Privacy policy

and Data Security Mamma Mia Covers LLC

Last Updated: October 2025

At Mamma Mia Covers©, we value your trust and take your privacy seriously. We are committed to transparency, security, and compliance with applicable U.S. and Canadian privacy laws.

We know privacy policies can be long, so here’s a simple summary of what this document covers:

What we collect: your name, contact details, order and payment info (processed securely), device and browsing data, and communication preferences.
Why we collect it: to process your orders, improve our website, send relevant offers (if you agree), and keep your information safe.
Who we share it with: only trusted partners such as Shopify, Amazon, Wayfair, and secure payment or delivery providers – never sold or traded.
Your choices: you can access, correct, or delete your information, and opt out of marketing emails, texts, or targeted advertising at any time.
Data location: your information is mainly stored in the U.S., even if you’re in Canada, with safeguards that meet Canadian and U.S. privacy laws.
Security: we use third-party solutions that guarantee strong encryption, limited access, and industry-standard protection.
Questions: contact our team anytime at support@mammamiacovers.com or 1-855-708-0280.

Note: By continuing to use our website www.mammamiacovers.com and/or by placing an order on the site or through any platforms referenced in this Policy (including Amazon and Wayfair), you acknowledge that you have read and accept this Privacy Policy and consent to the collection, use, disclosure (including to service providers), storage, and cross-border transfer of your personal information to the United States, as well as our use of cookies and similar technologies as described. If you do not agree, please discontinue use of the site and do not place an order. Separate opt-in consent is required for marketing emails and SMS and may be withdrawn at any time. This Policy is intended for users in the United States and Canada.

For full legal details, please read the sections below.

Who We Are and Scope of This Policy
Definitions
Categories of Personal Information We Collect
How We Collect Personal Information
How We Use Personal Information
Marketing Communications (Email and SMS)
Cookies Policy and Similar Technologies
Disclosure of Personal Information
Sale or Sharing of Personal Information
Data Security
Data Retention
Cross-Border Data Transfers
Your Rights Under U.S. Privacy Laws
Your Rights Under Canadian Privacy Laws (PIPEDA and Provincial Laws)
Your Choices and Controls
How to Exercise Your Rights
Third-Party Websites and Services
Non-Discrimination
Accessibility
Changes to This Policy

1. Who We Are and Scope of This Policy

Mamma Mia Covers LLC (“we,” “us,” or “our”) is a limited liability company organized under the laws of the State of Florida, USA.

This Privacy Policy (“Policy”) explains how we collect, use, disclose, and protect personal information of individuals who interact with us in the following contexts (collectively, “Users” or “you”):

Visitors and customers of our official website www.mammamiacovers.com (the “Website”), which serves customers located in the United States;
Customers who purchase our products through Amazon marketplaces in the United States and Canada;
Customers who purchase our products through Wayfair; and
Individuals who contact us, subscribe to our newsletters, or otherwise communicate with us through online or offline channels.

This Policy applies to all personal information that we process in our capacity as:

a “business” under applicable U.S. state privacy laws (including, where applicable, the California Privacy Rights Act (CPRA), Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), Connecticut Data Privacy Act (CTDPA), Utah Consumer Privacy Act (UCPA), and Nevada privacy laws); and
a “data controller” under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.

We may engage third-party service providers, contractors, and processors – including Shopify (our e-commerce platform), Amazon, Wayfair, payment processors, fulfillment and logistics partners, and analytics or marketing providers – to perform services on our behalf and process personal information according to our instructions.

All personal information collected is processed and stored in the United States.

For orders placed through Amazon Canada or other cross-border transactions (e.g., Canadian customers), personal information may be transferred to and processed in the United States, subject to contractual and technical safeguards to protect such data.

Our Website and services are intended for U.S. and Canadian audiences only and are not directed to residents of the European Union or other jurisdictions where processing of personal information would be subject to different or additional legal requirements (for example, the EU General Data Protection Regulation (GDPR)).

For questions or concerns regarding this Policy or our privacy practices, you may contact us at:

Email: support@mammamiacovers.com
Phone: 1-855-708-0280

2. Definitions

For the purposes of this Privacy Policy, the following terms have the meanings set out below. Where applicable, these definitions are intended to align with relevant privacy laws in the United States and Canada.

“Business”

Refers to Mamma Mia Covers LLC, a company organized under the laws of the State of Florida, USA, that determines the purposes and means of processing personal information and acts as the “business” under applicable U.S. state laws or as the “data controller” under Canadian privacy laws.

“Personal Information” or “Personal Data”

Means any information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, to an identified or identifiable individual. It does not include aggregated, anonymized, or de-identified data that cannot reasonably be associated with a specific person.

“Processing”

Any operation or set of operations performed on personal information – such as collection, storage, use, disclosure, transfer, retention, or deletion – whether by automated or manual means.

“Service Provider” or “Processor”

A third party that processes personal information on our behalf under a written contract that limits the use of such information to specified purposes and requires appropriate privacy and security protections.

“Contractor”

An independent entity or individual that provides operational services to us (for example, marketing, logistics, or IT support) and that processes personal information under similar contractual restrictions.

