Privacy Policy

Costa Del Mar, Inc. is committed to protecting your privacy and developing technology that gives you a powerful and safe consumer experience. This Privacy Policy outlines how Costa Del Mar, Inc. and its affiliated companies and subsidiaries based in the United States (collectively, “Costa” or “we”) collect information, what information Costa collects, how Costa uses it, to whom Costa discloses this information and how you can access, change and remove your information.

Collection of your Information

Costa may collect personally identifiable information from you in various ways. Costa may use the following sources:

  • by signing up to mailing lists at Costa websites or third party retail store/kiosk locations;
  • from an online, retail or telephone purchase;
  • when you enter a sponsored sweepstakes or giveaway involving Costa;
  • when you submit a product or warranty claim;
  • when you sign up for an Costa loyalty program;
  • from a third party with your consent (e.g., your bank);
  • from our information technology systems (e.g., door entry systems, automated monitoring of our websites and store locations); and
  • when contacting Costa via email, social media, or any other medium of communication.

Personally identifiable information refers to information about you that can be used to contact or identify you. It includes, but is not limited to, your name, phone number, email address, postal address, and social networking information. The collected information falls into the following categories:

  • identifiers (e.g., name, alias, postal address, online identifier, Internet Protocol address, email address, account name, or similar identifiers);
  • information that identifies, relates to, describes, or is capable of being associated with a particular individual (e.g., credit card number, telephone number, address, or similar information.
  • characteristics of protected classifications under state or federal law;
  • commercial information (e.g., records regarding goods purchased, or other purchasing histories or tendencies);
  • internet or other electronic network activity (e.g., browsing history, search history, and information regarding a consumer’s interaction with an online site or application, or similar information);
  • geolocation data;
  • audio, electronic, or similar information; and
  • information drawn from any of the above to create a consumer profile that includes characteristics, psychological trends, predispositions, behaviors, or similar information.

Location Information:  We may collect information about your location when you access or use the Digital Services. We may collect information regarding your general location using your IP address. If you access or use the Digital Services from a mobile device, we may collect more precise geolocation information from your mobile device. This information may be used to customize certain features of our Digital Services and to provide you with location-based services. This information may also be used to send push notifications, which appear on the display of your mobile device in the form of a badge, alert or banner, and allow mobile applications to send information to your mobile device even when the application is not in use. For information on how to disable geolocation services and/or push notifications on a mobile device, see Section 7 below regarding your Opt-Out Choices.

Costa may also collect certain non-identifying information, or aggregate information, such as anonymous demographic information including zip codes, dates of birth, customer preferences, information about customer computer hardware and software, as well as information about the links and pages that users access within a Costa website. Certain non-identifying information may be considered personally identifiable information if combined with other information which may enable you to be identified (such as a zip code with a street address); however, the same information when taken alone or combined with other non-identifying information, will be considered non-identifying information.

Please keep in mind that if you directly disclose personally identifiable information or personally sensitive data through Costa operated public message boards, such information may be collected and used by others.

Occasionally Costa will offer links to third party websites. Costa encourages you to review the privacy policies of websites you choose to link to from Costa websites so that you can understand how those websites collect, use, and share your information. Costa is not responsible for the privacy policies or other content on websites other than Costa websites.

Use of your Information

Costa may store and use your personally identifiable information for (i) product or service fulfillment, (ii) voluntary marketing, promotional, and advertising purposes, such as to inform you of products or services available from Costa, (iii) internal operations, such as improving your customer experience – this includes auditing current interactions and optimizing user experience, (iv) detecting security incidents, protecting against malicious, deceptive activity, and taking all necessary and appropriate steps to mitigate current and future risk; (v) debugging and repairing internal information technology as necessary; (vi) undertaking internal research for technological development and demonstration; and (vii) to share with trusted third party service providers to help Costa perform activities to improve your customer experience with your consent (“Business Purposes”). Third parties are prohibited from using your personal information beyond providing services to Costa and are required to maintain the information’s confidentiality and privacy. The categories of the third parties we share personal information with follow:

  • our affiliates;
  • credit card processors and other companies that help facilitate your transactions;
  • our banks, insurers, and brokers;
  • companies that provide statistical analysis of your interactions with us;
  • companies that provide customer support or arranging for deliveries; and
  • third parties approved by you.

The following categories of information are shared for Business Purposes:

  • identifiers (e.g., name, alias, postal address, online identifier, Internet Protocol address, email address, account name, or similar identifiers);
  • information that identifies, relates to, describes, or is capable of being associated with a particular individual (e.g., credit card number, telephone number, address, or similar information);
  • characteristics of protected classifications under state r federal law;
  • commercial information (e.g., records regarding goods purchased, or other purchasing histories or tendencies);
  • internet or other electronic network activity (e.g., browsing history, search history, and information regarding a consumer’s interaction with an online site or application, or similar information);
  • geolocation data;
  • audio, electronic, or similar information; and
  • information drawn from any of the above to create a consumer profile that includes characteristics, psychological trends, predispositions, behaviors, or similar information.

Costa does not sell, rent, or lease your personally identifiable information to third parties. Costa may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, at your consent, your personally identifiable information would not be transferred to the third party.

