Webshop Privacy Policy

 

We are committed to continuously improving the sleep experience of individuals across the globe in a manner that respects and protects the privacy of our customers. The protection of your personal data is important to us, and we want you to feel safe when using our website.

 

This Privacy Policy describes the collection, processing, and disclosure of your personal data when you use our website and related services (collectively referred to as “Services”) provided by Emma Sleep India Private Limited (“Emma”, “Emma Sleep”, “we” or “us”).

 

 

  1. Contact Us
    Should you have any questions about this Privacy Policy or concerns or inquiries about how we are handling your personal data, you may reach out to our Data Protection Officer by contacting us through privacy@emma-sleep.com or by sending us a letter addressed to Emma Matratzen GmbH, Attention: Data Protection Officer, Wilhelm-Leuschner-Str. 78 60329 Frankfurt am Main, Germany.

 

  1. Information We Collect and Process

When you use the Services, we collect and process certain personal data, including personal data you provide to us directly, personal data that we collect automatically, and personal data we receive from third parties.

 

You may choose not to provide certain information, but doing so may prevent you from using the Services or accessing certain features.

 

We presume that the personal data you provide is yours.  If you choose to provide personal data from third parties, namely payment or contact information, you must inform them in advance of the content of this privacy policy and the circumstances relating to the processing of their personal data, as well as obtaining their prior consent.

 

 When you use the Services, we collect and process certain personal data, including personal data you provide to us directly, personal data that we collect automatically, and personal data we receive from trusted third parties.

 

We may receive information about you and your order from financial and credit institutions such as PayPal, if you use their services to proceed with the payment of Emma products. Please note that the personal data you shared or will share with those financial or credit institutions, is subject to their own privacy policy and procedures.

 

We may receive information about you and your order from financial and credit institutions such as Paypal, if you use their services to proceed with the payment of Emma products. Please note that the personal data you shared with those financial or credit institutions is subject to their own privacy policy and procedures.

 

The personal data we collect and process about you includes, but not limited to, the following, based on legitimate interest or performance of contract with you:

 

Category

Personal data

Purpose of data processing

Identity data

Name, username

Processed for purposes of identifying you in relation to the purchase or your inquiry.

Contact data

Email address, phone number, address

Processed for the coordination and execution of the delivery and/or pick-up of your ordered and/or returned goods in relation to the Contract, and to address your service concerns, if any, with you including any claims for returns or warranties as well as complaints. We could also use this data to send you communications regarding our marketing promotions and/or offers.

Order data

Purchasing activity (including purchased products or those added to your cart), payment information/billing data, your comments, product reviews and responses on surveys you complete, contact form inquiries to our customer service

Processed to document the payment transaction and relevant invoice for the purchase and to coordinate and fulfill the order and/or inquiry.

Browser use data

IP address, shopping preferences, information about your device type, website/browsing history, location data, cookie information (please see our Privacy Settings for details), date and time of your visit, time zone difference to Greenwich Mean Time (GMT), content of the query (specific site visited), access status/HTTP status code, amount of transferred data, browser, language and version of browser software, operating system

When you visit and use the website and our services, we automatically collect certain information that your device transmits to our server that is necessary to the functionality of the Services. The following data may be collected and saved as necessary to satisfy the technical requirements of the Services and for security purposes.

 

It is processed for the following purposes: to ensure a smooth connection of the website, to guarantee a comfortable use of our website, to evaluate system security and stability as well as for other administrative purposes. This information is temporarily stored in so-called log files. When you visit this website, this information is automatically recorded without your intervention and stored until it is automatically deleted. If you don’t want the above personal data to be collected, you should not access our website as we will be unable to allow you access to our website without such personal data.

 

We may also use your contact and order data to know your opinion about our products and/or to send you product review invites. In this case, we send you the communications based on our legitimate interest in monitoring and improving the quality of our products and services and your overall customer experience. If you have posted a product review, we may publish such review in our website and channels, without disclosing your personal identifiable information, (we will only disclose your first name and the first letter of your surname). If you do not want us to share your product review on our website, please inform our customer service through our support channels. We have engaged trusted third-party service providers to send product review invites on our behalf. Participation/submitting a review is voluntary and you can unsubscribe from similar communications in the email sent to you at any time.