“Third Party”

Any entity that is not a Business, Service Provider, or Contractor, and that may receive personal information for its own independent purposes (for example, advertising partners or social-media platforms).

“Sale” or “Selling”

Means transferring, disclosing, or making available personal information to a third party for monetary or other valuable consideration, as defined under certain U.S. state privacy laws. We do not sell personal information in the conventional sense of selling customer data.

“Sharing”

Refers to the disclosure of personal information to a third party for cross-context behavioral advertising or targeted advertising, as defined by California and other U.S. state laws.

“Targeted Advertising”

Displaying ads to a consumer based on personal information obtained from that consumer’s activities across websites or applications other than our own.

“Sensitive Personal Information”

Includes data such as government identifiers, financial account numbers, precise geolocation, racial or ethnic origin, health data, or any information considered sensitive under applicable laws. We generally do not collect such information unless required for specific purposes (e.g., fraud prevention or payment verification).

“De-identified” or “Anonymized Information”

Information that cannot reasonably be used to identify an individual, directly or indirectly. We take reasonable measures to ensure such information cannot be re-identified.

“Consumer Rights” or “Data Subject Rights”

The rights granted to individuals under applicable privacy laws – including the rights to access, correct, delete, restrict use, opt out of certain processing, or obtain information about our practices.

“Cookies and Similar Technologies”

Small text files or other technologies (such as pixels, tags, SDKs, or local storage) used to recognize devices, remember preferences, analyze traffic, and support advertising or analytics.

“Website”

Our official website, www.mammamiacovers.com, and any sub-domains or mobile versions operated by Mamma Mia Covers LLC.

“Applicable Privacy Laws”

Collectively refers to all U.S. federal and state privacy laws that apply to our operations – including CPRA, CPA, VCDPA, CTDPA, UCPA, and Nevada privacy laws – as well as Canada’s PIPEDA and provincial laws (such as Québec Law 25).

3. Categories of Personal Information We Collect

We collect different types of personal information depending on how you interact with us – for example, when you visit our website, place an order, contact our support team, or shop through Amazon or Wayfair. Below is a summary of the categories of personal information that Mamma Mia Covers LLC (“we,” “us,” or “our”) may collect and process.

3.1 Identifiers and Contact Information

Information that allows us to identify and communicate with you, such as:

Full name
Email address
Telephone number
Shipping and billing address
Account login information (if applicable)
Order ID or customer reference number

(Collected via Shopify checkout, Amazon or Wayfair order information, customer accounts, and support communications.)

3.2 Commercial and Transactional Information

Details related to your purchases and interactions with our products or services, including:

Products purchased or viewed
Purchase dates, order history, and payment status
Returns, exchanges, and warranty requests
Shopping cart contents and preferences

(Collected to fulfill orders, manage returns, and improve product offerings.)

3.3 Payment and Financial Information

Information required to process payments securely:

Partial payment card data (last four digits, expiration date)
Payment method type and authorization tokens
Billing address

Usually, we do not store full credit or debit card numbers. If you wish, our third-party payment solution will store your credit card information for you in a password-protected account, which will allow you to checkout more easily next time you order from us. We never share your credit card number or use it for any purpose besides fulfilling your order.

3.4 Device, Technical, and Internet Activity Information

Automatically collected data when you interact with our website or marketing communications:

IP address and general location (city/state level)
Browser type and operating system
Device identifiers and session data
Pages viewed, time spent, referring URLs
Clicks on ads, links, or marketing emails
Cookies, pixels, tags, SDKs, and similar tracking technologies

(Used for site performance, fraud prevention, and analytics.)

3.5 Geolocation Data

Approximate geographic information derived from your IP address or shipping address. We do not collect precise GPS location.

3.6 User-Generated Content and Communications

Any information you voluntarily provide when contacting us or interacting with our brand, such as:

Messages sent to customer service or via online chat
Product reviews and ratings
Social-media comments, photos, or other submissions related to our products

3.7 Marketing and Communication Preferences

Information about your marketing subscriptions and preferences:

Newsletter and SMS opt-in/opt-out status
Interaction history with emails or SMS (open/click data)
Participation in promotions, referral, or loyalty programs

3.8 Information from Third Parties

We may receive limited information from:

Amazon and Wayfair (order details, shipping data, customer service updates)
Payment and logistics providers (payment confirmation, tracking numbers)
Marketing and analytics partners (aggregated performance metrics, ad campaign results)

We use this data solely for operational purposes such as fulfilling orders, providing support, or improving user experience.

3.9 Sensitive Personal Information

We do not intentionally collect or process sensitive personal information, such as government IDs, Social Security Numbers, biometric data, or health information. If such data is ever required (for example, to verify identity in a fraud investigation), we will limit its use to that specific purpose and apply enhanced security safeguards.

3.10 De-identified or Aggregated Information

We may collect and use data that has been de-identified or aggregated so that it no longer identifies any individual. Such information may be used for analytics, business intelligence, and product improvement.

4. How We Collect Personal Information

We collect personal information from you and about you in several ways – directly when you provide it to us, automatically when you interact with our digital services, and from third parties such as marketplaces or service providers. Below we explain the main sources and methods of collection.

