This Privacy Policy applies to all COMFY websites (both mobile and browser based), applications, and services. This includes all information gathered from websites, applications, and services owned and operated by COMFY, including information provided to COMFY in the course of exercising your privacy rights or submitting a privacy related request.
Prior to using or operating COMFY services, or the submission of a privacy related request, please review the following policy to ensure you are informed of your rights, our policies and standards, and relevant regulations that govern your privacy operations.
COMFY's Commitment to Data Privacy
At COMFY, the privacy of your data and your privacy rights are a top priority. COMFY takes extreme care with any data it identifies as “personal data” regardless of where you reside. Any data that directly identifies you, such as your name or address, or any data that can be reasonably used to identify you, is treated with the utmost care and standard of security.
This privacy notice outlines the ways in which COMFY, or its subsidiaries handle your personal data. This includes instances where you interact with our websites, products, physical stores, or our personnel in any capacity.
It is important to note that this notice does not apply to any third parties or affiliates, or how they may use your personal data. For information regarding the way third parties and affiliates handle your data, please review the privacy policies or notices provided by each specific third party.
What is Personal Data?
During the course of our business operations, COMFY collects data and/or personal information such as your name, other contact information, shipping information, and your billing information. COMFY collects these data types when it is provided to us through the use of our services. This includes interacting with our websites, placing an order through various methods, or signing up for our marketing lists. In some instances, COMFY may combine your provided information with additional information provided to us by third-party services and external sources.
Your Privacy Rights and Choices with COMFY
COMFY believes in transparency without our data collection and processing operations, consequently, at any time you are entitled to information regarding what data COMFY retains about you, including:
Categories or specific data that is collected about you
Categories of sources from which personal information is collected from
Purposes for which personal information is collected
Any third parties that COMFY shares your personal information with
With your Personal Information collected by COMFY, you have the freedom to change or correct your information at any time. COMFY respects your data privacy rights and allows all our users to exercise their right to know, access, correct, transfer, restrict the processing of, and delete your Personal Information. Please reference the “Contact us about data privacy at COMFY” section of this policy for contact information to exercise the aforementioned rights.
Additionally, you have the choice to cease communications with COMFY entirely, if desired. At any time, you may request to be removed from our lists and have your Personal Information scrubbed from our systems, you can request to cease all email communications, and you may also request that information like geographic location and cookie/beacon information be removed from our databases and systems. You will not be a subject of discriminatory treatment as a result of your choice to exercise your privacy rights.
Verification of Personal Information Requests
For some personal information requests, COMFY is required to verify your identity before completing your request. In order to verify your identity, COMFY may ask you to provide your full name, other contact information, and your relationship with COMFY. In some instances, COMFY may require additional information to complete your request. Once this information has been received by COMFY, we will verify it against the information currently held by COMFY in relation to the information provided and verify your identity. In the event that your identity cannot be verified, COMFY will contact you for further information, or provide a rationale for denying your request.
Authorized Delegate
In some instances, you may designate an authorized delegate on your behalf to make a data request. An authorized delegate will also be subject to verification procedures, which may require additional information for COMFY to ensure that your authorized agent is legitimate and acting on your behalf.
Personal Data COMFY Collects About You
COMFY holds personal privacy as one of its core tenets, consequently, we strive to only collect and retain information that is necessary for our business processes, and that there is a present need for.
COMFY collects the following types of information during the course of our regular business operations:
Information provided to COMFY by you, the customer:
Full name
Email address
Mailing address
Phone number
Date of Birth
Gender
Location
Language
Credit or debit card number
CVV Code
Expiration date (card)
Call recordings
Chat messages
Social media communications
Information we collect when applying for financing.
SSN
Income information
Information we collect from our websites, applications, or services.
Purchase history
Cart history
IP Address
Access time and date
Hardware or software usage
Device usage
Browser usage
Device event data
Product interaction
Cookie/beacon/pixel data
Location data
Information collected from third parties.
