ONLINE PRIVACY POLICY
Updated October 8, 2021

This Online Privacy Policy (“Policy”) explains what personal information is collected through our websites and online services, how that information is used, to whom it’s disclosed, and how it’s safeguarded. Unless indicated otherwise, this Policy applies only to personal information collected through the websites, microsites, mobile applications, and other online services of our brands and lines of business that expressly adopt, and display or link to, this Policy (collectively, the “Services”). These brands and lines of business include SANTA CHRISMAS. By “personal information” we mean information that relates to you, an individual user of our Services, including information that can be used directly to identify you (including name, home address, and email address), as well as other information (like tastes and preferences) when coupled with your identifying information. We refer to SANTA CHRISMAS including the associated retail brands as “we,” “us,” or “our” throughout this Policy.

This Policy answers these questions:

  • What information is collected and how is it used?
  • How is technology used to serve our advertisements on other online services and what choices do you have?
  • How do our Services interact with third-party services and content?
  • What information do we share with third parties and our sister brands (or what information may they access because of the services they provide to us)?
  • What choices do you have over how your information is used?
  • How do you update your personal information?
  • How do we secure your information on our Services?
  • Where is personal information stored and processed?
  • Whom should you contact with questions or concerns?
  • When was this Policy last updated?

What information is collected and how is it used?

  1. Information You Actively Provide through our Services

    You actively provide personal information when you visit our Services to do all the things typically associated with online services. Examples of the personal information we collect include name, address, phone number, email address, personal preferences, payment card number, purchase and ordering information, demographic information, responses to survey questions, sizing information and any other information you choose to provide. Our Services may also give you the option to upload or share pictures or videos of yourself and others. You know what information you directly provide, because you are affirmatively and actively submitting the information.

    This information is collected at various places on our Services: for instance, when you check out with your online order; engage with our mobile applications; subscribe to catalogs, email offers, and mobile messaging offers; participate in surveys; join SANTA CHRISMAS Exclusive VIP List; enter contests or sweepstakes; or interact with special-event or program offers.

    We may also collect information that you provide on our Services about people you know. For example, we collect your gift recipient’s contact information to process your gift orders. We may also collect contact information about your friends and family members when you participate in one of our refer-a-friend programs. In these instances, we may send a message to your friend or family member on your behalf. Please ensure that you only submit email addresses of individuals with whom you have a personal or family relationship and who would want to receive the message from you.

  2. Information Your Devices Provide Automatically

    1. Location Information

      You may provide information about your location when you access or use our Services.

    2. Navigational Information

      When you access our Services, your computer, phone, or other device provides navigational information, such as browser type and version, service-provider identification, IP address, the site or online service from which you came, and the site or online service to which you navigate.

    3. Device Information

      You also provide information about the computer or mobile device used to access our Services, such as the hardware model, operating system and version, identification numbers assigned to your mobile device, such as the ID for Advertising (IDFA) on Apple devices, and the Advertising ID on Android devices, mobile network information, and website or app usage behavior.

    4. Cookies, Clear Gifs and Similar Technologies

      To better understand how you interact with our Services, we may collect information using cookies, clear-gifs (also known as web beacons or web bugs) and similar technologies. We deliver a customized experience and do not currently respond to “Do Not Track” signals of web browsers.

      A cookie is a small amount of data that’s stored by your browser on your device. It’s used to do things like see how you navigate our Services, what you click on, remember you and your online purchases when you return, and recognize you and honor a special deal for you, when you redeem one of our offers from a third party’s site. This helps us improve and deliver our Services, provide better customer service, tailor and improve your online experience, and tailor offers to you based on your unique tastes and both your online and offline (e.g., in-store) interactions and purchase history.

      A clear gif is a nearly invisible pixel-sized graphic image on a web page, web-based document or email message. It helps us do things like view the URL of the page on which the clear gif appears and the time the site, document or email in question is viewed; and recognize you and honor a special deal for you, when you navigate from a third party’s site to redeem one of our offers that may have appeared there. Clear gifs in emails help us confirm the receipt of, and response to, our emails, including those that you forward to friends and family; and they help deliver a more personalized or better online experience.

      In addition to cookies and clear gifs, we may also use device identifiers, web storage, and other technologies to collect information about your interactions with our content and Services.