4.1 Information You Provide Directly

We collect personal information that you voluntarily provide when you interact with us, including when you:

Place an order on our website mammamiacovers.com;
Purchase products through our stores on Amazon or Wayfair;
Create an account or save preferences on our website;
Contact our customer support team by email, phone, or chat;
Subscribe to our newsletter or SMS updates;
Participate in surveys, product reviews, giveaways, or promotions;
Engage with us through social media or other communication channels.

This information typically includes your name, contact details, shipping and billing addresses, payment method, and any other details necessary to fulfill your order or respond to your inquiry.

4.2 Information Collected Automatically

When you visit our website, open our emails, or interact with our digital content, we automatically collect certain information about your device and browsing activity through cookies and similar technologies.

This may include:

IP address and approximate location (city/state level);
Browser type, device identifiers, and operating system;
Pages visited, time spent, referring URLs, and links clicked;
Date, time, and frequency of your visits;
Interactions with emails (opens, clicks);
Session data used to ensure site security and prevent fraud.

We use this information for purposes such as improving website performance, measuring marketing effectiveness, detecting security risks, and providing a personalized shopping experience. You can manage or disable cookies through your browser settings.

4.3 Information from Third Parties

We may also receive personal information about you from third-party sources, including:

Amazon and Wayfair, for orders placed through their platforms (e.g., customer name, order details, shipping address, and tracking information);
Payment processors, confirming successful transactions and preventing fraud;
Shipping and logistics providers (e.g., UPS, FedEx, USPS) to update delivery or return statuses;
Marketing and analytics partners that help us measure campaign performance or improve ad relevance (for example, Google Analytics, Klaviyo, or Meta Ads Manager);
Customer service tools that assist in managing communications or support requests.

We use information received from these partners only for legitimate business purposes – such as fulfilling orders, providing customer support, or improving our operations – and according to the contracts that govern our relationships with these partners.

4.4 Combined and Derived Information

We may combine information collected from the sources above (for example, linking order data with website usage patterns) to better understand customer preferences, personalize experiences, and improve our products and marketing efforts. We do not use automated decision-making or profiling that produces legal or similarly significant effects without human involvement.

4.5 Children’s Privacy

We do not knowingly collect, use, or disclose personal information from children under the age of 13. Our website and services are intended for a general audience and are not directed to children.

If we become aware that we have inadvertently collected personal information from a child under 13 (or 14 for Canada), we will delete such information promptly.

If you are a parent or guardian and believe your child has provided personal information to us without your consent, please contact us at support@mammamiacovers.com, and we will take steps to remove the information.

We do not sell or share personal information of individuals under 16 years of age.

5. How We Use Personal Information

We use the personal information we collect to operate our business, provide our products and services, improve your shopping experience, and comply with applicable laws. The purposes for which we use personal information include the following:

5.1 Order Processing and Fulfillment

We use your information to:

Process and confirm your orders placed through our website, Amazon, or Wayfair;
Communicate order status, shipping updates, and returns;
Manage payments, refunds, and chargebacks through secure, PCI DSS–compliant providers;
Provide post-purchase support;
Provide digital receipts and maintain purchase records for accounting purposes.

Legal basis: performance of a contract; legitimate business interest; compliance with tax and accounting obligations.

5.2 Customer Service and Support

We use personal information to:

Respond to your inquiries, feedback, or complaints;
Provide assistance through email, chat, or phone;
Verify your identity when needed for account access or fraud prevention;
Handle product warranty or replacement requests.

Legal basis: performance of a contract; legitimate interest in providing quality service.

5.3 Website Functionality and Performance

We use automatically collected data to:

Operate, maintain, and secure our website and digital platforms;
Detect and prevent security incidents, fraudulent activity, or abuse;
Monitor website performance and user experience;
Ensure compatibility with browsers and devices.

Legal basis: legitimate business interests; compliance with cybersecurity obligations.

5.4 Marketing, Promotions, and Personalization

With appropriate consent where required, we use your information to:

Send marketing emails, newsletters, or SMS updates about new products, offers, and promotions;
Deliver personalized product recommendations or retargeting ads;
Analyze engagement with campaigns and optimize marketing performance;
Manage referral or loyalty programs, giveaways, and promotions.

You may opt out of receiving promotional communications at any time by following the unsubscribe instructions included below, in our emails or texts, or by contacting us directly.

Legal basis: consent for marketing communications; legitimate interest in promoting our products.

5.5 Analytics and Business Improvement

We use aggregated and anonymized data, as well as limited identifiable information, to:

Analyze sales trends and customer behavior;
Improve website usability and product design;
Develop new offerings and enhance inventory management;
Conduct internal research to better serve our customers.

Legal basis: legitimate interest in understanding and improving our business performance.

5.6 Compliance, Legal, and Safety Obligations

We may use or retain personal information as necessary to:

Comply with applicable U.S. and Canadian laws, tax, and accounting requirements;
Respond to lawful requests by regulators, law enforcement, or courts;
Enforce our Terms of Service, policies, or agreements;
Protect our company, customers, and the public from fraud, misuse, or illegal activities.