Email address
Mailing address
Phone number
Password (account linking)
Social media accounts
Demographic data
Fraud detection data
Credit data
Activity data (interactions and preferences)
Personal Data COMFY Receives Externally
COMFY may receive data about you from external sources, like individuals, business, third parties, partners, or other lawful sources.
COMFY may collect data from other individuals in instances in which others purchase a gift card or product on your behalf, invite you to participate in a marketing event, or share content from our websites with you. COMFY may also collect data when expressly directed to do so by you. This includes rewards programs, sweepstakes, and instances in which partners or affiliates send us your data. COMFY may also receive information about you from third parties. This includes credit and background checks during purchases, fraud prevention mechanisms and partners, and security services.
How COMFY Uses Your Personal Data
At COMFY, we use Personal Information collected about you to provide you services, to improve our services, to analyze our business and its processes, to conduct marketing processes, process your transactions, and to comply with any applicable legal requirements. COMFY only uses personal data that it has the express legal basis to do so. The following bases are ways in which COMFY uses your data for its business:
Provide you services – COMFY collects your data in order to deliver the best possible products and services. This includes but is not limited to; collecting personal data to improve our internal processes and business offerings, for data analysis and business analytics, for audits, for customer support, and for troubleshooting of our operations and systems.
Communicate with you – COMFY collects your data in order to provide necessary communications with you regarding your COMFY account, any transactions, provide you relevant information regarding our services and security, or request feedback about our products or services. Additionally, we may use your personal data to communicate any changes that may occur to our policies, procedures, or terms and conditions.
Prevent security breaches – COMFY collects your data in order to mitigate potential security breaches. Your data may be collected and analyzed by COMFY in order to identify any instances in which your Personal Data has been compromised.
Prevent fraudulent activity – COMFY may collect information about you to screen transactions in order to mitigate fraud, and to protect our users and company from potential instances of fraud.
Process transactions – COMFY may collect your information as part of the transaction processes which are conducted on within our business. Your personal identifiers, purchase information, and payment data may be collected by COMFY to ensure that transactions are conducted in a safe, secure, and reliable manner.
Comply with legal requirements – COMFY may use your data in the process of complying with any applicable legal obligations and requirements that COMFY is subject to. This includes but is not limited to; the request of an applicable governmental body, to satisfy financial and tax obligations, and to maintain compliance with applicable privacy regulation.
How COMFY Shares Your Personal Data
COMFY may provide your Personal Information with partners, service providers, marketing services, or other external parties at your request. Any information COMFY shares with external parties must be handled in compliance with this Privacy Policy, and with COMFY’s privacy requirements and requests.
Partners – COMFY may share your Personal Information in a lawful manner with partner companies that perform functions on our behalf and have agreed to use your personal information expressly for the purposes requested by COMFY. Additionally, COMFY may share your Personal Data in order to send offers or sweepstakes on behalf of partner companies or non-affiliated partners, such as nonprofit organizations.
Service Providers – COMFY may share your Personal Information with service providers that help us deliver our products or services to you. These parties include payment service providers, product suppliers, delivery companies, and data processing or storage providers.
Marketing Services – COMFY may share your Personal Information with reputable companies in order to provide marketing communications and information that may be useful to you. COMFY will never disclose any information other than your first and last name and your postal address to external parties for marketing purposes.
Other Instances - In the event that COMFY is involved in a merger, acquisition, bankruptcy, or total or partial sale of assets, COMFY may share your information with the relevant third-party organization.
How COMFY Protects Your Personal Data
COMFY employs reasonable and appropriate electronic, physical, and operational measures to ensure that your Personal Information is secure, and is not subject to unauthorized use, disclosure, modification, or loss.
All relevant COMFY systems employ industry-standard encryption and security standards, and all transactions that flow through our systems do so on a PCI compliant payment processor system. If you have any additional questions regarding security of Personal Information at COMFY, please contact us.