      The above technologies may be used to help us see which of our interactive experiences online users like most: for example, by keeping track of the number of times a video, widget or other media is accessed or embedded on social networking sites; and on which social networking sites it is embedded, based on inquiries that are sent to our Services. Cookies, clear gifs, and similar technologies also allow us to associate your online navigational information, or purchases and interactions (both online and offline), with any personal information you provide (such as name, address, phone number, survey responses, and email address). We’ll associate this information to deliver products and services to you; to improve our business; to transact business; and to market our products and services on this and other online services, and through a variety of media like email, mobile advertising, and direct mail. As an example, we may use cookies to keep track of what you put into your shopping bag. That can help us contact you if your online session is disrupted in mid-purchase, resulting in an abandoned cart. We can also use this technology to determine whether you’d be interested in participating in special events, given your preferences. The end result is a more personalized experience that’s tailored to your needs and tastes

  3. Purposes of Information Collection

    We use personal information about you, which is collected through the Services to:

    • process your online orders;
    • open an online account at your request;
    • personalize your online experience with content and offers that are tailored to your interests;
    • provide customer service, whether it’s responding to a request or following up on an order;
    • include you in surveys and contests;
    • enable you to post your content, such as comments, images or videos;
    • facilitate networks of online social activity centered around our products and services;
    • improve our Services, the manner in which offers are made on our Services, the purchase decisions of our visitors, and the interactions visitors have with our Services;
    • improve your experience with our Services: for example through faster, better, smarter, and more customized online interactions;
    • enable you to interact with third-party content service providers, whether by linking to their sites, viewing their content within our online environment, or by viewing our content within their online environment;
    • market our products and services that may be of interest to you–for instance, we may add you to the SANTA CHRISMAS email list when you make an online purchase or sign up to receive emails; or we may add you to the POSH BOX email list if you sign up for POSH BOX; and
    • create aggregated, pseudonomized or anonymized information for statistical purposes.

Information Others Observe or Collect through Technology

We evaluate and select third-party service providers to help us provide certain features on our Services and analyze our visitors’ preferences for us, through the use of such services as Google Analytics. These service providers may use some or all the technologies described above.

How is technology used to serve our advertisements on other online services and what choices do you have?

We contract with third-party advertising companies, which may collect information about your use and interactions with the Services, over time and across third-party websites and online services, for use in delivering tailored online display and banner advertising to you on other websites and online services. To serve this advertising, these third-party companies place, use, or rely on the technologies described above, including cookies, clear gifs, device identifiers and similar technologies to obtain information about customer interactions with us through our Services and interactions with other online services. These companies use the information they collect to serve you ads that are targeted to your interests.

For information about opt-out programs that these third party advertising companies participate in, and to opt out of the use of website browsing data for interest-based advertising by companies that participate in these programs, click the following: NAI Opt Out or, DAA Opt Out. To opt out of the use of data collected from the mobile applications on your device to serve ads that are targeted to your interests, consult the settings on your device. You can also click the preference icon that may appear on some of our advertising served through use of these technologies.

How do our Services interact with third-party services and content?

We link to third-party sites and services, or otherwise display third-party content through our Services. We do this for your convenience. We don’t endorse or generally have any affiliation with these third parties.

Here are examples of the types of third-party content and services available through or via our Services:

  1. Interactive Maps

    We may facilitate easy access to the online maps of content providers like Google. There you can get quick location, driving, and contact information for our stores.

  2. Sweepstakes, Contests, and Survey Sites

    We may rely on the expertise of third-party service providers to run sweepstakes, contests, and surveys. Navigation to these sites may be seamless so that it appears you’re still using our Services. In these cases, the third-party’s privacy policy may apply to any personal information you provide in connection with the event. So please take note of who’s running the event in question; and the terms, conditions, and policies that apply.

  3. Social Networking and other Third-Party Sites and Services

    We may at times facilitate easy access to third-party sites and online services, like social networks and other services that host user-generated content. This may include easy click-through access, the ability for you to share content on third-party services, or even “single sign-on” to these services. The third-party’s privacy policy applies to any information or content you provide through these services.

  4. The SANTA CHRISMAS Credit Card Site

    The SANTA CHRISMAS Credit Card is an upcoming feature. We will enable you to navigate easily to the site of our Credit Card Bank, where you can apply for the SANTA CHRISMAS card and pay invoices online. Our Credit Card Bank will issue and own the SANTA CHRISMAS credit card accounts. When you apply online for a SANTA CHRISMAS credit card or pay your account online, you leave our Services and interact directly with our Credit Card Bank. Any information you provide to our Credit Card Bank is subject to its terms, conditions, and policies, including its privacy policy.

  5. International Checkout

    We work with eShopWorld to sell and deliver our products to certain international destinations. If you are shipping to a country supported by eShopWorld, you will navigate away from our Services to a co-branded checkout service “powered by eShopWorld.” eShopWorld’s privacy policy, and not our Policy, will apply to information that you directly provide on that site, such as your payment information. Additionally, when you navigate to eShopWorld’s checkout site, we will share information about you and your order with eShopWorld to facilitate your purchase of our products from eShopWorld. Please see eShopWorld’s privacy policy for information about its privacy practices

What information do we share with third parties and our sister brands (or what information may they access because of the services they provide to us)?