Legal basis: legal obligation; legitimate interest in protecting rights and safety.

5.7 Security and Fraud Prevention

We use information to maintain the security and integrity of our systems by:

Monitoring, detecting, and mitigating fraudulent transactions or unauthorized access;
Using device, network, and behavioral signals to prevent abuse;
Coordinating with payment processors and anti-fraud vendors.

Legal basis: legitimate interest; compliance with PCI DSS and cybersecurity requirements.

5.8 Business Transfers and Corporate Transactions

If Mamma Mia Covers LLC is involved in a merger, acquisition, financing, reorganization, or sale of assets, personal information may be transferred as part of that transaction, subject to confidentiality and data-protection safeguards.

Legal basis: legitimate interest in the continuation of business operations.

5.9 Consent and Limitation

We do not use your personal information for purposes materially different from those described in this Policy without first notifying you or obtaining your consent where required by law.

6. Marketing Communications (Email and SMS)

6.1 Use of Contact Information and Communications Preferences

The personal information that we collect may include your contact information – your name, postal and e-mail addresses, and telephone number. We may use your contact information for a variety of purposes, including:

Fulfilling your order and notifying you of its status.
Sending you Mamma Mia Covers© catalogs, notices about new products, and special offers we think you’ll find valuable;
Administering a contest or promotion that you have entered on our website;
Sending you complimentary gifts for completing a customer survey on our website;
Setting up your personal password-protected shopping account on our website;
Notifying you occasionally about important changes to our website or services.

Placing an order online will automatically create your account with MammaMiaCovers.com if you select a password during checkout. You may also choose not to have us remember your information. However, having an account will make future checkout quicker and easier.

If you prefer not to receive our special e-mail offers and updates, please do not enter your e-mail address on the catalog request page.

If you are already receiving our special offers and wish to stop, click the unsubscribe link at the bottom of any e-mail you receive, and you will be promptly removed from our list. You may also call us at 1-855-708-0280 or email support@mammamiacovers.com, and we will remove you manually. We do not rent, sell, or trade e-mail addresses.

If you wish, you can opt out of certain types of communications while continuing to receive others. For example, you may opt out of promotional e-mails while still receiving printed catalogs.

You may update your contact information by calling or emailing our support team. If you have a password-protected account, you can update your information online at any time.

6.2 SMS and Text Message Communications

By subscribing to Mamma Mia Covers© text notifications, you agree to receive automated marketing text messages from us about our products and services at the phone number you provided when you subscribed. Messages may be sent using an automatic telephone dialing system or other technology, and message frequency may vary.

Consent is not a condition of purchase. Message and data rates may apply depending on your mobile carrier. You can opt out of receiving text messages at any time by replying with one of the following commands: STOP, END, CANCEL, UNSUBSCRIBE, or QUIT.

After you send an opt-out request, you may receive a confirmation text message to verify your decision. For assistance, reply HELP or contact our customer support at 1-855-708-0280 or support@mammamiacovers.com.

Please note that attempting to opt out by any other method than texting one of the commands above is not considered a valid or reasonable means of opting out, and your request may not be processed.

7. Cookies Policy and Similar Technologies

When you visit our website or interact with our online content, Mamma Mia Covers LLC and our partners use cookies and similar technologies to make the site work properly, understand how it is used, and improve your shopping experience.

7.1 What Cookies Are

Cookies are small text files stored on your device when you visit a website. They help recognize your browser or device, remember your preferences, and collect information about your interactions with our services. Similar technologies include pixels, tags, web beacons, SDKs, local storage, and other tracking tools that perform comparable functions.

7.2 Types of Cookies We Use

We use the following types of cookies and technologies on our website:

Strictly Necessary Cookies – required for the operation of our website (for example, enabling checkout, maintaining session security, or remembering items in your cart).
Performance and Analytics Cookies – collect information about how visitors use the site (e.g., which pages are visited most often) to help us improve functionality and user experience.
Functional Cookies – remember your preferences (such as region or language) and provide enhanced personalization.
Advertising and Targeting Cookies – used by us or third-party partners to deliver relevant ads, measure their effectiveness, and understand how users engage with marketing campaigns.
Social Media Cookies – allow you to share content through social-media platforms or engage with our brand on networks such as Facebook, Instagram, and Pinterest.

7.3 Analytics and Third-Party Tools

We may use analytics and advertising technologies such as Google Analytics, Meta Pixel, Klaviyo, or similar tools that collect data about your browsing activity to help us measure performance and improve marketing relevance. These third parties may combine information collected through our site with data they already hold, subject to their own privacy policies.

7.4 How We Use This Information

Information gathered through cookies and similar technologies is used to:

Operate and secure our website;
Remember your preferences and shopping cart contents;
Analyze traffic and improve site performance;
Personalize your shopping experience and product recommendations;
Deliver and measure advertising campaigns;
Detect and prevent fraudulent or unauthorized activities.

