Enjoy a pair of Bose SleepBuds on us with your TEMPUR® Mattress order >>

TEMPUR® UK WEBSITE PRIVACY & COOKIE NOTICE

TEMPUR® UK WEBSITE PRIVACY & COOKIE NOTICE

This privacy policy was last updated on 22 March 2019.

What does this notice cover?

This Privacy Notice describes how Tempur UK Ltd. (also referred to as "Tempur Sealy", "we" or "us") will make use of your data when you use our products, services and websites.

It also describes your data protection rights, including a right to object to some of the processing which Tempur Sealy carries out. More information about your rights, and how to exercise them, is set out in the "What rights do I have?" section.

We may also provide you with additional information when we collect personal data, where we feel it would be helpful to provide relevant and timely information.

What information do we collect?

  • Your name, age, date of birth and gender.
  • Contact details, such as your billing and shipping address, email address and phone number. Your user name and password.
  • Banking information, including your debit or credit card information and sort code and account number and also transactional information including in respect of products which you purchase or when you apply for Tempur Sealy Financing or another form of financing we offer.
  • Your personal preferences, such as information about your household and purchase decisions.
  • Information about your communications with us.
  • Your marketing preferences, including any consents you have given us.
  • Product reviews or testimonials and other content you submit to us.
  • Location data we get about where you are, such as the address where you connect a computer to the internet, or a shop where you buy something with your card.
  • Information related to the browser or device you use to access our website.
  • Information about your website preferences.

How do we use this information, and what is the legal basis for this use?

We use the personal data referred to above and information which you give us for the following purposes:

To fulfil a contract, or take steps linked to a contract: this is relevant where you apply for one of our financial products or services. This includes:

  • Taking and processing payments.
  • Communicating with you and providing customer services.
  • Arranging the delivery or other provision of products, services or prizes.
  • Administering our loyalty programmes
  • Managing our relationship with you.

Where necessary for Tempur Sealy's legitimate interests, as listed below, and where our interests are not overridden by your data protection rights:

  • Providing products and services you have requested and responding to any comments or complaints you may send us. We may process personal data about your dependents, family and partner (which you give to us) in doing so.
  • Facilitating the creation of, and securing, online registered accounts.
  • Promoting our services to customers and potential customers, advising you of news and updates, and hosting or administering events.
  • Monitoring the use of our websites and online services and using your information to help us monitor, improve and protect our products, content, services and websites, both online and offline.
  • Personalising our website, products or services for you.
  • Investigating any complaints received from you or from others, about our services, products or websites.
  • To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, corporate governance and audit.
  • Monitoring customer accounts to detect, prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime in accordance with applicable law.
  • Managing how we work with other companies that provide services to us and our customers.
  • In connection with legal claims and for compliance, regulatory and investigative purposes.
  • Call recordings when you call our call centre (we will always flag to you when a call is being recorded).
  • Applications which you give us if you are applying for a job or information that we obtain from referees or your previous employers.
  • To assist us in evaluating and improving the quality of the products and services we supply
  • Collecting Internet Protocol (IP) addresses during the creation of an order to prevent fraud.

Where you give us consent:

  • We will send you direct marketing by email and/or SMS in relation to our products and services.
  • We will place cookies and use similar technologies in accordance with our Cookies Policy (below) and the information provided to you when those technologies are used.
  • On other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time.

For purposes which are required by law:

  • Undertaking checks on customers, potential customers and other third parties for the purpose of compliance with our legal, regulatory and professional obligations.
  • In response to requests by government or law enforcement authorities conducting an investigation.
  • We have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests, which we have described above. You can obtain information on any of our balancing tests by contacting us using the details set out below.
  • We will not be able to provide the products or other services requested if we are not provided with all relevant personal data. The provision of some information, such as the details you provide so we can send you marketing communications, is optional.

Automated decision making

In performing some of the functions above, we rely on technology that makes automatic decisions based on the criteria we determine to be relevant and the information we collect about you or a particular transaction. These include credit and fraud checks. We routinely test our software to improve the accuracy of these decisions and to prevent unintended bias. These decisions can have significant effects for you, such as:

  • Preventing access to our services, where we determine there is a high likelihood that providing the service to you would cause us to violate our regulatory requirements.
  • Cancelling transactions, where we determine there is a high likelihood that a transaction is fraudulent (for example, because the payment is made from a location that does not correspond to our records for that end-customer) or the payer does not have sufficient funds to cover the expense.
  • Cancelling the service, where we determine that the service is being used in violation of our terms. For example, we automatically analyse your transactions to assess whether any of the activities you conduct appear on our list of restricted activities.

Who will we share this data with?

Your personal data will be processed in and accessed from jurisdictions outside the European Economic Area (EEA) by us and by the third parties with whom we share your personal data.

We will share your personal data with other members of the Tempur Sealy Group to administer and manage group functions, including the provision of our products and services to you.

Your personal data will be transferred to Tempur Sealy Groupaffiliates and vendors in the following non-EEA countries:

  • The United States of America
  • India
  • Singapore

When we transfer your data within the Tempur Sealy Group, we use an intra-company agreement containing European Commission-approved standard contractual clauses. When we transfer your data to organisations outside the Tempur Sealy Group we use European Commission-approved standard contractual clauses to safeguard the transfer, unless we transfer personal data to a third party that has implemented Binding Corporate Rules or which uses the EU-U.S. Privacy Shield, in which case we may rely on one of those mechanisms to safeguard the transfer.

Your personal data will also be shared with trusted third parties,such as financial or other advisers, consultants and other professional experts.

