We are eve Sleep Plc (company number 09261636) registered in England with our registered office at 128 Albert Street, London, NW1 7NE. (and we refer to ourselves as “eve”, “we” or “us” or “our” in this document).
We will only use the information that we collect about you lawfully (in accordance with the Act and other applicable data protection laws in the UK). We are registered with the Information Commissioner’s Office (registration number 07481600397).
This privacy notice aims to give you information on how we collect and process your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, purchase a product or service or take part in a competition.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
Eve sleep plc is the controller and responsible for your personal data (collectively referred to as "we", "us" or "our" in this privacy notice.
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us on [email protected]].
B. The Information We Collect
Data we collect from you directly
When you register on www.evemattress.co.uk (the “Site”) or you buy anything from us we will ask for some or all of the following information: your name, email address, phone number and full and shipping and billing addresses, including postcode. We also have a record of your password and IP address.
If you buy from us, you will also be asked to provide payment information; this is to be collected by a third party payment gateway and we do not see this. Please see the section on “Payment Information”, below, for more information on payment data.
We may also ask you sometimes to provide your age and possibly certain other personal details such as gender or where you heard about us.
Data we collect from your activity on the Site
As you use the Site, we collect data about your activity on the Site. This includes things like:
- Information on what you buy and how you use the Site.
- Information about your use of various Site services.
- Your communications with eve.
- Other information related to your activity, such as which website referred you to us.
Data we collect from other sources
We may receive information about you from third party sources, such as data aggregators and from third parties to whom you have given permission to share your information or from whom you have given us permission to request your information. For instance, by registering for the Site using Facebook or another social network, you grant permission to that network to share your details. Depending on the network rules and your settings on it, this may include data such as your date of birth, your marital status, the number of people in your household and other information.
Sensitive Personal Data
Sensitive personal data is defined by the Data Protection Act and includes details such as information related to your health, sexual orientation, religion, race or ethnic origin. For the most part, we will not need any Sensitive Personal Data in order to provide our services and we will not request it.
C. How We Use the Information We Collect
We use the personal data we collect to provide the Site, the goods on the Site and services related to them, to customise and improve your experience with eve, to make your experience as enjoyable and efficient as possible and for commercial purposes.
Use of Information to Provide the Services
Certain information is required in order for the Site to operate.
Here are some specific examples of information used:
- Your email address and password allows us to recognise you when you return so that we can provide you with a faster service and a personal user account.
- Your address allows us to verify we can deliver to you – and also to tell us where to deliver!
- We use your IP address to prevent any spam, fraud or abuse of our site.
- We use your login data to allow you to place an order.
- To facilitate your using the Site, we may (or your browser may) pre-populate certain fields in the registration forms. If we do so, it will be for fields for which we already hold your information, such as your name and email address. You always have the opportunity to delete any fields that we pre-populate.
- When you place an order on the Site we will ask you for your full name, your telephone number and shipping and billing addresses (among other things). On subsequent purchases, we may pre-populate these fields for you with the information previously provided. You always have the opportunity to amend any fields that we pre-populate at the point of purchase.
- We use information collected by us on transactions you have completed order to monitor service quality levels and to provide service and support to eve users in general and for individual sales.
- With your consent, we use your information to send you marketing e-mails about upcoming promotions, and other news, including information about products and services offered by us and our affiliates.
Use of information to customise and improve the eve experience
We want your shopping experience with us to be as enjoyable as possible. We will collect the data about your shopping activities and preferences to customise your account (in addition to how you customise it yourself) and to enable us to provide an efficient and user-friendly service. We will also use it to improve the quality of the Site.
Here are some specific examples of how we use your data:
- We keep details of purchases from us, and we may make this information available to you via for your review and record-keeping purposes.
- We may keep a record of certain of your preferences, so you don’t need to reset these preferences every time you start shopping.
- We keep a record of your login details to make it faster for you to place orders in the future so that you do not continually have to re-enter such details.
- Paying attention to how you use the Site helps us to develop improvements to the Site and the goods and service we offer.
- If you have been referred to us by a third-party website, we may keep a record of the website that referred you so that we may work out which websites refer more or less users to our Site. We may also have referral arrangements with certain third-party websites and referrers and we may use this data to fulfil obligations that we may have to these third-party websites or referrers.
- We collect and track individual and aggregate information about shopping habits, products and service preferences and selections which users have made and the like. We use this information for the personalisation or general improvement of the goods and service we offer, but also for the purpose of business research. You can see more about aggregate information below.
- We collect and track individual and aggregate connection information such as browser type and version, operating system and platform; other software and hardware information and the like. We use this information to understand how and when our users access our online services, and so we can further develop our Site and goods and services to suit.
Use of Information for Commercial Purposes
We may earn revenues (which allows us to keep the Site online and our prices for our goods low!) through sources including advertising sales, including online behavioural advertising, including personalised retargeting advertising, and through the sale of business intelligence data.
Here is how your information is used for this:
- We may share information with certain carefully selected third party partners so that they can:
- present you with advertisements and promotional offers that are relevant to you and your interests or, alternatively;
- to present you with advertisements on eve based on your activity on other websites. For example, you may see ads for products you viewed on another website while browsing eve.
For more information on data sharing, please see the “Data Sharing” section.
We collect and may display or use for the purposes of marketing and advertising the Site, our goods, our services or ourselves, any testimonials or reviews you provide us with about the Site, our products or our services or ourselves – and we may append to the testimonial or review your first name (but not your surname) and general geographic location (e.g. City or locale).
