Grandin Road’s Privacy Policy – The Need-to-Know Details

So I was checking out Grandin Road the other day – you know that home decor website with all the unique furniture and stuff. Anyway, I noticed they have this pretty lengthy privacy policy that outlines what they do with customer data. I read through the whole thing and wanted to give you a summary of the key points, just so you know what you’re signing up for if you give them your info.

What Information Do They Collect?

Grandin Road collects a few different types of information from customers. First is personally identifiable information – this includes things like your name, shipping/billing address, email address, phone number, and payment card details that you provide when making a purchase. They also collect browsing data and your device identifier so they can track your activity across visits. And if you contact them, they keep a record of that too.

They may also get info about you from partners or social media sites if you interact with Grandin Road pages on those platforms. And finally (this one’s kinda weird), they use canvas fingerprinting and other tools to identify your specific device even if you’re browsing anonymously. So they can connect your activity across devices without you actively providing personal info.

What Do They Use My Information For?

Most of what Grandin Road collects is used to facilitate purchases, customize service, make product recommendations, improve their site, and send you promotional emails or ads if you opt into their marketing. They analyze your browsing history to better understand what types of products you like. Sensitive payment info is used strictly to complete transactions. They may also use contact details to communicate with you about your orders or account. And anything collected via cookies helps them identify return customers and tailor the browsing experience.

They share anonymized/aggregated data with affiliates, service providers, and partners. This doesn’t identify individual customers but allows 3rd parties to also improve experiences. Grandin Road also discloses personal info to subsidiaries, affiliates, service providers, and vendors involved in fulfilling orders. In certain cases (legal requests, investigations of fraud/risk) they share info with authorities, attorneys, investigators, etc.

And one kind of weird/sketchy situation – if their business ownership changes due to things like a merger, acquisition, bankruptcy etc., customer data transfers to the new business entity. But you can opt out of having your info transferred during ownership changes if you want.

How Do They Protect My Data?

Grandin Road claims they use industry standard encryption and security safeguards to protect data. They have physical, technical, and administrative controls in place to secure both paper and digital records. They say vendor partners are expected to follow similar security protocols for storing/processing Grandin Road customer data.

However, they acknowledge that no online data transmission or storage can be 100% secured. So while they claim to follow best practices, your use of the site involves some risk of unauthorized access or disclosure. Just FYI.

What Choices Do I Have Regarding Use of My Information?

You can opt out of receiving promotional/marketing communications from Grandin Road by following unsubscribe instructions on emails or adjusting preferences in your account. Note that service communications related to order processing can’t be turned off.

You also have the option to disable cookies which stops Grandin Road from tracking browsing activity. But keep in mind – parts of the website may not behave as expected without cookies on.

If you have provided personal info directly to Grandin Road (purchases, communications with support etc.), you have the right to access, edit or delete that data. You’d have to contact their Data Services team directly to pursue those options. Details are in the full privacy policy.

One more thing – that weird canvas fingerprinting tracking I mentioned earlier? Unfortunately there’s no way for customers to opt out of device fingerprinting or identification through analysis of browser traits. Kind of obnoxious if you ask me, but it is what it is.

Anything Else I Should Know?

Honestly that pretty much covers the high points. The privacy policy goes into a ton more detail on various scenarios – I’d just read the whole thing carefully if you really want to understand exactly what Grandin Road may or may not do with data collected through the site and services.

They technically reserve the right to amend the privacy policy anytime without direct notice to customers. Though I’d imagine if major changes were made, existing users would get an email at some point.

Oh one more key fact – because Grandin Road operates globally, personal info collected may be transferred and processed anywhere they do business, based on local laws. So if data privacy or cross-border data flows are a big concern for you, that’s something to keep in mind.

Anyway, hopefully this little summary gives you a good sense of how Grandin Road approaches privacy and what you need to know before shoppping on their site or handing over personal details! Let me know if you have any other questions.