7.5 Your Choices and Control

You can control cookies and tracking preferences in the following ways:

Browser Settings: Most browsers allow you to block or delete cookies. Note that disabling certain cookies may affect the site’s functionality.
Advertising Opt-Out: To manage interest-based advertising, you may visit optout.aboutads.info (U.S.) or youradchoices.ca (Canada).
Do Not Track and Global Privacy Control (GPC): We recognize browser-based opt-out signals where required by law (e.g., California).

7.6 Retention and Security

Cookies have varying lifespans: some expire when you close your browser (session cookies), while others remain for a defined period (persistent cookies). We take appropriate security measures to protect cookie data and ensure it is used only for the purposes described in this Policy.

8. Disclosure of Personal Information

We may disclose personal information to third parties in limited circumstances, as reasonably necessary to operate our business, fulfill your orders, provide customer support, comply with legal obligations, and protect our rights and customers. We do not sell personal information and disclose it only as described below.

8.1 Disclosure to Service Providers and Contractors

We share personal information with trusted service providers and contractors who perform functions on our behalf and according to our instructions. These entities are contractually required to:

Use the information only for the specific purpose for which it was disclosed;
Implement appropriate privacy and security safeguards; and
Not sell or use the information for their own benefit.

Examples include:

Shopify, Inc. – e-commerce platform hosting and order processing;
Payment processors – such as Shop Pay, Shopify Payments, PayPal, Stripe, Apple Pay, Google Pay or Amazon Pay;
Fulfillment and logistics partners – such as UPS, FedEx, USPS, and warehouse providers;
Customer service providers;
Marketing and analytics vendors – such as Klaviyo, Google Analytics, or Meta Ads Manager;
IT and security partners.

8.2 Disclosure to Independent Marketplaces

When you purchase through Amazon or Wayfair, those marketplaces act as independent “data controllers” or “businesses” responsible for processing your personal information under their own privacy policies. We receive limited order-related data (such as name, shipping address, email, and purchased products) solely to fulfill your order, provide customer service, and manage returns or warranties. We do not control how Amazon or Wayfair use customer data collected on their platforms.

8.3 Legal and Regulatory Disclosures

We may disclose personal information if required to do so by law or in good faith belief that such action is necessary to:

Comply with legal obligations, court orders, or governmental requests;
Enforce our Terms of Service or other agreements;
Protect our rights, property, or safety, or those of our customers, employees, or the public;
Detect, investigate, and prevent fraud, misuse, or illegal activity.

8.4 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, personal information may be transferred as part of that transaction, subject to confidentiality and data-protection safeguards. If such a transfer occurs, you will be notified in accordance with applicable laws.

8.5 Aggregated or De-Identified Information

We may share aggregated or de-identified information that cannot reasonably be used to identify any individual. This data may be used for research, analytics, product development, and improving our services.

9. Sale or Sharing of Personal Information

We do not sell personal information in the traditional sense – we never exchange customer data for money. However, certain disclosures for advertising, analytics, and website performance may be considered a “sale” or “sharing” under some U.S. state privacy laws (such as the California Privacy Rights Act).

9.1 No Direct Sale of Personal Information

We do not:

Sell or rent customer lists, contact details, or payment information to any third party;
Exchange personal data for financial benefit;
Share sensitive personal information (such as payment details or account credentials) except as necessary to complete a transaction or comply with law.

9.2 Sharing for Advertising and Analytics Purposes

We may share limited personal information with third-party partners who provide advertising, marketing, and analytics services – for example, Meta (Facebook / Instagram), Google Ads, TikTok Ads, Pinterest, and Klaviyo.

These partners use technologies such as cookies, pixels, and tags to collect information about your interactions with our website and marketing content to:

Deliver relevant advertisements across platforms;
Measure and improve campaign performance;
Understand aggregated customer behavior and preferences.

Such data sharing may be classified as a “sale” or “sharing” under the CPRA. You may opt out at any time by:

Managing your cookie preferences on our website;
Enabling a Global Privacy Control (GPC) signal in your browser – which we honor where required by law;
Following the opt-out instructions described in Section 10 – Your Privacy Rights.

9.3 Disclosures to Service Providers

When we share personal information with Service Providers or Processors (e.g., Shopify, payment gateways such as Shop Pay, Apple Pay, Google Pay, PayPal, or Amazon Pay, logistics partners, or email service vendors), such disclosure is strictly limited to performing services on our behalf. These entities are contractually prohibited from:

Using the information for their own marketing;
Selling or disclosing it outside the scope of our instructions.

Therefore, these disclosures are not considered a “sale” under applicable laws.

9.4 Canada (PIPEDA and Provincial Laws)

Under Canadian privacy laws, we do not disclose personal information to third parties for their independent marketing or commercial use without your explicit consent. When data is transferred to service providers located in the United States, we ensure that they maintain equivalent security and privacy protections consistent with Canadian law.

10. Data Security

At Mamma Mia Covers©, protecting your information is a priority. We maintain administrative, technical, and physical safeguards designed to protect personal information against loss, misuse, unauthorized access, disclosure, alteration, or destruction. Our security practices are regularly reviewed and updated to reflect industry standards, evolving technologies, and regulatory requirements.

