Date last updated: 12/06/2023

Protecting your privacy. Improving your shopping experience. Your trust is very important to us.

That’s why we want to be clear and transparent about why we collect information, the information we collect, how we use that information, and the choices you have regarding our use of it. We may also collect, use and share aggregate or anonymous data that does not identify you.

We collect information to save you time and money, and to make your shopping experience better.

The following principles guide us when doing business and provide the foundation of our privacy policy. These are:

We respect your privacy and are committed to protecting it.
We are transparent about how and why we collect information.
The information we collect helps us provide value to our customers that include savings and enhancing their shopping experience.
This Privacy Policy was posted and is effective as of 12/06, 2023. However, as our business, the law or customer needs evolve, we may update this Privacy Policy at any time. You can always view the current Privacy Policy by clicking on the Privacy Policy link at the bottom of our website. By using our sites and services, you consent to this Privacy Policy. Our services are provided to U.S. customers, and this Privacy Policy is governed by U.S. legal requirements. If you access our services from outside the U.S., you agree to the application of U.S. law .

We are also committed to ensuring that our communications are accessible to people with disabilities. To make accessibility-related requests, please email us.

Why We Collect Your Information
Below are examples of how we collect, use, and share data to help us create a better, safer experience on our website and mobile applications.

To Improve

Providing products and services that enhance your shopping experience with us
Developing new products and services to meet your needs
Better understanding your use of our products, services and websites
Determining your satisfaction with our programs and services
Handling customer service cases
Analyzing the performance of our products, services, and online experience and looking for ways to make them better
To Communicate

Sending relevant information and personalized ads and other communications, including ways to save on items you buy most often or that you might like based on your past interests
Providing personalized content and experiences on our websites, mobile apps and mail
Displaying personalized offers, information and ads from mystiana.com or our marketing partners (as defined in “How We Share Your Information”) on other websites and mobile apps
Sending product recall notifications to help keep you and your family safe
Responding to your comments, requests, questions, and applications for career opportunities
To Protect

Processing payments securely
Fulfilling orders correctly
Safeguarding the property or other rights of our customers, associates and the company
To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and prosecute those responsible for that activity; and
Legal compliance for purchase of certain products or where otherwise required by law
Learn More About How We Use Information We Collect

We use the categories of personal information described in “What Personal Information We Collect” to support the following use cases:

To send marketing communications such as product discounts and personalized promotions and special offers
Providing product or service functionality that you have requested (such as online payment, fulfilling subscription services, etc.)
To communicate with you about orders, purchases, returns, services, accounts, programs, contests and sweepstakes
Responding to communications you send us
Assisting you with customer service requests and inquiries
Development and distribution of new products and services like mobile applications
Completing e-commerce transactions
Delivering advertisements and promotions to you when you have visited our website, used one of our mobile applications, or otherwise engaged with us online
Displaying interest-based advertising for products, services, promotions, and other business activities you may be interested in
Developing statistics on engagement with our online properties and measuring how well our marketing and promotional activities perform
Identifying and preventing fraud or identity theft
Maintaining appropriate records for internal administrative and other business purposes
Facilitating the functionality of our websites and mobile applications
Providing notice of product recalls
To perform basic applicant, employment and management functions including the collection of information necessary to mitigate public health risks in our facilities, or for the resolution of safety investigations
At times, mystiana.com may provide third parties with certain personal information to provide or improve our products and services, including to deliver products at your request, or to help mystiana.com market or advertise relevant products and services to you; when we do, we require those third parties to handle it in accordance with relevant laws
Other purposes as described to you at the time
How We Collect Your Information
What Personal Information We Collect

Here are the categories of personal information we may collect from you or about you. All categories may not be collected about every individual.