 

If you participate in our referral program, certain information mentioned above will be collected and processed in order to verify and facilitate the referral discount code.

 

When you contact us, such as through e-mail, phone, chatbot, or contact forms on our website, the information you provide will be processed for the purpose of processing your request and for the event that follow-up questions arise. In some cases, we may also process health-related data you provide us with in order to address your product claims. If you are contacting us in relation to your purchase, our legal basis for the processing of your personal data is that it is needed to fulfill our contract of sale with you. If you are contacting us in relation to other matters, our legal basis for the processing of your personal data is our legitimate interest to address your concern and to enable you to contact us quickly and easily. The personal data collected by us in this context will be deleted when the request associated with the contact has been completely clarified and it is also not to be expected that the specific contact will become relevant again in the future, unless legal storage obligations stand against this. If you make a phone call to our customer support or if we contact you by phone, we will record the phone call, upon your consent, for quality assessment and/or contract execution purposes, based on our legitimate interests, namely in case we need to establish or defend us against legal claims. We will also record the call to document your consent, to comply with applicable laws.

 

We collect the data described above when you purchase products from us, when you access and use our website, when you contact us with your inquiries, and when you take part in our surveys/competitions/giveaways/promotions or answer quizzes on our website (e.g. Product Finder, etc.)

 

We also process your personal data for further purposes such as fulfilling our legal obligations regarding applicable tax, regulatory, accounting and/or reporting requirements, or where we may need it for our legitimate purposes (e.g., to help us responding to queries or complaints, responding to requests from regulators, resolve disputes or defend us from legal claims).

 

  1. Use of our website: orders and product returns

If you would like to order in our website, it is necessary for the conclusion of the contract that you provide your personal data, which we need to process your order and fulfill the contract of sale with you. The essential data for the conclusion of the contract is marked, further data is given on a voluntary basis. We use the personal data provided by you to process your order and returns. For charging purposes, we can pass on your payment data to our house bank or to the selected payment service provider. To manage the delivery of the goods to you, and due to the nature of the transaction, we will need to share your delivery address and contact details (email and phone number) with delivery companies. Only strictly necessary data will be shared for the purpose of coordination of delivery, protection against fraud and clarification of urgent issues. The legal basis for this is that this processing is objectively necessary for the performance of the contract of sale with you. This means that the sale of goods cannot, as a matter of fact, be fully performed if this specific processing of the personal data in question does not occur. Please note that failure to provide the mandatory personal data can lead to your order with us cannot be carried out.

 

If you want to make a product return, we will also need to share your personal data (delivery address and contact details) with the assigned non-governmental/charitable organization or delivery company for the pick-up and collection of the product. The legal basis is that the processing is necessary for the performance of a contract to which the data subject is party) and our legitimate interest in managing product returns.

 

  1. Categories of recipients of personal data and transfer to third countries

Within the scope of our activities and services, it may become necessary for us to disclose the personal data stored about you to natural persons, legal entities, or public authorities. We share your data with selected third parties to carry out certain activities to help us to run our business, such as subsidiaries and affiliates, customer service, credit institutions and provider of payment services for billing and payment processing (online payment providers), logistics providers, for the shipment of the products, cloud service providers, and IT support vendors, with whom we have concluded the necessary agreements. Furthermore, we ensure that they take the necessary technical and organizational measures to process your data securely and store your personal data only as long as necessary.

 

In addition, to administer any prize draws, quizzes, surveys, or competitions that you choose to enter, we may share your information with the third parties we have engaged to help us facilitate the prize draw/giveaway/competition.

 

We may also transfer your data to further recipients, outside of Emma, as far as this is contractually or legally required or needed for our legitimate purposes. These include, but not limited to the following: insurance companies, financial authorities and other authorities, financial institutions, and law firms.

 

The transfer of data outside of your country is mainly due to the location of our Head Office (in Germany) and our contractors/subcontractors. Outside of your country, we either transfer personal data to countries that provide an adequate level of protection, or, when transferred to third countries without that level of protection, we have appropriate safeguard mechanisms in place, including the signing of additional contractual clauses specifically provided for this type of transfer.