We may share information about you with third parties, as described below, and as otherwise described in this Policy:

  1. Our Sister Brands

    We may share the information described in this Policy, like postal and email address, customer preferences, and purchase history with affiliated entities that operate our sister brands so they may market to you. Our sister brands include such brands as SANTA CHRISMAS. We will obtain your consent to this sharing in jurisdictions where it is legally required. If you don’t want this information shared with our sister brands, follow the instructions below in

  2. Contractors

    We use third-party service providers and contractors to help handle parts of our business because of their expertise, resources, or scale. They help us do things like fulfill orders, process payments, provide some customer service through chat features, monitor activity on our Services, serve surveys and provide analysis from the surveys (which could be combined with Services usage analytics), maintain databases, administer and monitor emails, administer and send mobile messages, serve ads on this and other Services and provide consulting services. Contractors may also assist us in hosting microsites, mobile websites and mobile applications where you may provide personal information about yourself and others you know; and where they may observe information about you in the same way as described above.

  3. Other Marketers

    We may share your name, postal address, and summary purchase information with other merchants and merchant exchanges. Other merchants may, in turn, use this information to send you offers for their products and services. We will obtain your consent for this sharing in jurisdictions where it is legally required. If you don’t want this information shared with these merchants and exchanges, please click here, and select Nondisclosure of Personal Information Request for the Email Subject and then complete the form.

  4. Law Enforcement and Emergency Response

    We may disclose specific information about visitors to our Services if we have a good-faith belief that it’s necessary or authorized under the law or to protect our customers, the public, or our business.

  5. Sale or Merger

    In the event we sell or transfer all or a portion of our business assets (including in the event of a reorganization, dissolution or liquidation), including a brand or line of business, information about you may be one of the business assets that is transferred in connection with the transaction.

What choices do you have over how your information is used?

  1. Email

    You may remove yourself from the SANTA CHRISMAS email list by following the removal instructions located at the bottom of each commercial email or by completing the removal from email form. If you have joined SANTA GIFT BOX, you may receive SANTA GIFT BOX Exclusive VIP email. If at any time you’d like to stop future delivery of SANTA GIFT BOX email offers, simply follow the removal instructions located at the bottom of each SANTA GIFT BOX message. Opting out of any of these emails will not stop operational or transactional messages such as password-reset or account related information from the brand or line of business in question. We may occasionally provide you with the opportunity to opt in to receive email messages from third parties. If you do opt in, we’ll share your email address with the specific third party in question. Please review their privacy policies to see how they treat your personal information.

  2. Mobile Text Messaging

    If you’ve signed up for mobile text messaging offers (e.g., from SANTA CHRISMAS) but later decide you no longer wish to receive these offers, simply follow the opt-out instructions included in the mobile message.

  3. Mobile Push Notifications/Alerts

    With your consent, we may send push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.

  4. Location Information

    You may have the ability to turn location-based services on and off by adjusting the settings of your Internet browser or mobile device or, for some devices, by revoking permission for our mobile apps to access your location information.

  5. Postal Mail

    We do not offer postal mail.

  6. SANTA GIFT BOX

    Please keep in mind that SANTA GIFT BOX is a separate and stand-alone program, which you may join by visiting the SANTA GIFT BOX section of our website or mobile application. Accordingly, your unsubscribe preferences for SANTA CHRISMAS won’t affect your SANTA GIFT BOX preferences (and vice versa). Please specify those preferences separately.

  7. Cookies and Clear Gifs

    Your browser may offer the ability to block or delete cookies from your device. Simply follow your browser’s instructions on how to block and clear cookies.

  8. Other Marketers

    If you don’t want your basic contact and purchase information shared with other merchants and exchanges for their direct marketing purposes, please click here, and type Nondisclosure of Personal Information Request for the Email Subject and then complete the form.

  9. Our Sister Brands

    If you don’t want your contact and purchase information shared with our sister brands for their direct marketing purposes, please click here, and type Nondisclosure of Personal Information Request for the Email Subject and then complete the form.

How do you update your personal information?

We need your help to keep your personal information accurate and up-to-date. You may update or modify your billing- and shipping-related information, and other account information, by logging onto our Services (e.g., Your Account on the SANTA CHRISMAS website).

How do we secure your information on our Services?

We maintain administrative, technical and physical safeguards designed to protect the personal information we collect through our Services against accidental, unlawful destruction, loss, alteration, access, disclosure or use. While we implement the above security measures on our site, you should be aware that 100% security is never possible.