10.1 Organizational and Administrative Safeguards

We have internal privacy and data-protection policies that define how personal information is collected, stored, and accessed. Only authorized personnel and service providers who need access to perform their duties may handle personal information, and they are required to maintain its confidentiality. Employees receive training on privacy, security awareness, and responsible data handling. We also evaluate our vendors’ privacy and security practices to ensure they meet our standards and contractual obligations.

10.2 Payment Security

When you make a purchase on our website or through third-party platforms, your payment information is processed using secure, industry-standard encryption technologies. We rely on reputable payment providers that comply with applicable payment-card security requirements and do not store your full payment-card details on our servers without your express of will. These providers are responsible for safeguarding transaction data and ensuring secure payment authorization.

10.3 User Responsibility

While we take steps to protect your personal information, no online or electronic system is entirely secure. You are responsible for maintaining the confidentiality of your account credentials and for protecting your own devices and networks from unauthorized access. If you believe your account or personal information has been compromised, please contact us immediately at support@mammamiacovers.com.

10.4 Data Breach Notification

In the unlikely event of a data breach involving your personal information, we will take prompt action to investigate and mitigate the incident. If we determine that your information was affected, we will notify you as soon as reasonably possible, consistent with applicable U.S. state and Canadian privacy laws.

Our notification will include:

a description of the incident;
the categories of information involved;
steps we have taken to protect your data; and
guidance on what you can do to minimize potential risks.

We may also report the incident to relevant regulators or law enforcement authorities where required by law (for example, under California Civil Code §1798.82 or Québec Law 25).

11. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, including to complete transactions, provide support, comply with our legal and tax obligations, and protect our business and customers. When personal information is no longer needed, we delete or anonymize it in a secure manner. When determining how long to retain data, we consider:

The amount, nature, and sensitivity of the information;
The potential risk of harm from unauthorized use or disclosure;
The purposes for which we collected and processed the data and whether those purposes can be achieved in another way;
Legal, regulatory, and accounting requirements that apply to our operations.

In practice, we retain:

Order and transaction data for the time necessary to meet tax, accounting, and record-keeping requirements – generally up to seven years after your last purchase or interaction.
Customer-account information for as long as the account remains active and up to twelve months after its closure, unless longer retention is required by law.
Payment information only through our payment processors (e.g., Shopify Payments, Apple Pay, Shop Pay, PayPal, Google Pay); we do not store full credit-card numbers or bank details without your expression of will.
Marketing and communications data until you withdraw consent or unsubscribe from our emails or texts.
Customer-service records such as support tickets and return requests for approximately three years after the issue is resolved.
Cookies and analytics data for periods ranging from a single session to about two years, depending on the type of cookie and your preferences.

We may retain some information longer if required to comply with legal or regulatory duties, to resolve disputes, or to enforce our agreements. Once the applicable retention period expires, the data is securely deleted or irreversibly anonymized. Aggregated or statistical information that cannot identify you may be kept for business and research purposes.

For residents of Canada, we comply with PIPEDA requirements and retain personal information only as long as necessary to fulfill the identified purposes. When information is no longer required, we destroy or anonymize it in accordance with recognized data-security standards.

12. Cross-Border Data Transfers

We operate in the United States and use service providers and business partners located both within and outside the U.S. and Canada. As a result, your personal information may be transferred to, stored in, or processed in jurisdictions other than the one where you reside. These jurisdictions may have privacy and data-protection laws that differ from those of your home country.

12.1 Transfers Between the United States and Canada

If you are located in Canada, please note that your personal information may be transferred to and processed in the United States, where our primary business operations are located. Such transfers are necessary for us to provide our products and services, process payments, fulfill orders, and manage customer relationships.

We ensure that personal information transferred from Canada to the United States receives a level of protection that is consistent with PIPEDA Principles 4.1.3 and 4.1.7. Our contracts with service providers require them to maintain appropriate safeguards and to use personal information only for the purposes for which it was provided.

12.2 Use of Third-Party Service Providers

We use third-party service providers, such as Shopify, Amazon, Wayfair, Klaviyo, Meta (Facebook/Instagram), and Google, to host our website, process payments, manage marketing, and fulfill orders. These providers may store or process your personal information in data centers located in the United States, Canada, or other jurisdictions.

All such providers are contractually required to implement safeguards consistent with applicable privacy and data-protection laws and to handle personal information only under our instructions and for legitimate business purposes.

12.3 Legal Basis for International Transfers

Where applicable, cross-border data transfers are based on one or more of the following legal mechanisms:

The transfer is necessary for the performance of a contract between you and Mamma Mia Covers (e.g., fulfilling your order or providing customer service).
The transfer is made with your express consent.
The transfer is otherwise permitted by applicable law, and we ensure appropriate protections are in place.

12.4 Your Rights and Choices

You may contact us at support@mammamiacovers.com to learn more about how we handle cross-border data transfers or to request additional information about the safeguards we apply when your personal information is transferred outside your country of residence.

13. Your Rights Under U.S. Privacy Laws

Depending on where you reside, you may have specific privacy rights regarding your personal information under applicable U.S. state laws. This section describes those rights and how you may exercise them.

