PRIVACY STATEMENT
LAST UPDATED 29. October, 2024
SECTION 1 – INFORMATION WE COLLECT
When you purchase an item from our store, we collect certain personal information such as your name, address, email address, and payment information. We also automatically collect your computer’s internet protocol (IP) address to gather data about your browser, operating system, and engagement with our site.
Marketing Communications: We may send you marketing messages by email, direct mail, or text message about our store, new products, services, and other updates if you have opted in.
SECTION 2 – CONSENT
How We Obtain Your Consent
By providing your personal information for transactions or account activities, we imply that you consent to our collection and use of it for the specific purposes of fulfilling your request, order, or interaction. We may also use this implied consent to share with 3rd party service providers to gather analytics data or for other marketing purposes.
Withdrawing Consent
You can withdraw consent for the continued collection, use, or disclosure of your information at any time by contacting us at orders(at)mattressinsider.com or by mail at: Mattress Insider LLC, 6732 W Coal Mine Ave, #130, Littleton, CO 80123, United States
SECTION 3 – DISCLOSURE OF YOUR INFORMATION
We may share your information in the following circumstances:
- If required by law or legal request.
- To enforce our Terms of Service.
- To protect the rights, property, or safety of Mattress Insider LLC, our customers, or others.
SECTION 4 – DATA STORAGE AND SECURITY
Our store is hosted on Liquid Web, which securely stores your data on a protected server behind a firewall.
Payment Security
Payments are processed via Authorize.net PayPal.com, Affirm.com, and BraintreeGateway.com and adhere to the Payment Card Industry Data Security Standard (PCI-DSS), ensuring the safe handling of credit card information.
SECTION 5 – THIRD-PARTY SERVICE PROVIDERS
We work with a variety of third-party service providers to support our business operations and provide a seamless shopping experience. These providers may have access to your personal information but are only authorized to use it for the purposes necessary to perform their functions. These functions include, but are not limited to, payment processing, marketing services, order fulfillment, shipping, customer service, data analysis, and fraud prevention.
Types of Third-Party Providers We May Share Information With Include:
Payment Processors
For payment transactions, we use third-party payment processors like Authorize.net, which securely process your payment information in compliance with PCI-DSS standards. These providers may retain information related to transactions as required by law.
Shipping and Fulfillment Partners
We partner with shipping companies and fulfillment centers to handle product delivery. They use your address and contact information solely to fulfill orders and update you on shipment status.
Customer Service Platforms
To enhance our customer support, we use platforms that allow us to manage and respond to customer inquiries and feedback. These platforms may store data such as email addresses, names, and order history.
Marketing and Advertising Partners
We may share limited information with marketing and advertising providers, including Google, Facebook, Instagram, Pinterest, LinkedIn Ads, and other similar platforms, to deliver relevant advertisements, conduct retargeting campaigns, and provide promotional offers based on your interests.
Analytics and Data Collection Services
To improve user experience, we may utilize analytics tools including, but not limited to Google Analytics, Bing Webmaster Tools, Microsoft Clarity, FullStory, and Convert to collect information on how users interact with our website. This data helps us make informed decisions about our website’s design and functionality.
Email and Direct Mail Service Providers
For email marketing and direct mail services, we may share your email address and mailing address with trusted providers. These partners are restricted from using your information for any purposes other than communicating authorized marketing messages from Mattress Insider.
Survey and Feedback Providers
Occasionally, we conduct surveys and request feedback to understand our customers better and improve our services. If we engage a third-party provider for these surveys, they will only collect data in a way that maintains your anonymity unless you give explicit consent to share your responses.
Fraud Prevention and Risk Management Providers
We may share information with providers focused on fraud detection and risk management. These third parties help identify and prevent fraudulent activity, unauthorized transactions, and security breaches.
IT Support and Hosting Services
Our website is hosted on Liquid Web, which provides secure data storage for all user information, protected by encryption and firewall protocols. Liquid Web is responsible for securely storing and processing data in compliance with applicable laws and regulations.
Data Aggregation and Analysis Services
We may use data aggregation and analysis services to derive insights and improve our product offerings. In such cases, data shared with third-party partners is typically aggregated and anonymized to protect your privacy.
Legal and Regulatory Authorities
We may be required to disclose your personal information to comply with legal obligations, including regulatory inquiries, audits, or subpoenas. In such cases, we will disclose only the necessary information to comply with the law.
Business Transaction Partners
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owners or business partners so that we can continue serving you without interruption. In this event, the new party will continue to protect your information under terms consistent with this Privacy Policy.