Costa is not limited in our use of aggregate information that does not permit direct association with any specific individual, such as the number of users of our services, the geographic distribution of our users, the amount of information located or removed, etc.  For example, Costa may use aggregate information concerning which links and pages users access within an Costa website for many reasons including to determine which Costa products and services are the most popular. This data may be used to deliver customized content and advertising to customers whose behavior indicates that they are interested in a particular subject area.

Costa will disclose your personal information, without notice, if required to do so by law or in the good faith belief that such action is necessary to (a) conform to the edicts of the law or to comply with legal process served; (b) protect and defend the rights or property of Costa; or (c) act under exigent circumstances to protect the personal safety of users of and Costa website or the public.

Additionally, Costa may disclose personally identifiable information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you).

As with any other business, Costa may merge with or be purchased by another company.  If Costa is acquired, the company that acquires us would have access to the information maintained by us, including personally identifiable information, but would continue to be bound by this Policy unless and until it is amended.

Requests to Costa

Costa strives to not only provide you with excellent experience; but also strives to do so in an ethical, lawful, and sustainable manner. Part of this is responding to data requests and providing you with certain information under various data protection and security laws (“Data Subject Request”). This Policy outlines how you can receive the information and what you can receive.

If you would like to submit a Data Subject Request, you may send an email to privacy@costadelmar.com. You can also call Costa, toll-free, at 1-855-MYCOSTA (1-855-692-6782). If you choose to submit a Data Subject Request by email or phone you must provide us with enough information to identify you (e.g., Costa profile information, order confirmation number, or service order number) and enough specificity on the requested data. Costa will only use the information it receives for verification. Costa will not be able to disclose information if it can not verify that the person making the Data Subject Request is the person about whom we collected information, or someone authorized to act on such person’s behalf.

You may submit a Data Subject Request to receive information about Costa’s data collection practices. You may request information on the categories of personal information Costa has collected about you; the categories of data collection sources; Costa’s business or commercial purpose for collecting or selling personal information; the categories of third parties with whom Costa shares personal information, if any; and the specific pieces of personal information we have collected about you. If you would like to also receive information about Costa’s data disclosure for Business Purpose, then please include that in the Data Subject Request. Costa will clarify whether the information was collected and disclosed or simply collected and kept internally.

Please note that the categories of personal information and sources will not exceed what is contained in this Privacy Policy. Additionally, Costa is not required to retain any information about you if it is only used for a one-time transaction and would not be maintained in the ordinary course of business. Costa is also not required to reidentify personal information if it is not stored in that manner already, nor is it required to provide the personal information to you more than twice in a twelve-month period.

You may request that Costa delete your personal information. Your deletion request should be submitted through a Data Subject Request. Subject to certain exceptions set out below we will, on receipt of a verifiable Data Subject Request, delete your personal information from our records and direct any service providers to do the same.

Please note that we may not delete your personal information if it is necessary to:

  • complete the transaction for which the personal information was collected;
  • provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
  • detect security incidents, protect against malicious, deceptive activity, and take all necessary and appropriate steps to mitigate current and future risk;
  • debug and repair internal information technology as necessary;
  • undertake internal research for technological development and demonstration;
  • exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
  • comply with the California Electronic Communications Privacy Act;
  • engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
  • enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
  • comply with an existing legal obligation; or
  • otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Costa may not, and will not, treat you differently because you of your Data Subject Request activity. As a result of your Data Subject Request activity, we may not and will not deny goods or services to you; charge different rates for goods or services; provide a different level quality of goods or services; or suggest any of the preceding will occur. However, we can and may charge you a different rate, or provide a different level of quality, if the difference is reasonably related to the value provided by your personal information.

Security Protections for your Information

Costa takes the security of your personal information very seriously.  Costa uses reasonable administrative, physical, and technical safeguards to secure the personal information you share with us. Despite these safeguards and our additional efforts to secure your information, Costa cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your personal information.

The security of your Costa website account relies on your protection of your user profile information.  You are responsible for maintaining the security of your user profile information, including your password and for all activities that occur under your account. You may not share your password with anyone.  We will never ask you to send your password or other sensitive information to us in an email, though we may ask you to enter this type of information on a Costa website.

Any email or other communication purporting to be from one of our websites requesting your password or asking you to provide sensitive account information via email, should be treated as unauthorized and suspicious and should be reported to us immediately by emailing privacy@costadelmar.com. If you believe someone else has obtained access to your password, please change it immediately by logging in to your account and report it immediately by emailing privacy@costadelmar.com.

Use of Cookies or Similar Technology

Costa websites work with a first party cookie that collects anonymous traffic data, a form of aggregate information. “Cookies” are simple text files stored on your computer for use by a browser. Costa may use “cookies” to assist in data collection and to track visitor website usage and trends to help us better serve you. If you reject cookies, you will still be able to view our websites, but your ability to use some areas of the websites will be limited. Some of our business partners and publishers (e.g., analytical tracking software providers) use cookies and tracking technologies on our websites. We have no access to or control over these third party cookies or tracking technologies. This Policy covers the use of cookies on our websites by us only and does not cover the use of cookies or tracking technologies by any such business partner.

