Updated: October 1, 2018
We are Data Controller in relationship with all partners including Facebook and Google, except BabeSafe in New Zealand. BabeSafe is Data Controller and Baby Mattress Covers, LLC is Data Processor when Personal Data is emailed to New Zealand for fulfillment. BabeSafe in New Zealand does not process or fulfill any EEA, UK or Swiss orders.
Baby Mattress Covers, LLC does not have an EEA representative able to support EEA, UK or Swiss customers’ questions. Inquiries are in progress should this EEA representative absence continue to restrict our interactions with the EEA, the UK and Switzerland. In the meantime, Baby Mattress Covers, LLC does not conduct business with these regions because of this EEA representative absence.
§ 1. Cookies
● Please call us during business hours to make your BabeSafe® mattress cover purchase through our Authorize.Net virtual terminal if you are unable to give your consent for use of this website, but still wish to purchase a mattress cover.
◽ Our Divi-Theme WordPress website is hosted on a CloudAccess server in Traverse City, Michigan, USA. It collects cookies for the operation of the website. Your Personal Data remains anonymous to us with this cookie.
◽ Our Ecwid powered BabeSafe® Store WordPress widget plugin is itself EU General Data Protection Regulation (GDPR) compliant and on a European server, but redirected through a Virginia, USA IP address.
◽ Google Tag Manager contains the following tags on all our pages of our website: Zotabox, Facebook Pixel, Google Analytics and Google Ads. The cookies collected through these services are for e-commerce success evaluation, social media and ad marketing, as well as for page visit analysis. The latter analysis is for site traffic study and for website design improvement.
» The Zotabox tag in Google Tag Manager places script for the EU Cookie Notification banner on all our website pages. Zotabox places a session-cookie on your browser that retains your consent for as long as your browser is open. A Zotabox cookie is associated with the Social Media Buttons, Social Media Bar on mobile and the Social Reviews (accessing the web for reviews on Google).
» The two Facebook Pixel associated with our website are of the Ad Pixel type. One Pixel is associated with the BabeSafe Mattress Covers Facebook page and the other is associated with the Baby Mattress Covers, LLC Facebook page. Both Pixel IDs accumulate Customer Data consisting of Contact Information [name, email address and phone numbers] and Event Data [actions taken, such as website visits and purchases made]. In the EU this Customer Data is termed Personal Data.
» The Facebook Contact Information and Event Data is only used to make pairing matches with Facebook or Instagram user IDs for your respective accounts. Once the match has been made, the Contact Information is deleted.
» The Facebook Event Data is used to generate Facebook Analytics reports on the Facebook and Instagram ad campaigns we run and to provide business insight into how you interact with our website and Store. We target Facebook-presented ad Audiences generated from non-Baby Mattress Covers, LLC Customer Data provided by Facebook. The audience we select is to Mom’s that we expect to be interested in mattress-wrapping.
» We do not upload email addresses or phone numbers to Facebook, nor do we upload Sales Data to Facebook for any of the Facebook Tools.
» There are two manner of consent to use Facebook Customer Data: 1.) When you interact with our website, consenting to our Cookie Banner shows you agree to our use of Facebook Pixel cookies on our website. 2.) When you are on our Facebook page, or our Instagram account, or their respective ads, it is implied that you have accepted the use of those Facebook cookies by your use of Facebook services. When linked over from Facebook or Instagram to our website, our EU Cookie Banner gains your consent to our use of the Facebook cookies originating from our website.
» We as Data Controller have no way of setting the expiration of Facebook Customer Data. Your Facebook data does not expire.
» No third-party has access to our Facebook processed Customer Data.
● Google Analytics and Google Ads
» The Google Analytics (GA) cookie data provides statistics to help us monitor the number of sessions, geolocation of traffic to our website and the efficiency of our business [ecommerce conversion rates and bounce rates]. The GA tag also provides us session duration information on how long the average person spends on our website, how they find our website and the path they take navigating our website once they are here. The GA service has a Real Time feature showing where someone presently on the website is located, as well as which and how many pages they have just viewed within the last 30 minutes.