We will share your personal data with companies providing services under contract to Tempur Sealy. Such third parties include providers of order fulfilment services, website and IT hosting, help desks, maintenance, call centre operations, marketing research and analysis, credit card payments and customer feedback platforms.

Your personal data will also be shared with government agencies and/or law enforcement agencies and credit reference and fraud prevention agencies if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.

In the event that the business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.

What rights do I have?

You may be entitled to ask Tempur Sealy for a copy of your personal data, to correct, delete or restrict processing of it, and to obtain the personal data you provide in a structured, machine readable format and ask us to share (port) this personal data to other organisations. You may also have the right to object to processing in some circumstances.

Where we have asked for your consent, you may withdraw consentat any time. If you ask to withdraw your consent to Tempur Sealy processing your personal data, this will not affect any processing which has already taken place at that time. You can also ask us not to send or to carry out profiling for direct marketing, at any time.

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in both the GDPR and in the Data Protection Act 2018. We will inform you of relevant exemptions we rely upon when responding to any request you make.

If you wish to exercise these rights, please contact us as set out below.

If you have unresolved concerns you have the right to complain to an EU data protection authority where you live, work or where you believe a breach may have occured.

Cookie Policy

What are cookies and similar technologies

Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. Other tracking technologies are also used which are similar to cookies. This can include pixel tags and tracking URLs. All these technologies are together referred to in this policy as "Cookies".

How do we use Cookies?

The types of Cookies that we use on our website, and the purposes for which they are used, are set out below:

  • Strictly necessary cookies: These cookies are essential in order to enable you to move around our website and use its features, such as accessing secure areas of our site. Without these cookies, any services on our website you wish to access cannot be provided.
  • Analytical/performance cookies: These cookies collect information about how you and other visitors use our site, for instance which pages you go to most often, and if you get error messages from web pages. We use data from these cookies to help test designs and to ensure a consistent look and feel is maintained on your visit to the website. All information these cookies collect is aggregated. It is only used to improve how a website works.
  • We use Google Analytics, for example, to anonymously track website usage and activity. Google Analytics is a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.
  • You can refuse the use of Google Analytics by clicking on the following link. An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website:
  • Disable Google Analytics
  • Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html or at https://www.google.de/intl/en_uk/policies/. Please note that on this website, Google Analytics code is supplemented by “anonymizeIp” to ensure an anonymized collection of IP addresses (so called IP-masking).
  • Functional cookies: These cookies allow our site to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video or commenting. Additionally, these cookies can be used to allow an optional service to function such as offering a live chat session. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.
  • Targeting cookies: These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. These cookies are dropped only with your consent. You can give your consent either by closing the cookie banner displayed on the landing page of our website or browsing the website outside the cookie banner and clicking on any of its item. Please note that we track your consent using a technical cookie; therefore, in the event you delete any cookies stored on your devices you see the cookie banner once again. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisation.
  • Social media cookies: These cookies allow you to share what you’ve been doing on our Site on social media such as Facebook and Twitter. These cookies are not within our control. Please refer to the respective privacy policies for how their cookies work.
  • Pixel tags: Also known as a clear GIF or web beacon. These are invisible tags placed on certain pages of our Site but not on your computer. When you access these pages, pixel tags generate a generic notice of that visit. They usually work in conjunction with cookies, registering when a particular device visits a particular page. If you turn off cookies, the pixel tag will simply detect an anonymous website visit.
  • Tracking URLs: These are used to determine from which referring website the website is accessed.
  • We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link. You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link
  • FullStory collects information on your use of the Site, such as pages visited, links clicked, mouse movements, as well as information more commonly collected such as the referring URL, browser, operating system, and Internet Protocol (“IP”) address. Fullstory use publicly available sources to approximate your geographic region and Internet Service Provider based on your IP address. FullStory’s purpose in collecting this data is to better understand how you use the Site. If you want more details on FullStory please see their privacy policy https://www.fullstory.com/legal/privacy/

    If you wish to opt out of FullStory collecting information please click the link https://www.fullstory.com/optout/

    Opting out will create a cookie that tells FullStory to turn off recording on any site which uses the FullStory Services. The presence of this cookie is required to continue opting out. That means if you clear your browser cookies, you will have to opt-out again.

If you do not want to allow Cookies at all, or only want to allow use of certain Cookies, please refer to the Cookie Settings button at the bottom of the website which allows you control over what groups of Cookies you allow. You can also use your browser settings to withdraw your consent to our use of Cookies at any time and delete Cookies that have already been set. Please note that by deleting our cookies or disabling future Cookies you may not be able to access certain areas or features of our site.

To find out more about Cookies please visit: http://www.allaboutcookies.org or see www.youronlinechoices.eu which contains further information about behavioural advertising and online privacy.

How long will you retain my data?

Where we process account registration data, we do this for as long as your account is active or you are an active user of our sites and for no more than six years after this.

Where we process personal data in connection with performing a contract or for a competition or survey, we keep the data for six years from your last interaction with us.

Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in future.

Updates to this Privacy Notice

This Privacy Notice may be updated periodically. We will update the date at the top of this Privacy Notice accordingly. On some occasions, we may also actively advise you of specific data handling activities or significant changes to this Privacy Notice as required by applicable law.

Contact us

We hope that we can satisfy queries you may have about the way we process your data. If you have any concerns about how we process your data, feel free to contact our Data Protection Manager, who can be contacted at dataprotection_uk@tempursealy.com.

The data controller for your information is Tempur UK Ltd. registered in United Kingdom under Company Number 02748033 who registered office address is: Caxton Point, Printing House Lane; Hayes, Middlesex UB3 1AP UK.