We may also use cookies, pixels, beacons, or other web tracking technologies to track the amount of time spent on our websites or social media and whether certain content, such as a video was viewed. We may work with a trusted third party to collect and process this information for us, based on our instructions and in compliance with this Privacy Policy.

When you visit Costa’s website, Costa automatically collects the name of the website you visited from (called the “referring page”) and the name of the website you chose to visit immediately after ours (called the “exit page”), and information about other websites you have recently visited. This information is used to improve our website, but we cannot identify you from any information we receive from cookies. Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, and our websites are not currently set up to respond to those signals for tracking on our websites.

Participation in Interest-Based Advertising

Costa may also participate in interest-based advertising using similar technology. Therefore, you may see advertising on our websites tailored to how you browse or shop, or you may see advertising for Costa and its properties on other websites based on your browsing behavior across websites. Some websites where we may advertise belong to ad networks that use your web browsing history to choose which ads to display on their network websites; these ads include advertising for Costa and its websites, but no personal information about you is shared with those third party ad networks. Other websites where you see our ads, such as Facebook, may use interest preferences that you have chosen on those sites, as well as registration and other information about you, to choose which ads to display to you. Some internet browsers, websites such as Facebook and mobile devices offer opt-outs for interest-based advertising. Please refer to the website that you are visiting, your browser, or your device settings for additional information.

You can opt-out of receiving interest-based ads from third parties who are members of the Network Advertising Initiative (NAI) or who follow the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising by visiting the opt-out pages on the NAI website (http://www.networkadvertising.org/choices/) and DAA website (http://www.aboutads.info/choices/).

Opt-Out/Unsubscribe

You can opt-out or unsubscribe from receiving email correspondence from Costa at any time by contacting privacy@costadelmar.com or by following the instructions contained in any email received. It may take time to process opt-out requests, so you may receive emails from Costa after your opt-out request.

Children’s Privacy

Costa’s websites are not targeted for use by children under the age of 18.  Costa does not knowingly collect personal information from children in connection with the features of our websites without the consent of a parent or guardian. Costa requests that all visitors under 18 to our websites to not disclose or provide any personally identifiable information. Upon notification that a child under 18 has provided us with personally identifiable information, we will delete the child’s personally identifiable information from our records.

In-Store Analytics

Costa uses third party technology to identify mobile devices in and around its retail stores/kiosks. Such data is used to provide insights about foot traffic volumes, dwell times and how customers interact within Costa retail stores/kiosks to provide a more enhanced shopping experience. Costa will not use any data collected in connection with this activity for any other purposes without your prior consent. You may choose to opt-out of having such data collected by turning your Wi-Fi off on your mobile device or opting out HERE.

Special Notice for California Residents

In addition, if you are a California resident under the age of 18, and are a registered user, you may (and should, as we do not permit users under the age of 18) request us to remove content or information posted on our websites or stored on our servers by (a) submitting a request in writing to privacy@costadelmar.com and (b) clearly identifying the content or information you wish to have removed and providing sufficient information to allow us to locate the content or information to be removed. However, please note that individuals under the age of 18 are not permitted to utilize our websites in the first place and we are not required to erase or otherwise eliminate content or information if (i) other state or federal laws require us or a third party to maintain the content or information; (ii) the content or information was posted, stored, or republished by another user; (iii) the content or information is anonymized so that the minor cannot be individually identified; (iv) the minor does not follow the instructions posted in this Privacy Policy on how to request removal of such content or information; and (v) the minor has received compensation or other consideration for providing the content. Further, nothing in this provision shall be construed to limit the authority of a law enforcement agency to obtain such content or information.

Users Outside the United States

Costa is based in the United States, and our website is hosted here.  If you are visiting our website from another country, the laws governing our website’s collection and use of personal information may be different from the laws of your country.  If you decide to visit our website, or share your personal information with Costa, you are agreeing to be governed by the laws of the United States, and you are expressly consenting to the transfer of your data to the United States.

In particular, please note that neither our website, nor the products and services we offer on our website, nor any other activities we carry out as set out in this Privacy Policy are aimed at individuals based in the United Kingdom or any jurisdiction within the European Economic Area (“EEA”).  Accordingly, if you are based in the United Kingdom or any jurisdiction within the EEA, and wish to connect with, or purchase products or services from, any member of Costa’s group of companies, please contact any of our affiliates based in the United Kingdom or any jurisdiction within the EEA and they will be more than happy to assist.  They also have a privacy policy that explains how they use your personal information under European Union data protection laws.

Changes to this Statement

Costa will occasionally update this Privacy Policy. Costa encourages you to periodically review this Privacy Policy to be informed of how Costa is using and protecting your information. At a minimum, this Privacy Policy will be updated every twelve months.

Contact Information

Costa welcomes your comments regarding this Privacy Policy. If you believe that Costa has not adhered to this Privacy Policy, please contact Costa at privacy@costadelmar.com. We will use commercially reasonable efforts to determine and remedy the problem promptly.

Updated: December 31, 2019