Where is personal information stored and processed?

Our employees involved in data processing and our servers are based in San Francisco, California, US, and other locations throughout the United States. We work with affiliated and unaffiliated service providers in the United States, the United Kingdom, India, China, and other jurisdictions around the world.

Whom should you contact with questions or concerns?

General inquiries

If you have general questions about our Policy, please feel free to contact us by clicking on this link or by letter or email at:

When was this Policy last updated?

This Policy was last updated on October 8, 2021.

Supplemental Privacy & Cookie Notice for Visitors from the European Economic Area

If you are accessing our Services from a member state of the European Economic Area (“EEA“), this Supplemental Privacy Notice applies to you in addition to our Online Privacy Policy. This Supplemental Privacy Notice does not otherwise apply to visitors who are accessing our Services from outside the EEA.

European Union Regulation 2016/679 of 27 April 2016, governing the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“EU GDPR“), requires us to provide additional and different information about our data processing practices to data subjects in the EEA.

Cookies.

We use the following web cookies and other information technologies to provide features on our web and mobile sites to users in the EEA, including cookies that deliver basic visitor experiences, fuller website experiences such as interactivity with third-party content, and our interest-based advertising on other websites.

The following types of cookies (and cookie technology) are enabled when a web or mobile user visits this website:

Cookies (and cookie technology) and their functions
Cookie / Technology Type Function
User-Input Cookies Enables visitors’ input, choices, or selections across their website experience. Examples include maintaining a shopping cart during a visit or a form throughout a transaction.
Authentication Cookies Identifies visitors through the website after they log in.
Security Cookies Helps to ensure our website’s security when visitors request a service. For example, we use cookies to help secure account creation and login pages.
Multimedia Player Cookies Ensures such things as image quality, network link speed, or buffer information for video and audio playback.
Load-balancing Session Cookies Directs website traffic to a particular datacenter for the quickest website access, and enables visitors to return to that datacenter if needed.
Visitor Customization Cookies Stores preferences and visitor experiential histories: remembers language preference, product-page display preference, and whether certain visitor experiences should be displayed, such as email marketing signup, based on past experiences.
Social Media Plug-in Cookies These cookies from social media platforms (like Facebook and Instagram) facilitate content sharing on those platforms.
Interest Based Advertising Cookies Enables our advertising vendors to deliver tailored ads to our visitors on other websites. The ads are based on a visitor’s combined online and offline (e.g. in-store) shopping history and experience with us, as well with our vendors’ network of advertisers.
Analytics Cookies Enables us to do things like estimate number of visitors, detect most used search-engine keywords that lead to a webpage, measure page load times, administer visitor surveys, identify navigation issues, and improve web capabilities.
 

The legal basis for our processing of your personal data in connection with our Services is Art. 6.1(b) EU GDPR, which allows processing of personal data as necessary for the performance of a contract. When you access our Services, you form a contract with us based on our Site Terms, Conditions and Notices, and we need to process your personal data to respond to your requests, ship products to you and satisfy our obligations with respect to the other purposes listed in our Online Privacy Policy.

As exceptions, we rely on your consent with respect to cookies and direct marketing emails per Art. 6.1(a) EU GDPR, and legitimate interests under Art. 6.1(f) EU GDPR, especially with respect to situations where we must process your personal data to comply with applicable laws (as a U.S.-based company, we are subject to U.S. laws and must comply, just like EEA-based companies have to comply with EEA laws).

Recipients or categories of recipients of your personal data are employees of our company and affiliated and non-affiliated services providers who have a need to know.

When you access our Services, you transfer your personal data to the United States of America for which the European Union Commission has not yet issued an unlimited adequacy decision.

We will process and keep your personal information for as long as is necessary for the purposes set out in this Policy, for our legitimate business needs, and for compliance with the law.

You have a right to request from us these EU GDPR rights concerning your personal data: access to data; rectification of data; erasure of data; restriction on processing; objection to data processing; and data portability. You can exercise these rights through a combination of actions: accessing the information in your account or exercising your opt-out options through our Services.

If you have provided consent for direct marketing emails or other data processing, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

You have the right to lodge a complaint with a supervisory authority.

We do not use automated decision-making, including profiling, as referred to in Article 22(1) EU GDPR, that is, in a way that produces legal effects concerning you or significantly affects you. Our Services’ customization technologies and e-commerce processes are automated, but do not produce legal effects or affect you significantly as contemplated by Art. 22(1) or (2) EU GDPR.

You can contact us with any questions, or to exercise your rights by sending a message to our SANTA CHRISMAS Concierge.