International Data Transfers
Certain third-party providers may be located in or have facilities in jurisdictions outside of your own, which means that your data may be subject to the laws of these jurisdictions. For instance, if a service provider is located in the United States, your personal information may be accessible to U.S. government authorities in compliance with U.S. law, such as the Patriot Act.
Limitation of Liability for Third-Party Services
Once you leave our website or are redirected to a third-party website or application, our Privacy Policy and Terms of Service no longer apply. We encourage you to read the privacy policies of any third-party websites or services you interact with to understand how they handle your information.
SECTION 6 – SECURITY
We follow industry best practices and PCI-DSS requirements to protect your personal information. All data exchanges with our website are encrypted using secure socket layer technology (SSL). Please note that while we implement security protocols, no electronic transmission or storage method is 100% secure.
SECTION 7 – COOKIES AND ADVERTISING
We use cookies to collect session information, monitor store performance, and serve targeted advertisements. Cookies are also used for conversion tracking and split testing through services like Google Analytics, FullStory, and Convert.
Direct Mail Advertising: We work with third parties for direct mail offers. Our partners handle browser cookies, but Mattress Insider does not store or sell your personal information.
To opt out of direct mail, contact us at orders(at)mattressinsider.com or call 888-488-1468. Opt-out requests may take up to 30 days to process.
SECTION 8 – YOUR DATA PRIVACY RIGHTS
General Data Privacy Regulation (GDPR)
If you are a resident of the EEA, you may exercise the following rights:
- Access: Request access to your data and receive a copy of it.
- Correction: Request correction of inaccurate data.
- Deletion: Request the deletion of your data (“Right to be forgotten”).
- Portability: Request a copy of your data in a structured, machine-readable format.
- Objection/Restriction: Object to or restrict our processing of your data.
California Consumer Privacy Act (CCPA)
If you are a California resident, you may have the right to:
- Request information about the categories of personal data we collect.
- Request deletion of your personal information.
- Opt out of the sale of your personal data.
To exercise these rights, contact us at [email protected].
SECTION 9 – CHILDREN’S PRIVACY
Our website is not intended for children under the age of 13, and we do not knowingly collect personal information from children. If we discover we have inadvertently gathered data from a child under 13, we will promptly delete it.
SECTION 10 – UPDATES TO THIS POLICY
We reserve the right to update this Privacy Policy at any time. Changes will be posted on this page and take immediate effect. You may check this page at any time to see the most recent privacy updates.
SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address. When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. Email marketing (if applicable): We may send you emails about our store, new products and other updates. Direct Mail (if applicable): We may send you a postcard or letter about products and specials we may be offering.
SECTION 2 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at orders(at)mattressinsider.com or mailing us at: Mattress Insider LLC 6732 w coal mine ave, #130, littleton, CO, 80123, United States
SECTION 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 – Liquid Web
Our store is hosted on Liquid Web. Your data is stored through Liquid Web’s data storage, databases and the general applications. They store your data on a secure server behind a firewall.
Payment:
Our direct payment gateway Authorize.net is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
SECTION 5 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Links
General Data Privacy Regulation (GDPR)
Content, products and/or services on this web site do not specifically target marketing to the EU. Mattress Insider, does not conduct business in or to the EU in any meaningful way. If the data that you provide to us in the course of your use of our site or services or products is governed by GDPR, we will abide by the relevant portions of the regulation. If you are a resident of the European Economic Area (EEA), or are accessing this site from within the EEA, you may have the right to request: access to, correction of, deletion of; portability of; and restriction or objection to processing, of your personal data, from us. This includes the “right to be forgotten.”
SECTION 6 – SECURITY
If you provide us with your credit card information, it is not stored by Mattress Insider. The information is sent securely from the web browser directly to our payment gateway service provider Authorize.net and encrypted using secure socket layer technology (SSL). Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
COOKIES
We also use cookies to serve you ads on Facebook, Instagram, Adwords, Adcenter, Pinterest, LinkedIn Ads, and other advertising platforms.
Our site uses a third party service to match browser cookies to your mailing address. We use another company to send special offers through the mail on our behalf. Our company never receives or stores any of this information and our third parties do not provide or sell this information to any other company or service.
SECTION 7 – AGE OF CONSENT
SECTION 8 – CHANGES TO THIS PRIVACY POLICY
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
[Re: Privacy Compliance Officer]
[6732 w coal mine ave, #130, littleton, CO, 80123, United States]