Privacy Policy

Merybook (“Merybook”, “We”, “Us”, “Our”) deeply values your privacy and is committed to protecting your personal information. This Privacy Policy outlines our practices concerning the collection, use, disclosure, protection, and handling of your data when you visit or make purchases from our website, merybook.com (the “Website”). It also describes your privacy rights and how the law protects you, particularly under U.S. regulations such as the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

By accessing or using our Website, you signify your understanding of and agreement with the terms of this Privacy Policy. If you do not agree with our policies and practices, your choice is not to use our Website.

1. Definitions

• Personal Information (or Personal Data): Any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
• Usage Data: Data collected automatically, either generated by the use of the Website or from the Website infrastructure itself (for example, the duration of a page visit).
• Cookies: Small files stored on your device (computer or mobile device).
• Data Controller: The entity which determines the purposes and means of the processing of Personal Information. For the purpose of this Privacy Policy, Merybook is the Data Controller of your data.
• Service Providers (or Data Processors): Any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers to process your data more effectively.
• User (or Data Subject): Any individual using our Website who is the subject of Personal Information.

2. Information We Collect and How We Collect It

We collect several different types of information for various purposes to provide and improve our service to you. The types of information depend on your interaction with us.

2.1. Information You Provide Directly to Us:

• Account Registration: When you create an account, we collect your name, email address, and password. You may optionally provide other profile information.
• Order Placement: When you purchase products, we collect information necessary to process your order, including your name, billing address, shipping address, email address, phone number, and details of the products you ordered.
• Payment Information: When you make a purchase, your payment details (like credit card number, security code, expiration date) are collected and processed directly by our third-party payment processors (e.g., PayPal). We do not store your full credit card information on our servers, though we may retain transaction identifiers or partial card details for verification and support purposes.
• Communications: When you contact us via email, phone, contact forms, or other means, we collect the information you provide in your communications (e.g., inquiry details, contact information).
• Reviews and User Content: If you submit product reviews, comments, or other content on the Website, we collect the information you include in those submissions.
• Newsletter Subscriptions & Marketing Preferences: If you subscribe to our newsletters or promotional communications, we collect your email address and marketing preferences.

2.2. Information Collected Automatically (Usage Data):

As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, Browse actions, and patterns, including:

• Device Information: IP address, device type (e.g., desktop, mobile), operating system, browser type and version, device identifiers (like advertising IDs where applicable).
• Usage Details: Details of your visits to our Website, including the pages you view, the links you click, the time and date of your visit, the time spent on those pages, referring/exit pages, and other diagnostic data (clickstream data).
• General Location Information: We may derive your approximate location from your IP address.

The technologies we use for this automatic data collection may include:

• Cookies (or browser cookies): See Section 4 below for details.
• Web Beacons (or pixel tags): Small electronic files embedded in web pages or emails that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (e.g., recording the popularity of certain content and verifying system integrity).
• Log Files: Servers automatically record information created by your use of the Website. Log files may include information such as your IP address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, device information, search terms, and cookie information.

3. How We Use Your Information

We use the information we collect for various legitimate business purposes, including:

• To Provide and Manage Our Services:
  
  • To present our Website and its contents to you.
  • To process and fulfill your orders, including managing payments, arranging for shipping, handling returns and exchanges, and providing you with invoices and/or order confirmations.
  • To create and manage your user account.
  • To provide customer support and respond to your inquiries.
• To Improve and Personalize Our Services:
  
  • To understand how users interact with our Website and identify usage trends.
  • To improve the Website’s functionality, performance, design, and product offerings.
  • To personalize your Website experience, such as by showing you products or offers we think you might like based on your Browse or purchase history.
  • To administer surveys, contests, or other promotional activities (subject to your consent where required).
• For Communication:
  
  • To send you transactional communications related to your account or purchases (e.g., order confirmations, shipping updates, password resets).
  • To send you important information regarding the Website, changes to our terms, conditions, and policies.
  • To send you marketing and promotional communications (e.g., newsletters, special offers), but only where we have your consent or as otherwise permitted by law. You can opt-out at any time (see Section 8).
• For Security and Fraud Prevention:
  
  • To detect, prevent, and respond to fraud, abuse, security risks, and technical issues.
  • To protect the rights, property, or safety of Merybook, our users, or others.
  • To verify your identity when necessary.
• For Legal and Compliance Purposes:
  
  • To comply with applicable laws, regulations, legal processes, or governmental requests.
  • To enforce our Terms & Conditions and other agreements.
  • For accounting, auditing, and other internal functions.

4. Cookies and Similar Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Website and hold certain information. Cookies enhance your Browse experience by allowing the Website to remember your actions and preferences (such as login, language, font size, and items in your shopping cart) over a period.

4.1. Types of Cookies We Use:

• Essential/Strictly Necessary Cookies: Required for the operation of our Website. They enable core functionality such as security, network management, accessibility, and processing purchases.
• Performance/Analytical Cookies: Allow us to recognize and count the number of visitors and see how visitors move around our Website. This helps us improve the way our Website works (e.g., by ensuring users find what they are looking for easily). We use tools like Google Analytics for this purpose.
• Functionality Cookies: Used to recognize you when you return to our Website. This enables us to personalize content for you, greet you by name, and remember your preferences (e.g., your choice of language or region).
• Targeting/Advertising Cookies: Record your visit to our Website, the pages you have visited, and the links you have followed. We may use this information to make our Website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties (like advertising partners) for this purpose.

