EFFECTIVE DATE: FEBRUARY 15, 2023
Navigating This Policy
I. INFORMATION WE COLLECT
We collect personal information about you directly from you, from third parties, and automatically through your use of our Services. We may combine personal information collected from or about you from these various sources.
I.A. Information We Collect Directly from You
We may collect personal information about you directly from you. For example, if you register to become a member of Resident to receive discounts and promotional offers from the Resident family of brands, we will collect your email address. If you purchase a product or service, we will collect your name, billing and shipping address, email address, telephone number, and payment card information. We will also collect any other personal information that you provide to us through our Services even if you do not complete a transaction. For example, if you begin filling out a form, we collect the information you enter even if you do not click the submit button; if you chat with us through our Site, we will collect the contents of any messages you send us; if you elect to tell us how you sleep we will collect that information (e.g., side sleeper vs. stomach sleeper); if you sign up to receive emails from us, we will collect your email address; if you complete a survey on our Site, we will collect your responses to the survey, even if you do not complete or submit the survey; and if you enter a promotion, such as a sweepstakes or contest, that we sponsor, we will collect your name, email address, and other information necessary for your participation in the promotion.
I.B. Information We Collect About Your from Third Parties
We may also collect personal information about you from third parties. We may obtain information about you from other sources, including through third party services and organizations to supplement information provided by you. For example, if you access our Services through a third-party application, such as a social networking site, we may collect information about you from that third-party application that you have made public via your privacy settings. Information we collect through these services may include your name, your user identification number, your user name, email, profile picture, and your contacts stored in that service. This supplemental information allows us to verify information that you have provided to us and to enhance our ability to provide you with information about our business, products, and Services. In addition, if your friend refers you or purchases our Services on your behalf, then we may collect information such as your contact information, email and shipping addresses from your friend.
I.C. Information We Collect Automatically Through Our Services
We automatically collect personal information about you through your use of our Services, including, without limitation your IP address, location, details about your browser, user settings, operating system and device, Internet service provider, cookie and other unique identifiers, domain name, the website that led you to our Services, the website to which you go after leaving our Services, the dates and times you access our Services, and the links you click and your other activities within the Services. Please see our Cookies and Other Tracking Mechanisms section below for more information. We may combine information we collect automatically with information we collect directly from you or from third parties.
I.D Cross-Device Tracking
Your browsing activity may be tracked across different websites and different devices or apps. For example, we may attempt to match your browsing activity on your mobile device with your browsing activity on your laptop. To do this our technology partners may share data, such as your browsing patterns, geo-location, and device identifiers, and will match the information of the browser and devices that appear to be used by the same person.
II. USER CONTENT
III. HOW WE USE YOUR INFORMATION
We may use your information, including personal information and user content, for the following purposes:
III.A. Fulfilling our Contract with You and Prividing and Improving Our Services
To provide and maintain the quality of our products and Services; to improve, upgrade or enhance our products and Services; to develop new features, products, or services; to market and advertise our products and Services; to perform security and technical operations, such as updating software and debugging to identify and repair errors that impair existing intended functionality; for other customer service and support purposes, and other uses you consent to, are notified of, or are disclosed when you provide personal information.
III.B. Marketing and Communications
To communicate with you about your account and use of our Services, including to send you product updates; to respond to your inquiries; to provide you with news and newsletters, special offers, promotions, and other information we think may interest you; to perform audits related to interactions, transactions and other compliance activities; and for other informational, marketing, or promotional purposes. Our communications with you may include communications via email or phone. Please see our section regarding Your Choices for more information about how to change your communications preferences.
III.C. Research and Analytics
To analyze how you interact with our Services; to monitor and analyze usage and activity trends; to provide advertising and marketing services; for short-term, transient use, such as contextual customization of ads; and for other research, technological developments and demonstrations, analytical, and statistical purposes.
III.D. Protecting Rights and Interests
III.E. Legal Compliance
To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.
To administer promotions that we sponsor, such as sweepstakes or contests, including to communicate with you regarding your participation in the promotion, and to notify you in the event that you win a prize.