Use of Your Email Address
We use your email address to communicate with you. We will send you both transactional and service message emails so we can communicate with you about Site updates or your activity on the Site. For instance, we may send you emails:
- notifying you of your registration details
- after you have made a purchase, to confirm the order and update you on the status of the order and its delivery
- to remind you of items you have abandoned in your cart
- to send you information which you have asked for
- for market research, ratings or reviews purposes, which may or may not be sent via an independent market research company on our behalf
- to contact you about the status of ratings or reviews you have submitted.
Your acceptance of the eve Terms and Conditions means that you are giving us consent to send you these emails. These emails are not marketing emails and we do not require you to explicitly opt in to receive them.
As noted above, we may use your email address to send you direct marketing communications. However, unless you explicitly opt into receiving these marketing emails, you will not receive any from us or any of our partners. You are entitled to opt out of marketing emails we may send you at any time by clicking on the "unsubscribe" link in the email footer. Please note, even if you do opt out, we may still send you non-marketing emails – non-marketing emails include emails about your Account with us (if you have one) and our business dealings with you.
Aggregate Information and Profiling
Aggregate information is data we collect about a group or category of products, services or users, from which individual user identities have been removed and from which it is not possible to work out individual customer identities. In other words, information about how you use a service may be collected and combined with information about how others use the same service, but all such information will be anonymised and no identifying information will be included in the resulting data.
Aggregate data helps us to understand trends and customer needs so that new products and services can be considered and so that existing products and services can be tailored to customer desires. We use and disclose anonymised aggregate information to provide other products and services, as well for the purposes of evaluating and improving our existing products and services. We may also sell such aggregate information through business channels.
This aggregation may include grouping customer profiles by shared characteristics such as demographic, geographic, psychographic and behavioural characteristics to better improve our ability to offer relevant products and services to you based on your demographic, geographic, psychographic and behavioural characteristics.
Failure to provide personal information
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
D. Purposes for which we will use your personal data
Purposes for which we will use your personal data
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact [email protected] if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
E. Payment Information
Anyone wishing to complete a purchase via payment card on the Site must provide the information for that payment card (eg, debit or credit card). We receive secure payment card acceptance and vaulting services from third party payment processers. We neither receive nor store any payment card details ourselves. Your payment details are received only by the third-party payment processor and are not shared with any third parties. The third-party payment processers will store your payment card details for use by you in future transactions.
Currently, eve receives payment card acceptance and vaulting services from AIB. For more information, please see AIB’s privacy policies.
F. Security Measures
All of the information we collect about you is stored on our secure servers and will be held securely in accordance with our internal security policy and the law. For example, we use secure encryption to hold passwords (e.g. the password allocated as part of the registration process – which may later be changed).
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
H. Data Sharing
Your acceptance of the eve Terms and Conditions (in accordance with the provisions thereof) means that you are giving us consent to share your personal data with our carefully selected third party partners. However, you can easily opt out of this sharing of your personal data by emailing [email protected] Even if you opt out, we will still share your personal data as needed to operate the Site or as is needed for corporate or statutory purposes.
For more information on how we might share your personal data and with whom, please see below:
Third Parties Designated by You.
We may share your personal data with third parties where you have provided your consent to do so.
Our Third Party Service Providers.
We may share your personal data with our third party service providers who provide services such as data analysis, payment processing, information technology and related infrastructure provision, customer service, email delivery, auditing and other similar services. These third parties are only permitted to use your personal data to the extent necessary to enable them to provide their services to us. They are required to follow our express instructions and to comply with appropriate security measures to protect your personal data.
- At times we work with other companies who help us to provide the Site to you or provide other support services pertaining to the operation of the Site and to the supply of products or services to you. These companies receive only the personal data required in order to provide services, and are not allowed to use that information for anything aside from providing the services.
- We reserve the right to investigate suspected violations of our Terms and Conditions or illegal, fraudulent or inappropriate behaviour on the Site; and to engage in activities needed to protect the rights, property, or safety of ourselves, of our users, or of others. To that end, and to the extent necessary to achieve the forgoing, we may exchange information with other companies and organisations, including but not limited to our partners and law enforcement agencies.
Third Party Partnerships
We may share your personal data with other third parties with whom we have a third-party partnership. However, if we do so, we will always list here who they are, what information they have and what they do with it.
If you would like to learn more about behavioural advertising, please visit (http://www.youronlinechoices.com/uk/).
If you wish to manage your other online behavioural advertising choices, you may do so athttp://www.youronlinechoices.com/uk/your-ad-choices
We may share personal data when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding.
I. Your Rights
You may contact us anytime to opt-out of: (a) direct marketing communications; (b) automated decision making and/or profiling; (c) our collection of sensitive data (if applicable); (d) any new processing or your personal data we carry out beyond the original purpose; or (e) the transfer of your personal data outside the EEA.
Please note that if you do opt out, some parts of the Site may become ineffective.
You may access the information we hold about you at any time by contacting us directly at [email protected] or via your Account on the Site (if applicable).
You can also contact us to update or correct any inaccuracies in your personal data.
Your personal data is portable – i.e. you to have the flexibility to move your personal data to other service providers as you wish.
Erase and forget.
In certain situations, for example when the information we hold about you is no longer relevant or is incorrect, you can request that we erase your personal data.
If you wish to exercise any of these rights, please contact us at:
Data Protection Request
Eve Sleep Plc
128 Albert Street,
London, NW1 7NE
In your request, please make clear:
- what personal data is concerned; and
- which of the above rights you would like to enforce.
For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request.
We will try to comply with your request as soon as reasonably practicable and in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
J. Data Retention
How long will you use my personal data for
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by [email protected]
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
K. Questions or Comments?