4.2. Your Choices Regarding Cookies:

• Browser Settings: Most web browsers allow some control of most cookies through the browser settings. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. However, if you disable or refuse cookies, please note that some parts of this Website may become inaccessible or not function properly. Find out how to manage cookies on popular browsers:
  
  • Google Chrome
  • Microsoft Edge
  • Mozilla Firefox
  • Apple Safari
• Opt-Out Tools: You can opt out of interest-based advertising from participating companies through the Digital Advertising Alliance (DAA) at http://optout.aboutads.info/ and the Network Advertising Initiative (NAI) at http://optout.networkadvertising.org/.

4.3. Do Not Track Signals: Some web browsers may transmit “Do Not Track” signals. Currently, there is no industry standard for how websites should respond to these signals. Therefore, like many websites, we do not currently alter our practices when we receive a Do Not Track signal.

5. Sharing and Disclosure of Your Information

We value your privacy and do not sell your Personal Information for monetary consideration. We may share your information only in the circumstances described below:

• With Service Providers: We share information with third-party vendors, consultants, and other service providers who perform services on our behalf. These may include:
  
  • Payment processors (e.g., PayPal) to facilitate payments.
  • Shipping carriers (e.g., USPS, UPS, FedEx) to deliver your orders.
  • Marketing platforms and email service providers (e.g., Mailchimp) to manage communications (subject to your preferences).
  • Website hosting and infrastructure providers.
  • Data analytics providers (e.g., Google Analytics) to help us understand website usage.
  • Customer service software providers.
  • Fraud prevention services.

  These service providers are contractually obligated to protect your information, use it only for the purposes for which it was disclosed, and are prohibited from using it for any other purpose.

• For Legal Reasons and Protection: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:
  
  • Comply with a legal obligation, subpoena, court order, or other governmental request.
  • Protect and defend the rights, property, or safety of Merybook, our users, or the public.
  • Prevent or investigate possible wrongdoing in connection with the Website.
  • Enforce our Terms & Conditions or other agreements.
• In Connection with Business Transfers: If Merybook is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Information may be transferred as part of that transaction, subject to standard confidentiality arrangements.
• With Your Consent: We may disclose your Personal Information for any other purpose with your explicit consent.

We explicitly state that we do not “sell” Personal Information as traditionally defined. However, under the CCPA/CPRA’s broad definitions, sharing information for cross-context behavioral advertising (through certain third-party cookies) might be considered “sharing” or a “sale.” Please see Section 8 for your right to opt-out.

6. Data Security

We have implemented administrative, technical, and physical security measures designed to protect your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. Key measures include:

• Using Secure Sockets Layer (SSL) / Transport Layer Security (TLS) encryption for transmitting sensitive data (like payment information and login credentials).
• Implementing access controls to limit access to Personal Information to authorized personnel who need it for their job functions.
• Using firewalls and other network security measures.
• Regularly reviewing our security practices.

However, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. You are also responsible for keeping your account password confidential.

7. Data Retention

We retain your Personal Information for as long as is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

• The length of time we have an ongoing relationship with you and provide services to you (e.g., as long as you have an account with us or keep making purchases).
• Whether there is a legal obligation to which we are subject (e.g., certain laws require us to keep records of your transactions for a certain period).
• Whether retention is advisable in light of our legal position (e.g., regarding applicable statutes of limitations, litigation, or regulatory investigations).
• Our legitimate business needs (e.g., for record-keeping, customer service, fraud prevention).

When we no longer need your Personal Information for these purposes, we will either securely delete or anonymize it.

8. Your Privacy Rights (Especially for California Residents)

Depending on your jurisdiction, particularly if you are a resident of California, you may have specific rights regarding your Personal Information under laws like the CCPA/CPRA.

8.1. Your California Privacy Rights:

• Right to Know/Access: You have the right to request that we disclose certain information about our collection and use of your Personal Information over the past 12 months. This includes:
  
  • The categories of Personal Information we collected about you.
  • The categories of sources for the Personal Information we collected about you.
  • Our business or commercial purpose for collecting, selling, or sharing that Personal Information.
  • The categories of third parties to whom we disclose that Personal Information.
  • The specific pieces of Personal Information we collected about you (Data Portability Request).
• Right to Delete: You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions (e.g., completing a transaction, detecting security incidents, complying with legal obligations).
• Right to Correct Inaccurate Information: You have the right to request that we correct any inaccurate Personal Information that we maintain about you.
• Right to Opt-Out of Sale/Sharing: You have the right to direct us not to “sell” or “share” your Personal Information. As mentioned, while we don’t sell data for money, some sharing for cross-context behavioral advertising via cookies might qualify. You can exercise this right via our support team.
• Right to Limit Use and Disclosure of Sensitive Personal Information: If we collect sensitive personal information (as defined by CCPA/CPRA), you have the right to limit its use to that which is necessary to perform the services or provide the goods reasonably expected. We currently do not collect Sensitive Personal Information triggering this right.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

8.2. How to Exercise Your Rights:

To exercise the rights described above, please submit a verifiable consumer request to us by either:

• Emailing us at: [email protected]

Only you, or someone legally authorized to act on your behalf (an “Authorized Agent”), may make a verifiable consumer request related to your Personal Information. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. We will outline the verification process when you submit a request, which may involve confirming details we already have on file for you or providing additional proof of identity depending on the sensitivity of the request.

8.3. Response Timing and Format: We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

9. Children’s Privacy

Our Website is not intended for children under 13 years of age. We do not knowingly collect Personal Information from children under 13. If you are under 13, do not use or provide any information on this Website. If we learn we have collected or received Personal Information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us immediately at [email protected].

10. Links to Other Websites

Our Website may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We may also provide notice through email or a prominent notice on our Website prior to the change becoming effective. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions, comments, or concerns about this Privacy Policy, our privacy practices, or if you wish to exercise your rights, please contact us:

• Via Email: [email protected]