III.G. Sharing Content with Friends or Colleagues
Our Services may offer various tools and functionalities. For example, we may allow you to provide information about your friends through our referral services. Our referral services may allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services.
IV. DATA RETENTION
We retain personal data for as long as is necessary to fulfill the transactions you have requested, for key business requirements such as marketing or for essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. The criteria we use for determining retention periods for different categories of personal data will vary but may include: how long we need to keep personal data to provide our Services and operate our business, for example, improving the performance of our Sites or maintaining appropriate financial or business records); the expectations of our customers, for example, our customers may expect that their registration details will be retained for a certain period should they choose to return to our Sites; whether we are subject to legal, regulatory or contractual obligations to retain the personal data, for example, mandatory retention requirements for tax reporting purposes.
V. HOW WE DISCLOSE YOUR INFORMATION
We may disclose your information, including personal information and user content, as described to you at the time of collection or disclosure or as follows:
V.A. Resident Users
We may disclose your information to other Resident users and the general public if you post a review to our Site.
V.C. Service Providers
We may disclose your information to our vendors, service providers, agents, or others who perform functions on our behalf. For example, we may disclose your information to third-party service providers to provide IT services, to sell or deliver products and Services, or to provide financing or process payments on our behalf.
V.D. Other Unaffiliated Third Parties
We may disclose your information to third parties, including so that those third parties may send marketing information to you. This excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties.
V.E. Business Transfers
We may disclose your information to another entity in connection with, including during negotiations of, an acquisition or merger, sale or transfer of a business unit or assets, a financing due diligence, bankruptcy proceeding, or as part of any other similar business transfer.
V.F. Protecting Rights and Interests
V.G. Legal Compliance
We may disclose your information to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; in response to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a government official.
V.H. Aggregate and De-Identified Information
We may disclose aggregate, non-personally identifiable, or de-identified information about users for marketing, advertising, research, compliance, or other purposes.
VI. COOKIES AND OTHER TRACKING MECHANISMS
Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser. Some cookies allow us to make it easier for you to navigate our Services, while others are used to enable a faster log-in process or to allow us to track your activities while using our Services. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Services who disable cookies will be able to browse certain areas of the Services, but some features may not function (e.g., you may not be able to stay logged into your account).
VI.B. Clear GIFs, Pixel Tags, and Other Technologies
Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track the activities users of our Services, help us manage content, and compile statistics about usage of our Services. We and our third-party service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
VII. THIRD-PARTY ANALYTICS
VIII. INTEREST-BASED ADVERTISING
We may use third parties such as network advertisers to serve advertisements on our Services and on third-party websites or other media (e.g., social networking platforms). This enables us and these third parties to target advertisements to you for products and services in which you might be interested. We may provide these third-party advertisers with information, including personal information, about you.
Users in the United States may opt out of many third-party ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising and your choices regarding having information used by DAA companies at www.aboutads.info.
Opting out from one or more companies listed on the DAA Consumer Choice Page will opt you out from those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through our Services or on other websites or applications. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt out, your opt out may not be effective.
Please note you must separately opt out in each browser and on each device.
IX. "DO NOT TRACK" DISCLOSURE
Our Services do not respond to Do Not Track signals. For more information about Do Not Track signals, please click here. You may, however, disable certain tracking as discussed in the Cookies and Other Tracking Mechanisms section above (e.g., by disabling cookies). You also may opt-out of targeted advertising by following the instructions in the Interest-Based Advertising section above.
X. THIRD-PARTY LINKS
We may use third party APIs and software development kits (“SDKs”) as part of the functionality of our Services. APIs and SDKs may allow third parties including analytics and advertising partners to collect your personal information for various purposes including to provide analytics services and content that is more relevant to you. For more information about our use of APIs and SDKs, please contact us as set forth below.
We have taken steps to help protect the personal information we collect. However, no data security measures can guarantee 100% security. You should take steps to protect against unauthorized access to your device and account by, among other things, choosing a robust password that nobody else knows or can easily guess and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
XII. YOUR RIGHTS AND CHOICES
If you are a resident of some countries or jurisdictions, you may have the right under certain circumstances:
– to be provided with a copy of your personal data held by us;
– to request the rectification or erasure of your personal data held by us;
– to request that we restrict the processing of your personal data;
– to object to the further processing of your personal data, including the right to object to marketing (as mentioned in ‘Our Promotional Updates and Communications’ section);
– to request that your provided personal data be moved to a third party; and,
– to exercise rights as a California resident (see below).