13.1 California Residents (CPRA)

If you are a resident of California, you have the following rights under the California Privacy Rights Act (CPRA):

Right to Know - You may request information about the categories of personal information we collect, the sources from which it is collected, the purposes for which we use it, and the categories of third parties with whom we share it.
Right to Access – You may request a copy of the personal information we have collected about you.
Right to Delete – You may request that we delete personal information we have collected from you, subject to certain exceptions (for example, when required for legal or accounting purposes).
Right to Correct – You may request that we correct any inaccurate personal information we maintain about you.
Right to Opt Out of Sale or Sharing – You may opt out of any “sale” or “sharing” of your personal information for cross-context behavioral advertising purposes.
Right to Limit Use of Sensitive Personal Information – You may direct us to limit the use of any sensitive personal information (if collected) to only what is necessary to provide requested services.
Right to Non-Discrimination – We will not discriminate against you for exercising your privacy rights.

California residents may exercise these rights as described in Section 16 – How to Exercise Your Rights. If you use an authorized agent to submit a request, we may require verification of both your identity and the agent’s authority. We do not sell or share the personal information of individuals under the age of 16.

13.2 Colorado, Virginia, Connecticut, Utah, and Nevada Residents

Residents of Colorado, Virginia, Connecticut, Utah, and Nevada have similar privacy rights under their respective state laws, including:

The right to access and obtain a copy of personal information we maintain about you;
The right to correct inaccuracies in your personal information;
The right to delete your personal information;
The right to opt out of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects.

To exercise these rights, please refer to Section 16 – How to Exercise Your Rights. If we deny your request, you have the right to appeal by contacting us at support@mammamiacovers.com with the subject line “Privacy Rights Appeal.” We will respond to appeals within the timeframe required by applicable law.

For Nevada residents, you may submit a request to opt out of the sale of your personal information by contacting us at support@mammamiacovers.com.

14. Your Rights Under Canadian Privacy Laws

If you are a resident of Canada, you have certain rights under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws (including Québec, Alberta, and British Columbia). These rights are designed to give you greater transparency and control over your personal information.

14.1 Right to Access and Correction

You have the right to request access to the personal information we hold about you and to obtain details about how it is used or disclosed. If you believe that any personal information we maintain about you is inaccurate or incomplete, you may request that it be corrected. We will make reasonable efforts to update or amend the information as required by law.

14.2 Right to Withdraw Consent

You may withdraw your consent to the collection, use, or disclosure of your personal information at any time, subject to legal or contractual restrictions and reasonable notice. Please note that withdrawing consent may affect our ability to provide certain products or services (for example, fulfilling an order or sending you promotional offers).

14.3 Right to Be Informed

You have the right to be informed about how your personal information is collected, used, and disclosed, including when it is transferred across borders or to third-party service providers. We are committed to ensuring that such transfers are subject to appropriate safeguards consistent with PIPEDA Principle 4.1.3 and Québec Law 25, Section 17.

14.4 Right to File a Complaint

If you are not satisfied with our response to your privacy inquiry or request, you may contact us directly at support@mammamiacovers.com. If you still have concerns, you may file a complaint with the relevant privacy authority. We will cooperate with these authorities and follow their recommendations where applicable.

14.5 Exercising Your Rights

You may contact us at support@mammamiacovers.com to request access, correction, or deletion of your personal information, or to withdraw consent for its processing. We will respond to such requests within the time limits established by Canadian privacy laws, typically within 30 days.

15. Your Choices and Controls

We believe you should have meaningful control over how your personal information is used. You can manage, limit, or withdraw your consent for certain types of data collection and communications at any time.

15.1 Marketing and Promotional Communications

You may choose not to receive our promotional emails or text messages by:

Clicking the “unsubscribe” link at the bottom of any email;
Replying STOP, END, CANCEL, UNSUBSCRIBE, or QUIT to a marketing text message; or
Contacting us directly at support@mammamiacovers.com or 1-855-708-0280.

Even if you opt out of marketing messages, we may still send you transactional or service-related communications, such as order confirmations or updates.

15.2 Cookies and Similar Technologies

You can control or disable cookies through your browser or device settings. Most browsers allow you to:

Delete existing cookies;
Block all cookies; or
Receive a warning before cookies are stored.

If you disable cookies, some parts of our website may not function properly. Where required by law, we recognize browser-based Global Privacy Control (GPC) signals as a valid opt-out preference.

15.3 Targeted Advertising and Analytics

You may opt out of targeted advertising and data sharing for cross-context behavioral advertising by:

Adjusting your cookie settings on our website;
Using tools offered by platforms such as Google Ads Settings or Meta Ad Preferences;
Enabling a Global Privacy Control signal in your browser; or
Contacting us to submit an opt-out request under applicable privacy laws.

These choices will not affect the overall number of ads you see, but may make them less relevant to your interests.

15.4 Account and Profile Settings

If you maintain an account with us, you may update, correct, or delete certain personal information by logging into your account or contacting our customer support team. You may also close your account at any time, after which we will delete or anonymize your information in accordance with our Data Retention policy.

15.5 Withdrawal of Consent (Canada)

Canadian residents may withdraw consent for specific processing activities (such as marketing communications or analytics) by contacting us at support@mammamiacovers.com. We will honor such requests subject to legal and contractual obligations that require data retention.