Unique Personal Identifiers that may include but are not limited to your legal name or preferred alias, online identifiers like user account names.
Demographic information like your level of education, type of employment or other demographic information shared with us through third parties, such as social media or publicly available sources
Contact Information such as your email or postal address and phone number
Financial and payment Information such as credit and debit card numbers
Behavioral Information such as your purchase and transaction histories, geolocation data, IP Address collected from your computers and mobile devices, and information about what you do online, including your interactions with our social media posts
Inferences we make about you like demographic interest segments that we believe are relevant to you and your household based on analysis of other information we have collected
Characteristics of protected classifications under state or federal law, such as gender and nationality
Call center recordings or monitoring records from our customer contact centers
Other types of personal information that we may disclose to you prior to the point of first collection
There is also some personal information that you voluntarily share with us. This includes information used to create an account on our website, or where required by law. For example:

Name, address, phone and email
Payment information
Communication and shopping preferences
An encrypted version of your password
If you are an employee or job applicant, we may collect additional information, including employment information, such as occupation, title, licenses, professional memberships and other information to perform basic employment and management functions, including distributing payroll and providing benefits. If you are applying for a job, we may collect contact information about you during the course of your application for employment such as contact information to correspond with you concerning potential employment opportunities and other information such as background information and your employment qualifications and history.

Children’s Privacy

Our websites are for a general audience and are not geared toward children. We do not knowingly collect personal information from children under the age of 16 without prior consent of a parent or guardian. If you believe your child may have disclosed personal information to us, please email us and we will remove it.

Sources of Personal Information

We collect some information when you visit our website or use our mobile app, or when you use our online services or view our online advertisements. The information we may collect falls into three different main categories: (1) information you give us; (2) information we collect from you automatically; and (3) information we collect from other sources. These other sources may be service providers, data brokers, consumer research firms, publicly available sources, or other third parties with whom you interact or do business. For example, when you connect to one of our websites or mobile apps through a third party, we may collect information from their website. For example, if you choose to associate your social media identity with mystiana.com, the site may provide us with certain information from your social media account as permitted by your account settings.

Associating Personal Information from Multiple Sources

We may collect this information and link it to other information we already know about you. For example, we may associate your online shopping activity when you engage with our websites or mobile apps. Additionally, when you are logged in to our websites or use our mobile apps, we may link the device IDs or types to your account to understand your online activity so we can provide a better experience.

This includes pages you visit on our websites, items you add to your online shopping list, coupons you download and redeem from us, and purchase information. In addition, we may collect information when you use our mobile apps, including device location (if you choose to turn this feature on).

Cookies, Web Beacons, and Other Technologies

When you visit our websites, access our mobile apps or open one of our emails, we may automatically collect information about you using device identifiers, cookies and other technologies, including:

Internet Protocol address
Unique device or user ID
System and browser type
Referring website address
Content and pages you access on our websites or mobile apps
Dates, times and locations when actions take place
Like other online advertising providers, we use this technology for system administration and troubleshooting, to identify you so we can enhance your online experience, and to deliver interest-based advertising. Our sites do not respond to browser Do-Not-Track signals. These cookies are often collected by or otherwise shared with service providers as well as third party advertising partners, as described further in our About Advertising section below.

Third-Party Technology

We use third-party technology to better understand your online behavior. By doing so, we can present relevant content online and send you relevant emails. Our Privacy Policy does not cover the use of cookies by others, including third parties whose services or sites may be linked to from our sites and services, or third-party analytics or online tracking companies. We provide links to third-party websites in order to provide additional goods, services or information to our customers. mystiana.com is not responsible for information you provide directly to a third-party. Any information or mystiana.com-specific information, that you provide when accessing a third-party website is subject to that company’s privacy policy. If you register for or use such third-party websites both mystiana.com and the third-party may receive information collected through use of the websites, as described in the privacy policies on those websites. As with all website owners, we also do not have access or control over the cookies placed on your computer by other websites you may visit.

To manage your cookie preferences, click here: Cookie Settings
How We Share Your Information
We share the information we collect within mystiana.com, and also with our parent company, affiliates, service providers, marketing partners and other third parties.