 

  1. Newsletters, offline and electronic notifications

We send newsletters, e-mails, postal mail, and other offline/electronic notifications containing promotional information (collectively referred to as “newsletter(s)”). Our newsletters contain information about our products, offers, promotions and our company.

 

Newsletter subscriptions are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the service provider are also logged. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. To subscribe to the newsletter, it is sufficient to enter your e-mail address. The provision of further data is voluntary and is used to address you personally. After your confirmation we will save your e-mail address for the purpose of sending the newsletter. The newsletter dispatch and the measurement of performance are based on your consent if you subscribed.

 

  1. If you explicitly subscribed to receive our newsletters, we will send you communications about our products and services. You can withdraw your consent and opt out at any time by clicking the ‘unsubscribe’ button in the communication you received. When you fill out the quiz “Product Finder”, and subscribe to receive our newsletter, we shall process the data about your preferences to send you personalized recommendations about our products, based on our legitimate interest in sending you information about the products suggested to you because of your answers to the quiz.

 

  1. If you are a customer, you may receive a newsletter, notification, and/or marketing without explicitly opting in. We are doing so on the basis of our legitimate interest in sending you information about identical or similar products that can be relevant to your needs. You can opt out at any time by clicking the ‘unsubscribe’ button in the communication you received.

 

  1. If you sign up and agree to receive SMS marketing from us, we will collect and process your personal data to send you SMS marketing messages. Our SMS communications contains information about our company, products, offers and promotions. In order to log your subscription to SMS marketing, we collect and process your phone number as well as the date and time you opted in. The purpose of this is to be able to prove your subscription, and if necessary, clarify any possible misuse of your personal data. For offering and using this service, we use the software solution of a third-party, under a data processing agreement. If you no longer wish to receive SMS marketing from us, you can opt out at any time by following the unsubscribe instructions in the SMS you received.

 

  1. If you sign up and agree to receive WhatsApp marketing from us, we will collect and process your personal data to send you WhatsApp messages. Our WhatsApp messages contain information about our company, products, offers and promotions. In order to log your subscription to WhatsApp marketing, we collect and process your phone number as well as the date and time you opted in. The purpose of this is to be able to prove your subscription, and if necessary, clarify any possible misuse of your personal data. For offering and using WhatsApp, we use the software solution of a third-party, under a data processing agreement. Our software solution partner stores all personal data within India. As an official WhatsApp partner, the software solution partner uses the WhatsApp Business API with the consequence that within our responsibility no other third parties or WhatsApp gain access to your communication content. Your use of WhatsApp is governed solely by the agreements you entered into with WhatsApp.

 

According to the terms of use of WhatsApp, we have your phone number and username through your contact. We use this and other information you provide to send your marketing messages and to recognize you and your preferences. The legal basis of this is your consent to receive marketing from Emma via WhatsApp. Subscribing to our WhatsApp messages is voluntary and you can withdraw your consent at any time by following the unsubscribe instruction provided in every WhatsApp message sent by us.

 

  1. If you wish and consent to receive third-party marketing content from our trusted brand partners, we will send you newsletters containing third-party products, services, offers, and promotions. In these newsletters, you may receive content related to storage services, home decoration, fitness, food subscription services, yoga accessories, beauty and skincare, sports apparel and footwear as well as coffee and tea. We will process your personal data and send these newsletters on the basis of your consent.

 

You have the right to withdraw your consent for this type of content at any time, by using the link available at the bottom of our newsletter. We also note that we may update the list of partners, and you will be notified of this update to our privacy policy.

 

  1. If you click “Allow” and agree to receive web push notifications from us, we will send you notifications containing information about our company, products, offers, and promotions. In order to log your subscription to web push notifications, we collect and process your IP address as well as the installation ID, and the date and time you opted in. The purpose of this is to be able to prove your subscription, and if necessary, clarify any possible misuse of your personal data. The legal basis of this is your consent to receive web push notifications. If you wish to stop receiving web push notifications, you may disable it by managing your push preferences in your browser settings.

 

  1. To stop receiving our newsletters, you may withdraw your consent to or object to receiving the same at any time by clicking on the unsubscribe link provided in every newsletter e-mail or by reaching out to us through privacy@emma-sleep.com. Please be aware that opting out from marketing messages will not stop our transactional service communications (such as order and delivery updates).

