.

You can find more information about Cookies, including which Cookies’ settings are actually active on your device, and how you can manage and delete them, by accessing the following link