We may share data with third parties for the following business purposes:

Within mystiana.com, our parent company and with our Affiliates: We may share your information within our company, and our subsidiaries and affiliated companies for the purposes of decision making, reporting, management, analysis, administering programs, promoting service offerings and other business purposes.
Service Providers: We may share your information with our service providers who provide us support services such as hosting our websites, postal delivery and electronic mail, mobile messages, product and service delivery, conducting analysis to improve our products, websites, fulfilling orders you place, managing payments and answering your questions. Service providers only use the information they receive from us for the purposes we hired them for, we don’t allow them to retain, use, disclose, or otherwise handle the data for their own purposes.
Marketing Partners: We may share your information to display online, mobile or other advertising based on your purchases, activity on websites and mobile apps, and preferences you share with us so we can provide you with promotions and special offers that may interest you. We may also share information with marketing partners to help us analyze data and provide more relevant, personalized communications to you, sometimes combined with other sources.
Third-Party Sites and Services: We may share your information to develop and provide special services or offers that may interest you. When we share with third parties, we require those third parties to handle the information in accordance with relevant laws. We may also share your information in an aggregated way that does not directly identify you but can be used for statistical analysis and other business purposes. We may also share your information where you intentionally interact with a third-party, such as where you click on a link to a third-party website, product or service from mystiana.com websites, products, applications, or services. We may also help you establish your own direct relationship with another party. For example, when you place an order, and select a third-party delivery service, you authorize mystiana.com to exchange the information you provide during the order process to that third-party to carry out that service. In these cases, we may help you transfer some of your information needed for that service, just so you don’t need to manually retype it. In these cases, we will continue to comply with this privacy policy for the data we hold, but it is important for you to remember that you have established a separate relationship with that third party and will be subject to their privacy policies. mystiana.com is not responsible for the privacy practices of third parties.
With Third Parties, including Governmental Authorities, for Lawful Purposes: We may share your information where we believe the disclosure is required by law, or otherwise necessary to comply with the law, regulatory requirements, requests from public authorities, or to enforce our agreements or policies, to protect the rights and property of our customers, the company, our partners or the public (including for fraud prevention purposes). Additionally, your information may be shared if mystiana or a business unit or any of its assets are sold to another company, such as in a merger, acquisition or other corporate reorganization, in which case we will maintain our current Privacy Policy until data is transferred to that new company and data is covered by their privacy policy.
About Advertising

Purchase-Based Advertising

We may use your purchase history to help mystiana.com and other third-party brands present advertisements that are more relevant to you on mystiana.com and third-party websites, mobile apps and other digital media channels. We will not increase the number of ads you see, but instead will help deliver more personalized advertisements and offerings to you.

Interest-Based Advertising

We create a customized and engaging customer experience on our website and mobile applications by displaying advertisements that are personalized. Interest-based ads (also sometimes called “personalized or targeted ads”) are displayed to you based on information collected from your online interactions across multiple websites that you visit, or across multiple devices you may use, in order to predict your preferences and show you ads that are most likely to be of interest to you. In an effort to provide you with relevant content and offers that may be useful to you, we may partner with third-party companies to display content, offers or advertising that is tailored to your interests based on how you browse and shop on both mystiana-owned and operated sites and off our sites. These third-party companies use information and technologies such as browser type, hardware or software information, cookies, session ID, time or date, click-stream information or static IP addresses.

We may provide information to third-party companies that display purchase-based or interest-based ads. In addition, others (advertisers and ad networks, ad serving companies, or other service providers) may infer user interests or purchase history based on interactions with, or clicks on, personalized ads or content. You can learn more about interest-based advertising, and navigate to options that will allow you to exercise your rights to opt-out of online behavioral advertising, by visiting the Network Advertising Initiative’s Learn More Page or the Digital Advertising Alliance.