How COMFY Interacts with Children’s Data
COMFY does not knowingly allow any persons under the age of 16 to register or use its services. At no time does COMFY permit the collection of information through our systems or websites of individuals under the age of 16.
Cookies, Beacons, and Other Technologies
In the course of COMFY business processes, COMFY’s websites, services, applications, or advertisements may collect your information from cookies and beacons. Cookies and beacons help COMFY ensure a secure and safe user experience and provide us with information regarding what websites or pages you have visited, your behavior on COMFY websites and environments, and help us gauge the efficacy of our advertising campaigns and search optimization processes.
COMFY uses cookies to allow for persistent experiences on our websites. For example, we may use cookies to provide tailored product suggestions, or to keep your shopping cart persistent as you go through different pages on our website.
How COMFY Transfers Your Data
COMFY is a multifaceted organization that connects businesses and people from across the globe, consequently, your personal data may be transferred or accessed by entities around the world. COMFY has a firm commitment to adhere to any applicable laws relating to the transfer of data between countries to ensure that your data is protected.
Unidentifiable Information at COMFY
If, in the process of requesting data actions related to your Personal Information, COMFY is unable to adequately identify you in relation to your data, we will respond with a notification that your data is not identifiable and that we are not able to provide information from our systems.
Contact Us About Data Privacy at COMFY
If you have any questions regarding COMFY’s Privacy Policy, privacy standards and practices, or would like to submit a data request or complaint, contact us at:
Email:
Because data privacy and security are of the utmost importance to COMFY, our team will review your inquiry and respond in a manner that meets your needs, and our legal and contractual requirements. COMFY is committed to responding to all inquiries within 15 business days, however, in some cases we may require additional time to adequately respond to your request. In these instances, we will communicate to you about any delay, and request any additional information that may be needed to fulfil your request.
Updates to COMFY’s Privacy Policy
If, at any time COMFY decides to revise this Privacy Policy, an updated version of the policy will be made available online. If the contents of the update to the Privacy Policy are substantial, COMFY may contact you at your provided email address, and will display a notice of the update on our website(s).
Please reference this policy regularly to ensure that you understand the breadth of COMFY’s privacy policy, and to ensure that you understand any changes made to it.
Privacy Regulations
COMFY is constantly vigilant of changes to regulatory standards and industry best practices related to data privacy, and work to continually verify that our policies, procedures, and activities are compliant with data privacy regulations around the globe.
The following list details some of the major privacy regulations recognized by COMFY. It is important to note that the following list in not exhaustive or complete list, but is a summary of some of the primary regulations recognized by COMFY:
California Consumer Privacy Act (CCPA): The California Consumer Privacy Act is a California law charged with defining the extent of data protection and privacy for Californian consumers.
General Data Protection Regulation (GDPR): The General Data Protection Regulation is a European Union (EU) regulation charged with defining the extent of data protection and privacy for all individuals within the European Economic Area (EEA).
Canadian Personal Information Protection and Electronic Documents Act (PIPEDA): The Personal Information Protection and Electronic Documents Act is a Canadian federal privacy law charged with regulating private-sector organizations to promote consumer trust in electronic commerce.
Australian Privacy Act (AU Privacy Act): The Australian Privacy Act of 1988 is the principal piece of Australian legislation protecting the handling of the personal information of Australian individuals.
Indian Information Technology Act (IT Act): The Information Technology Act, 2000 is the principal piece of Indian legislation protecting the handling of personal information by corporate entities.
Japanese Act on the Protection of Personal Information (APPI): The APPI is the central piece of Japanese legislation that mandates the protection of personal information for Japanese individuals, including extraterritorial businesses that, in relation to supplying a good or service to a person residing in Japan, have collected personal information.
United Kingdom Data Protection Act (UK DPA): The United Kingdom Data Protection Act is a General Data Protection Regulation. UK DPA sets out the key principles, rights, and obligations for most processing of personal data in the UK.
COMFY reserves the right to modify this privacy policy at any time. We will promptly reflect any such modifications on this privacy policy.