XII.A. Accessing, Modifying, Transferring, or Deleting Your Personal Information
XII.B. Withdrawing Consent and Opting Out of Marketing E-Mails
Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us at email@example.com.
We may send periodic promotional emails to you. You may opt out of such communications by following the opt-out instructions contained in the email or emailing us at firstname.lastname@example.org. Please note that it may take up to ten (10) business days for us to process opt-out requests. If you opt out of receiving emails about recommendations or other information we think may interest you, we may still send you emails about your account or any Services you have requested or received from us.
XII.C. Request Restriction Of of Object to Processing Of Your Personal Information
You may have the right to request restriction of or object to the processing of your Personal Information including the right to opt in or opt out of the sale of your Personal Information to third parties, if applicable, where such requests are permitted by law.
We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.
XIII. YOUR CALIFORNIA RIGHTS
The California Shine the Light law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes with us in the prior calendar year, as well as the type of personal information disclosed to those parties. We do not share personal information with third parties for their own marketing purposes.
We adopt this notice to comply with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CPRA”) and other California privacy laws. Any terms defined in the CPRA have the same meaning when used in this notice.
XIII.A. Personal Information We Collect & Share Under the CPRA
We adopt this section to comply with the CPRA. Any terms defined in the CPRA have the same meaning when used in this notice.
We collect personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household as described both above (in detail) and below. Personal information does not include: publicly available information from government records; de-identified or aggregated consumer information; or information excluded from the CPRA.
XIII.B. Your Rights and Choices
The CPRA grants California residents various rights concerning their personal information. When you submit a request to exercise your rights, we are required to verify that you are the consumer to whose personal information the request relates or that you are the person authorized to act on behalf of such consumer. If you use any of the tools we may provide in our Services, we will typically not need any additional information to verify your request but in some instances we may need additional information. If you submit your request by other means (i.e. email), we may need to ask you for additional information to validate that you are the account holder or have the right to act on behalf of the account holder. In certain circumstances, we may decline a request to exercise the right to know, right to delete and right to correct, particularly where we are unable to verify your identity.
XIII.B.i. Right to Know
You have the right to request that we disclose to you, upon verification of your identity, what categories of personal information we have collected about you, from which categories of sources, for which purposes we have collected, sold or shared that information, and the categories of third parties to whom we have disclosed the information to. You also have the right to request a copy of the specific pieces of personal information we have collected about you. To learn what categories of personal information, from what sources, for which business purposes we disclose the personal information, and the categories of third parties to whom we disclose your personal information, please see the table in this Section XIII (B) and Sections XIII (C), (D), and (E) below. To learn how we “sell” or “share” your personal information within the meaning of the CPRA, please refer to Sections III, V, VI, VII, VIII, and X above. To request a copy of your personal information, please use the tools or forms provided in our Services and you can contact us at email@example.com or 1-888-863-2827.
XIII.B.ii. Right to Request Deletion
You have the right to request that we delete any personal information we have about you. For deleting your personal information, we encourage you to use tools and forms made available in our Services or you can contact us at firstname.lastname@example.org or 1-888-863-2827. Following receipt of your verifiable request, we will delete or de-identify your personal information from our records, notify our service providers and contractors to delete your personal information from their records, and notify all third parties to whom we have sold or shared your personal information to also do so, unless this proves impossible or involves a disproportionate effort. In connection with your request, we may maintain a confidential record of your request for the purposes of preventing your personal information from being sold, to comply with laws or for other purposes permitted by the CPRA.
We may have a lawful right to retain your information under the CPRA. For example, we may deny your request if retaining your personal information is reasonably necessary to help ensure security and integrity, or to comply with a legal obligation.