 

  1. Data retention

Our storage period is determined by the purpose of data and the respective legal retention periods. We store the data as long as it is required to fulfill the above-mentioned purposes. If the data is then no longer required and there are no legal retention obligations to the contrary, the data is securely deleted. The retention period of the documents is subject to various statutory retention periods, such as up to three years, tax and social security retention obligations require retention of up to ten years. We will also retain/use your personal data to respond to your inquiry/request and, if we need it, to establish, exercise or defend legal claims of Emma, or to comply with applicable law. 

 

  1. Your rights as a data subject

Where appropriate and where applicable by law, we shall provide you with the following individual rights with respect to your personal data:

  • The right to access – You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, request copies of your personal data. Exceptionally, we may charge you a small fee for this service, if we consider that your request is manifestly unfounded or excessive.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
  • The right to be forgotten – You have the right to request that we erase your personal data, under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • The right to not be subjected to automated decision making - We do not subject you to decisions based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
  • The right to lodge a complaint – You have the right to lodge a complaint with supervisory authorities regarding the processing of your personal data. Should you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you may contact the appropriate supervisory authority.

 

You can exercise your rights with respect to your personal data by contacting us via email to privacy@emma-sleep.com or postal through the contact details shown at the beginning of policy. To the extent we are processing the personal data based on your consent, you may withdraw such consent at any time, provided that such personal data is not required by a legal obligation.

 

  1. Social media plug-ins

We have integrated plug-ins on our web services. These plug-ins are indicated by the respective button belonging to the service. With the help of the plug-ins, users can share or post links to the corresponding websites in social networks such as Facebook or Twitter or recommend the contents there. Through your active interaction with these plugins, (e.g., by clicking the respective button or leaving a comment) this information is transmitted directly to the respective service and stored there. When you visit one of our web services that contain an activated plugin, your browser establishes a connection with the servers of the respective service, which in turn transmits the content of the plugin to your browser, which then integrates it into the displayed page. Thus, the information about the visit of our web services is forwarded to the respective service. We do not collect personal data ourselves by means of the social plugins or about their use and have no influence on which data an activated plugin collects and how these are used by the provider. It must be assumed that at least the IP address and device-related information is collected and used. It is also possible that the service provider will attempt to store cookies on the computer used. If you are logged in to the respective service at the same time as visiting our web services via your personal user account (e.g. via another browser session), the service provider can assign the visit to our web services to your account.

 

Since our social media channels are operated by the providers of the respective social network, there may be a supplementary use of your personal data by the respective operator, over which we have no influence. This often involves the recording of your IP address, the creation of static evaluations and the processing of further information stored in the form of cookies. We have no influence on the generation and presentation of this personal data and can neither turn off this function nor prevent the processing of the personal data. The assertion of data subject rights and requests can most effectively be addressed directly to the platform providers, since only they have access to your personal data and can take immediate action and provide information. Should our cooperation be necessary for this, we will support you in enforcing your rights as a data subject.

 

  1. Cookies

Our website also uses cookies which collect certain data to make the user experience of visiting our website as user-friendly as possible, and to allow you to make use of certain functions. Cookies are little text files that are saved on your browser’s delegated hard drive, through which certain information flows back to the person who sets the cookie. To find out more about the use of cookies and how to manage them, please access Privacy Settings).

 

  1. Third Party Links

We may provide links to third-party websites or platforms. If you follow links to sites or platforms that we do not control and are not affiliated with us, you should review the applicable privacy notice, policies and other terms.  We are not responsible for the privacy or security of, or information found on, these sites or platforms.

 

  1. Updates to this Privacy Policy

We keep this Privacy Policy under regular review and may update this Privacy Policy from time to time to reflect the changes in our services, in which case we will update the “Last Updated” date at the top of this Privacy Policy.

 

We encourage you to read and/or review this Privacy Policy periodically for the latest updates on our privacy practices. If we make material changes to the way in which we use or disclose information we collect, we will use reasonable efforts to notify you (such as by emailing you at the last email address you provided us, by posting notice of such changes on the Services, or by other means consistent with applicable law) and will take additional steps as required by applicable law.  If you do not agree to any updates to this Privacy Policy, please do not continue using or accessing the Services.