How We Protect Your Information
Security

We implement and maintain reasonable security practices and procedures appropriate to the nature of the information we maintain, including appropriate technical, administrative and physical procedures to prevent loss, misuse or alteration of your information on and offline. For example, we use Transport Layer Security (TLS/SSL) to encrypt certain sensitive personal information we exchange with you. That way, access to data is limited through the use of technological safeguards. We also comply with payment card industry data security standards for the processing of credit and debit card transactions. Only Associates who need the information to perform a specific job are granted permissions to access to our customers’ data. Associates who violate customer privacy safeguards are subject to disciplinary action, including termination.

It is your responsibility to select a strong password, not reuse or share your password, and alert us if you have any concerns about unauthorized use of your account.We encourage you to use complex passwords and to change them regularly.

Retention of Personal Information

We store personal information we’ve collected from or about you:

Where you have created an account on our website or one of our mobile applications; and
As long as required by law or as needed to enable us to exercise our rights and perform our obligations under our applicable terms of service, including this privacy notice; and
Long enough to enable us to contact you with recalls and other safety related information that relates to products you have bought from us
While we are confident ordering online is safe and secure as a general practice, it is important for you to protect against unauthorized access to your password and to your computer. If using a shared computer, be sure to log out of your account prior to leaving the computer.

Your Communications Preferences, Privacy Rights and Choices

We value our relationship with you, and communications are an important part of that relationship.

We understand that our customers are individuals, and communication preferences will vary by customer. That is why we offer you the ability to manage what types of communications you receive from us, and the ability to manage or change your preferences. Here’s how you can do so:

Email, Mobile and Online Communications

At any time you can adjust your communication preferences, including opting out of promotional mailings, from within your mystiana.com account. You also have the right to disable your account. To do so, you may email Customer Service.

Purchase-Based Advertising

If you would prefer that your purchase history not be used to personalize advertising you already receive online, on mobile devices or in other digital channels, you can choose and manage your preferences via your Communications Settings or contact us through the methods described in this privacy notice. Please allow a reasonable amount of time for any changes to your settings to take effect.

Interest-Based Advertising

You can control your exposure to most interest-based advertising through the Digital Advertising Alliance, a group that has developed self-regulatory principles for interest-based advertising. Visit YourAdChoices.com for more information. In addition, some websites (such as Facebook) offer the ability to opt out of interest-based advertising directly on their sites. Please allow a reasonable amount of time for any changes to take effect.

Your Rights and Choices
Nevada Privacy Rights

If you live in Nevada, you can opt out of the sale of your personal information by email us.Our customer contact center personnel will take your request and keep you up to date on the progress of your request.

California Privacy Rights

California defines Personal Information as information that identifies, relates to, describes, is capable of being associated with or could reasonably be linked, directly or indirectly, with a particular consumer or household.

If you live in California, you have some additional rights with respect to certain Personal Information we collect about you. This includes:

Learn about the categories of Personal Information we have collected from or about you in the past 12 months
Get a copy of Personal Information that we have collected from or about you no more than twice every 12 months
Learn about the kinds of third parties with whom we may have shared Personal Information
Obtain the categories of Personal Information that we may have sold or otherwise shared in the past 12 months
Learn about the categories of third parties we may have sold your Personal Information to
Request that your Personal Information be removed from our systems
Opt out from our sales of Personal Information
Lodge complaints about the way we handle your Personal Information
Not be discriminated against for exercising your rights under this Privacy Policy
You can make requests to receive copies of Personal Information and to have Personal Information deleted on behalf of members of your household by submitting requests on their behalf along with written authorization from each member of your household.

You can also submit requests through an agent (like a membership organization you belong to, your attorney, or someone else you trust) that you have authorized in writing to act on your behalf. To do so you’ll need to either present a power of attorney for them to act on your behalf or give your agent your written and signed permission to do so.