16. How to Exercise Your Rights

We are committed to helping you exercise your privacy rights in a clear and transparent manner. Whether you are located in the United States or Canada, you can submit a privacy request using any of the methods described below.

16.1 How to Submit a Request

You may exercise your rights to access, correct, delete, or opt out of the sale or sharing of your personal information by contacting us through one of the following methods:

Email: support@mammamiacovers.com
Phone: 1-855-708-0280
Mail (optional): If required, you may request our mailing address to send written correspondence.

When submitting your request, please include your full name, email address, and sufficient details that allow us to verify your identity and locate your information. We will use the information you provide only to process and verify your request.

16.2 Verification Process

For your protection, we must verify your identity before processing your request. Verification helps ensure that your personal information is not disclosed to unauthorized individuals. The type of verification we require depends on the nature of your request and the sensitivity of the information involved.

If you are making a request on behalf of someone else, you must provide evidence of your authorization, such as a signed permission form, power of attorney, or other legally valid documentation.

16.3 Response Time

We will respond to your request within 45 days as required by applicable U.S. privacy laws, or within 30 days if you are a Canadian resident under PIPEDA or provincial law. If we require additional time due to the complexity of the request, we will notify you and explain the reason for the delay.

16.4 Limitations and Exceptions

Certain laws permit or require us to retain or withhold information in specific circumstances, including:

When disclosure would reveal trade secrets, proprietary information, or the personal data of another individual;
When retention is required for legal, accounting, or compliance purposes; or
When deletion would prevent us from completing a transaction or fulfilling a service you requested.

If we deny your request, we will explain the reasons and provide instructions on how to appeal the decision (where applicable).

16.5 Authorized Agents

If you are a California resident, you may designate an authorized agent to make a privacy request on your behalf. We may require the agent to provide proof of authorization and verify both your and their identities before we process the request. Authorized-agent requests may also apply in other jurisdictions where permitted by law.

16.6 Appeals (for Certain U.S. States)

Residents of Virginia, Colorado, and Connecticut have the right to appeal a denial of a privacy request. To appeal, please email us at support@mammamiacovers.com with the subject line “Privacy Rights Appeal.” We will review and respond to your appeal within 45 days, as required by applicable state law.

17. Third-Party Websites and Services

Our website may contain links to third-party websites, applications, or services that are not operated or controlled by Mamma Mia Covers©. This includes, for example, our sales channels on Amazon, Wayfair, and other marketplaces, as well as third-party tools such as Shopify, Klaviyo, Meta (Facebook/Instagram), Google, and Pinterest used for advertising, analytics, or social-media engagement.

17.1 Independent Privacy Practices

These third parties have their own privacy policies, terms of service, and data-handling practices, which may differ from ours. We are not responsible for the privacy, security, or information practices of these entities, and we encourage you to review their respective privacy notices before providing any personal information.

17.2 Embedded and Linked Services

Our website may include embedded content or features (such as product reviews, videos, or “share” buttons) that allow interaction with external platforms. When you engage with such features, your information may be collected directly by the third party – not by Mamma Mia Covers©.

For example, if you click on a social-media link or interact with an ad, the respective platform may collect information about your visit and use it according to its own policies.

17.3 Payment and Fulfillment Partners

Orders placed through Shopify, Amazon, or Wayfair are processed and fulfilled in part by those platforms. Each of these partners is independently responsible for the personal information they collect during checkout, payment processing, or order management. Please refer to their privacy policies for details about how they handle your data.

17.4 External Links Disclaimer

Links to other websites or platforms are provided for your convenience and do not imply endorsement or control of their content or privacy practices. Accessing those sites or using their services is at your own discretion and subject to their respective terms.

18. Non-Discrimination

Deny you access to our products or services;
Charge you different prices or rates for goods or services;
Provide you with a different level or quality of service; or
Suggest that you may receive a different price or level of service if you exercise your privacy rights.

However, as permitted by law, we may offer certain financial incentives, discounts, or promotional programs that relate to the collection or use of personal information. Participation in such programs is entirely voluntary, and you may opt in or opt out at any time. When we offer these programs, we will provide a clear explanation of their terms, the categories of personal information involved, and how the value of your data is reasonably related to the offer.

19. Accessibility

We are committed to making our privacy practices accessible and understandable to all individuals, including those with disabilities.

If you require assistance in reviewing this Privacy Policy or need it in an alternative format, please contact us at support@mammamiacovers.com or 1-855-708-0280, and we will make reasonable efforts to accommodate your request.

We continually work to improve the accessibility and usability of our website and digital content so that everyone, regardless of ability, can have a positive experience. If you encounter any accessibility barriers or have feedback about how we can improve, we encourage you to contact us using the details above.

20. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

When we make material changes, we will update the “Last Updated” date at the top of this page and, where required by law, notify you by email or through a notice on our website before the changes take effect.

We encourage you to review this Policy periodically to stay informed about how we protect your personal information.

Your continued use of our website or services after any updates to this Policy constitutes your acknowledgment and acceptance of the revised version.

Search our store