Privacy Policy

Your privacy matters

This policy explains what data we collect, how we use it, and the rights you have over your personal information.

Effective date: February 21, 2026 · Last updated: February 21, 2026

Contents
01Information We Collect02How We Use Your Information03How We Share Your Information04Cookies & Tracking Technologies05Your Privacy Rights06Data Retention07Data Security08Children's Privacy09Third-Party Links & Services10International Users11Changes to This Policy12Contact Us
01

Information We Collect

We collect information you provide directly to us, information collected automatically when you use our website, and information from third-party sources.

Information You Provide
Contact information: name, email address, phone number, shipping and billing address
Account information: email and password if you create an optional account
Order information: products purchased, payment method (processed securely by Shopify — we do not store full card numbers), order history
Communications: messages sent through our contact form, email correspondence, support requests
Quiz responses: answers to our Sleep Quiz used to generate personalized product recommendations
Review content: product reviews, ratings, and any photos you voluntarily submit
Waitlist and newsletter: email address provided when joining our waitlist or subscribing to updates
Information Collected Automatically
Device and browser information: IP address, browser type and version, operating system, device type, screen resolution
Usage data: pages visited, time spent on pages, click patterns, scroll depth, referring URL, exit pages
Location data: approximate geographic location derived from IP address (city/region level — we do not collect precise GPS location)
Cookies and similar technologies: see Section 4 for full details on our cookie practices
Information from Third Parties
Payment processors: Shopify Payments provides transaction confirmation and fraud screening data (we never receive or store your full credit card number)
Analytics providers: aggregated and anonymized usage patterns from Google Analytics, Mixpanel, and Hotjar
Advertising platforms: conversion data from advertising campaigns (e.g., whether a purchase followed an ad click)
02

How We Use Your Information

We use the information we collect for the following purposes:

Process and fulfill your orders, including shipping, payment processing, and order confirmation communications
Provide customer support and respond to your inquiries, requests, and warranty claims
Send transactional emails: order confirmations, shipping notifications, delivery updates, and refund confirmations
Send marketing communications if you have opted in, including product updates, promotions, educational content, and company news — you can unsubscribe at any time
Personalize your experience, including Sleep Quiz results and product recommendations based on your responses
Improve our website, products, and services through analytics, usage patterns, and feedback analysis
Monitor and improve website performance, security, and functionality
Detect, prevent, and address fraud, unauthorized access, and other illegal activities
Comply with legal obligations, enforce our terms of service, and protect our rights and the rights of others

We do not sell your personal information. We do not use your personal information for automated decision-making that produces legal or similarly significant effects without human oversight.

03

How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. We share information only in the following circumstances:

Service Providers

We share information with trusted third-party service providers who perform services on our behalf, including:

Shopify — e-commerce platform, payment processing, order management
Vercel — website hosting and content delivery
Supabase — database hosting, authentication, and serverless functions
Google Analytics (GA4) — website analytics and traffic measurement
Mixpanel — product analytics and funnel optimization
Hotjar — heatmaps, session recordings, and user experience research
Google Tag Manager — tag management and event tracking orchestration
Email service provider — transactional and marketing email delivery
Shipping carriers (UPS, FedEx) — order fulfillment and delivery

These providers are contractually obligated to use your data only to perform services on our behalf and are prohibited from using it for their own purposes.

Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

Business Transfers

If SoundBlanket is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on our website of any change in ownership or use of your personal information.

With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

04

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to collect usage information, remember your preferences, and improve your experience on our website.

Types of Cookies We Use
Essential cookies — required for the website to function properly, including cart functionality, checkout, and session management. These cannot be disabled.
Analytics cookies — help us understand how visitors interact with our website by collecting information about pages visited, time on site, and navigation patterns. Providers: Google Analytics, Mixpanel.
Experience cookies — used by Hotjar to create heatmaps and session recordings that help us improve the user experience. These recordings do not capture keystrokes in form fields or any sensitive information.
Marketing cookies — used to track advertising effectiveness and deliver relevant advertisements. These may be set by our advertising partners (e.g., Meta Pixel, Google Ads) and are only activated with your consent.
Your Cookie Choices

When you first visit our website, you will be presented with a cookie consent banner that allows you to accept or decline non-essential cookies. You can update your preferences at any time through the cookie settings link in our website footer.

You can also control cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that blocking essential cookies may impair website functionality.