Either way, we will need to verify your identity if you want copies of your Personal Information, to know about what categories of Personal Information we collect and sell, or have your Personal Information deleted. We will ask you to provide several data points like name, address and email to match against the information we have in our systems. We have this process so we can verify the identity of the consumer making the request to a reasonable degree of certainty as detailed in the California Consumer Privacy Act. We want to be sure that we are returning potentially sensitive information about you or the things that you buy on our site only to you or your agent, authorized to receive it. If we cannot verify your identity, we will have to reject your request. Otherwise, we will notify you when your request has been completed. In accordance with the CCPA regulations, we will not disclose certain sensitive information in response to a request for access to specific pieces of personal information, including account passwords or unique biometric data. If you’re making requests on behalf of your household, we will also need to verify the identities of each member of your household.

In order to exercise these rights, contact us through one of the methods described in “Contacting Our Privacy Program” below. Requests are generally free of charge, and we will generally process your request within 45 days unless we have a specific reason for an extension of time. If for any reason we cannot fulfill your request in whole or in part, we will also let you know.

Sales of Personal Information

We are committed to delivering great products, great experiences and great value. From time to time, we may share your information, which may include personal identifiers, demographic information, behavioral information or inferences to provide the most relevant product recommendations and deliver marketing messages and personalized offers through select companies(e.g. analytics, advertising and technology companies). Under California law, some of these efforts may be considered a “sale” of personal information to those select companies. Those companies help us match your interests with brands who want to send promotions and offers that we believe save you money on products you buy frequently, and help you discover new products or services that you might like. When we work with these companies, your privacy, data integrity and security remain a priority. Our normal practice is to have contractual limits on their current and future use of your personal information by those companies and only provide the minimum data necessary to accomplish the specific goal(e.g. to provide you with personalized offers) and deliver a better experience and value to you. We also facilitate your right to opt out of this data sharing. When requesting to opt out of this type of data sharing, we will need to verify your identity so will ask you to provide information like your name, address and email to match against the information we have in our systems. We will never ask for sensitive information such as passwords or other personal information. We have this process so we can verify the identity of the consumer making the request to a reasonable degree of certainty as detailed in the California Consumer Privacy Act. If we cannot verify your identity, we will have to reject your request. Otherwise, we will notify you when your request has been completed.

In order to exercise the right to opt out of sale, click on our Do Not Sell My Personal Information link below, or contact us through one of the methods described in “Contacting Our Privacy Program” section below.

Do Not Sell My Personal Information
Our customer support centers are ready to take your requests. If you have any questions, privacy requests, or complaints about how we collect, use, share, or otherwise handle your personal information you can reach us by email or click here to exercise your privacy rights.

EU and Swiss CUSTOMER PRIVACY (GDPR)

mystiana.com is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

In cases of onward transfer to third parties of data of EU or Swiss individuals received pursuant to the EU-US Privacy Shield or the Swiss-US Privacy Shield, mystiana.com is potentially liable.

Any information you provide us is controlled and processed by mystiana.com,

We comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland to the United States, respectively.

Pursuant to the EU-US Privacy Shield and the US-Swiss Privacy Shield, mystiana.com acknowledges that EU and Swiss individuals have the right to access the personal information that we maintain about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should contact us directly using one of the following methods:

Send an e-mail to [email protected]
We will provide an individual opt-out choice before we share their data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To limit the use and disclosure of your personal information, you may submit a written request to [email protected]

Note that we may be required to share personal data of EU and Swiss individuals in response to lawful requests by public authorities including to meet national security and law enforcement requirements.

In compliance with the EU-US Privacy Shield Principles and Swiss-US Privacy Shield Principles, mystiana.com commits to resolve complaints about your privacy and our collection or use of your information. European Union or Swiss individuals with inquiries or complaints regarding this Privacy Policy should first contact us using one of the following methods:

Send an e-mail to [email protected]
We have further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles and Swiss-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.