» The Google Ads and GA cookie tags provide event information for Remarketing and Conversions. They also supply demographics and impressions information for Advertising. The Ads campaigns we use include Search, Display, Shopping and Remarketing. Our only so-called ‘Ads Audience’ is of those who visit our website determined by an Ads tag and GA tag in Google Tag Manager.
» Event Data and User Data is retained on Google Analytics for 26 months. The 26 month time period starts afresh when you revisit our website. No personally identifiable information (like names, email addresses or phone numbers) are collected. Because User-ID’s are not enabled on our GA account, visits and behavior specific to you on our site are not tracked. Our ads are non-personalized. We target ads by location to country, state or county. Only the specific zip codes of Benton Harbor, MI and Kalamazoo, MI are the closest to granular Ads targeting we perform.
» Logical Position (USA), our Google Ads management team, has access to both our Google Ads and Google Analytics account information. Logical Position offers us their functional role of Paid Search Optimization. They have determined that they are neither Data Processor nor Data Controller with respect to your Personal Data.
» This UK website describes how to delete all cookies from your browser. ( www.aboutcookies.org ) It must be noted that completely deleting all cookies may hinder various functions stored on your browser, such as saved logins.
» The Google Analytics browser opt-out add-on ( https://tools.google.com/dlpage/gaoptout/ ) feature is available for most all browsers. When correctly installed on the specific browser you are using to access our website, this add-on prevents your visit activity from being shared with GA. But other website statistics are still collected.
» For further information on how Google uses your information and how to control their services please visit this site ( https://www.google.com/policies/technologies/partner-sites/ ).
§ 2. Personally Identifiable Information
◽ Your name, address and email address are kept locally on our computer and in our online BabeSafe® Store database. This is to keep a record of you as having been a customer for the possible lifespan of your BabeSafe® mattress cover.
◽ To insure most accurate and timely postal deliveries, we may write to ask you to further complete the address you give us initially. An example is with the name of the business if you give us a business address. Or, if you use abbreviations of your name, we will write asking you to complete your full name. The changes are used for the postal label.
● With our normal experience, the active usage lifespan of a BabeSafe® mattress cover begins within 6 months of purchase and ends when your baby is about two years old. For our purposes we consider the active usage lifespan to be 3 years. The full lifespan ends when the cover is either removed from the mattress, the BabeSafe® cover wears out or when the mattress itself wears out. Typically, but not always, a mattress cover can function well for two separate baby uses. Yet, a wrapped mattress can be stored indefinitely, to be used again at any time for that second baby. In the UK, legal claims against a product cannot be made any longer out than 10 years after a product has been put into circulation. The legal lifespan of the BabeSafe® mattress cover is then considered by us to be ten years.
◽ Your email address is also kept online for the Returning Customer discount authorization. For you to access your discount, Sign-in to our BabeSafe® Store before selecting your cover.
◽ Your IP address is recorded by our online store and our payment gateways. A truncated version of your IP address, minus the last set of digits, is logged when you click ‘Accept’ and give consent to enter our website. This IP logging is necessary to prove you gave consent when visiting our website.
◽ Our Ecwid powered BabeSafe® Store is certified under the EU-USA and Swiss-USA Privacy Shield framework for Personal Data transfer between EU-USA and Swiss-USA. But this certification alone is not sufficient to fully meet the GDPR requirements.
◽ The Contact Us form on our website processes email from an Ipower email server (USA).
◽ Your Personal Data information is not sold to others and is only used for our Baby Mattress Covers, LLC purposes. We have used some customer mailing addresses for marketing in the past, but chose to no longer do direct-mail marketing to previous customers.
◽ Your personal information may be shared with rightful legal authorities if they should make such a request.
◽ The Authorize.Net and PayPal payment gateways have your credit card number, name, address, email address and IP address on record. Both gateways are PCI-DSS compliant. Your card numbers are entered into the gateways. After you do this we no longer have access to these numbers. Baby Mattress Covers, LLC does not retain your credit card numbers. Only refunds can be given to your accounts.