Do Not Track & Global Privacy Control

We honor Global Privacy Control (GPC) signals and browser-based universal opt-out mechanisms. When we detect a GPC signal from your browser, we treat it as a valid opt-out request for the sale or sharing of personal information and targeted advertising, as required by applicable state privacy laws.

05

Your Privacy Rights

Depending on your state of residence, you may have some or all of the following rights regarding your personal information. We extend these rights to all customers regardless of location as a matter of company policy.

Your Rights
Right to know — request a detailed disclosure of the personal information we have collected about you, the sources, the purposes, and the third parties with whom it has been shared
Right to access — receive a copy of your personal information in a portable, commonly used format
Right to delete — request that we delete the personal information we have collected about you, subject to certain legal exceptions
Right to correct — request correction of inaccurate personal information we hold about you
Right to opt out — opt out of the sale or sharing of your personal information, targeted advertising, and certain profiling activities
Right to non-discrimination — exercise any of these rights without receiving discriminatory treatment, including changes in pricing, quality, or level of service
How to Exercise Your Rights

To submit a privacy rights request, email us at privacy@soundblanket.shop with the subject line "Privacy Rights Request" and include your name and the email address associated with your order or account. We will verify your identity and respond within 30 days, as required by applicable state law.

You may also designate an authorized agent to submit requests on your behalf. The agent must provide proof of authorization, and we may still require verification of your identity directly.

State-Specific Disclosures

California residents (CCPA/CPRA): We do not sell your personal information as defined by the CCPA. We do not use or disclose sensitive personal information for purposes beyond what is necessary to provide our services. You have the right to limit the use of sensitive personal information and to opt out of the sale or sharing of personal information.

Virginia, Colorado, Connecticut, and other state residents: If you reside in a state with a comprehensive privacy law, you may exercise all rights listed above. If we deny your request, you have the right to appeal. To appeal, email privacy@soundblanket.shop with the subject line "Privacy Rights Appeal." We will respond to appeals within 60 days.

Nevada residents: We do not sell your covered information as defined under Nevada law. If you wish to submit a request, please email privacy@soundblanket.shop.

06

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law.

Order and transaction data — retained for 7 years for tax, accounting, and legal compliance purposes
Account information — retained for the life of your account plus 30 days after deletion request
Marketing and communication preferences — retained until you unsubscribe or request deletion
Analytics data — aggregated and anonymized analytics data may be retained indefinitely; identifiable analytics data is retained for up to 26 months
Support and warranty records — retained for the duration of the applicable warranty period plus 1 year
Cookie data — retention periods vary by cookie type, ranging from session-only to up to 24 months

When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention procedures.

07

Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

SSL/TLS encryption for all data transmitted between your browser and our servers
Shopify's PCI-DSS Level 1 compliant payment processing — the highest level of payment security certification
Supabase Row Level Security (RLS) policies restricting database access to authorized operations only
Access controls limiting employee access to personal information on a need-to-know basis
Regular security audits and monitoring of our systems and infrastructure
Incident response procedures for detecting and responding to potential security breaches

While we take reasonable steps to protect your information, no method of transmission over the internet or method of electronic storage is 100% secure. If you have reason to believe your interaction with us is no longer secure, please contact us immediately at privacy@soundblanket.shop.

08

Children's Privacy

Our website and products are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take immediate steps to delete that information. If you believe we have inadvertently collected information from a child under 16, please contact us at privacy@soundblanket.shop.

09

Third-Party Links & Services

Our website may contain links to third-party websites, services, or applications that are not operated by us (e.g., Shopify checkout, YouTube embedded videos, social media profiles). This privacy policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party website or service before providing your personal information. We are not responsible for the privacy practices or content of third-party websites.

10

International Users

SoundBlanket is based in and operates from the United States. If you are accessing our website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those of your country. By using our website or placing an order, you consent to the transfer of your information to the United States and its processing as described in this policy.

11

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this policy and, where required by law, provide you with additional notice (such as a banner on our website or an email notification). We encourage you to review this policy periodically to stay informed about how we protect your information.

12

Contact Us

If you have questions about this privacy policy, wish to exercise your privacy rights, or have concerns about how your information is handled, please contact us:

SoundBlanket Privacy
privacy@soundblanket.shop
Response time: within 30 days for rights requests

For general support inquiries unrelated to privacy, please contact hello@soundblanket.shop.

Terms of ServiceShipping & ReturnsWarrantyContact