XIII.B.iii. Right to Opt Out
You have the right to direct us to not sell or share your personal information, which, in our case, means that we shall no longer sell or share your identifiers and other personal information with our ad partners to make the ads you see inside and outside of our Services (as applicable) more relevant to you. Where and when available, to exercise your right to opt-out you are encouraged to use the automated tool provided in our Services. The “Do Not Sell or Share My Personal Information” link can be found on our Sites. While there are many positive aspects of the CPRA, California’s definition of “sale” includes transfers such as sharing information between affiliated companies that ordinarily may not be thought of as a “sale” in the traditional sense of the word such as serving you an ad about a new product. We will do our best to comply with all aspects of the CPRA and to provide transparency wherever your data, even where not connected to your name or any other identifiable information, may be used.
XIII.B.iv. Right to Correct
You have the right to request us to correct any inaccurate personal information we may hold on you. For correcting your personal information, we encourage you to do so by contacting us by email at email@example.com, phone at +1 (888) 863-2827, or chat on our websites. Following receipt of your verifiable request, we will correct the inaccurate personal information that we hold on you.
XIII.B.v. Right to Limit Use and Disclosure of Sensitive Personal Information
You have the right, at any time, to direct us to limit the use or disclosure of your sensitive personal information to that use which is necessary to perform the Services or as otherwise permitted under the CPRA. We do not use or disclose your sensitive personal information for purposes other than as is necessary to perform the Services or in connection with the limited business purposes set out under Section 1 of this Notice. In the event that we use or disclose your sensitive personal information for purposes other than as described under this Section, or as otherwise permitted under the CPRA, we shall notify you of this fact and your right to direct us to limit the use or disclosure of your sensitive personal information.
XIII.B.vi. Right to Non-Discrimination
You have the right not to receive discriminatory treatment for exercising any of the rights described above.
The table below lists the categories of personal information we have collected from California consumers and disclosed for a business purpose or as part of a sale within the last twelve (12) months.
XIII.C. Categories of Sources
We obtain the categories of personal information listed above from the categories of sources such as: you and your devices; our business partners or their agents; our Sites and Services; and from third-parties that interact with us in connection with our products and Services.
XIII.D. Business Purposes
We may use or disclose the personal information we collect for one or more of the following business purposes, as described to you when your personal information is collected, or as directed by you or as otherwise permitted under the CPRA or applicable law. In particular, we may use personal information for the following business purposes referred to in the CPRA:
– auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;
– helping to ensure security and integrity, such as to detect security incidents, resist malicious, deceptive, fraudulent, or illegal actions, and potentially prosecuting those responsible for such actions, and to ensure the physical safety of our users and other natural persons;
– debugging to identify and repair errors in our Services;
– short-term, transient uses, including but not limited to non-personalized advertising;
– performing our Services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, and processing payments;
– advertising and marketing services permitted under CPRA;
– internal research for technological development; and
– activities to verify or maintain the quality of safety of our Services, and improving, upgrading, and enhancing our Services.
We disclose your personal information for a business purpose to the following categories of third parties: our affiliates; advertising networks; Internet service providers; data analytics providers; government entities; operating systems and platforms; social networks; service providers such as entities who provide: IT and related services; information you have requested; customer service activities; and our products and Services; and/or third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
With respect to your sensitive personal information, we only use such information for the business purpose of performing our Services, such as to set up and maintain your account in our Services, providing customer service, processing or fulfilling your orders and transactions, verifying your customer information, and processing payments.
XIII.E. Retention of Personal Information
We retain your personal information (including your sensitive personal information) for as long as your user account is active or upon receipt and compliance with your verifiable request to delete your personal information or as otherwise needed to provide the Services. You may end this relationship by deleting your account using the functionalities made available in our Services, however we may retain records related to the sale and delivery of your purchases indefinitely. We will then delete all your personal information (including your sensitive personal information) from our own and our service providers’ systems, including backups, within 30 days, unless otherwise permitted to retain the personal information under the CPRA. We also reserve the right to periodically review and delete or de-identify user accounts that have been inactive for five years or more.
You must be at least eighteen (18) years of age to use our Services. Our Services are not targeted to children and we do not knowingly collect personal information from children. If we discover that a child has provided us with personal information, we will promptly delete such personal information from our systems.
XV. CONTACT US