◽ Authorize.Net retains your information and is available for refunds for 180 days. PayPal retains your information indefinitely but your order is available for refunds for only 180 days.
◽ Our local computer is PCI-DSS compliant. We perform a yearly PCI-DSS self-audit inventory.
◽ Our local computer is protected by the latest version, with updates, of ESET Internet Security™ with malware protection, anti-virus and firewall protection. Web browsing, emails and data transfer are scanned by ESET. No alert notifications given by ESET are ignored and all warnings are heeded.
◽ BabeSafe in New Zealand is our supplier of BabeSafe® products. BabeSafe receives from us an order email containing your name, address and the item(s) purchased. BabeSafe drop ships our orders to all countries other than to the EEA, the UK, Switzerland, Canada, Israel and Mexico. Orders from the countries of Canada, Israel and Mexico are shipped from our Michigan inventory. Our EEA, UK and Swiss order fulfillment is still on hold until clarification of our absence of an EEA representative and how it affects such orders. Note: We do not take orders from customers asking for shipments to New Zealand. New Zealand parents can find new BabeSafe covers on Trade Me.
◽ Our Gift Certificates had been UK processed by Gift Up!, with the PCI-DSS compliant PayPal gateway, but the service has temporarily been made unavailable by us.
◽ Your name, address, email address, IP address and the items you have purchased can all be deleted from our current computer records at your request, as by our responsibility under our having legitimate interest.
● These computer records, such as Contact files, are to persist in our local computer’s records for ten years. Currently, we hold computer records back to 2009.
● The last ongoing backup, that is used on the occasion of a computer failure emergency, is rotated out at three months.
● Your Personal Data may be still present within archival backups that are accessed only with deliberate effort. These archival records are generated roughly quarterly and are to be deleted after about 4 years of age.
● You have a right to ask for the portability of your Personal Data to another BabeSafe® mattress cover distributor. But your payment given us will be simply refunded and not forwarded to the other distributor.
◽ You are able to ask us, and we will follow your wishes, to remove your contact information from our local computer’s database and from the online store. In doing so, you will lose your ability to receive a Returning Customer discount and lose any amends by us should there be a complaint on our BabeSafe® mattress cover. We will have no accessible record that you have been our customer. This has been called “the right to be forgotten”. It is our right to retain your email message making such a request.
§ 3. Marketing
◽ We do not do email marketing, nor plan to do so. Your email address is secure.
» MailChimp is the Data Processor and Baby Mattress Covers, LLC is the Data Controller. MailChimp may use sub-processors to process the Personal Data given to MailChimp. MailChimp is certified in compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.
◽ We do rather use re-marketing ads with Google Ads initiated when you have visited our website or Store.
◽ Our best marketing approach is your active word-of-mouth to other parents and grandparents. Please help us by actively campaigning to prevent SIDS and using this mattress-wrapping method. That is, by sharing with other parents/grandparents about their using the BabeSafe® mattress covers and 100% cotton bedding, with no padding, for their babies!
§ 4. Location Targeted Discount
◽ We have arbitrarily chosen to facilitate mattress-wrapping in Benton Harbor, Michigan, Kalamazoo County, Michigan and in the State of Mississippi targeted by zip codes from our Ecwid shopping cart. We offer the discount as a reduction from the Free Shipping from New Zealand shipping method for these three billing locations. Our basis for these discounts is they are areas with high SIDS/Infant Mortality rates. The discount amount is calculated on the items in the Shopping Bag. For those zip codes affected, it is possible to opt-in or, even opt-out of this discount should you feel not impacted to need a special discount.
§ 5. Data Controller
◽ Site management is performed by our Manager, Paul Knoll, at our physical address location. Paul is our Primary Contact and Data Protection Officer (DPO) for privacy issues. We make every attempt to respond to email correspondence within 12 hours, exceptions to this may be on non-workdays and holidays.
§ 6. Business Address
Baby Mattress Covers, LLC
614 Lynn Drive