menu
search
basket
Your Basket
0 items
Your shopping basket is empty
Need help? Call us on 01709 780 881
Mon - Sat
9:30am - 5.30pm
Sunday
10:00am - 4:00pm

General Data Protection Regulation

At Mattress Online, we welcome the General Data Protection Regulation (GDPR). It's a transparent way for us to explain what personal data we need and how we use it.

Here, we explain how your personal data is controlled and processed. We also explain how to exercise your rights.

We need some personal information so that you can shop with us.

Data we need to fulfill your order Why we need it
Title, first name, last name and phone number To contact you if we need to discuss your order or delivery.
Title, first name and last name of the person receiving the delivery To know who will receive the item(s) at the delivery address.
Delivery address To deliver your item(s) to the right place.
Payment information We pass this to our payment provider who processes payments. We do not store your payment details.
Email address To email your order confirmation and order status updates.
Invoice address To match against the registered card holder's address and ensure that your card isn't being used fraudulently.
IP address We pass this to our fraud screening provider to help prevent any fraudulent transactions.

We use trusted payment providers to validate and process your payment. We also take precautions to prevent fraud.

Your payment method Data we use
Credit or debit card We pass your data to our payment provider, SagePay, to validate and process your payment. We also share your data with Mastercard Payment Gateway Services for fraud screening.
Interest free finance In addition to the above, we pass your data to our interest free finance provider, Hitachi Personal Finance. They require your name, address, email address, phone number, financial details, credit history, payment details and employment details.
PayPal PayPal shares your name and address with us so we can complete your order.

You may want to shop with us at another, more convenient time. For this reason, we use the services of our trusted partner, Ve Global UK Limited, to send you an email reminder about the items in your basket.

In order to deliver your item(s), we share your details with one of our trusted courier partners: either Panther or UKMail. The courier we use depends on which items you purchase and your delivery location.

If your purchase is 'direct from supplier', our suppliers arrange your delivery with their selected courier.

Data we need for your delivery Why we need it
Title, first name and last name of the person receiving the delivery To know who will receive the item(s) at the delivery address.
Delivery address To deliver your item(s) to the right place.
Phone number To send you text message updates about your delivery and call you if there are any issues.

Your reviews help us know what we're doing right - and how we can improve. They also help other customers choose the right product and learn more about who we are.

You'll receive one email from each of our trusted, independent reviewing partners. Reevoo will invite you to review your product and Trustpilot will invite you to review our services.

So you can review your product and our services, we use the following data:

Your data How we use it
Email address So Trustpilot and Reevoo can email you invitations to review your product and our services.
First name So you can be greeted personally.
Order and product ID So you can review the correct product.
Purchase and delivery dates To give you time to use your product before reviewing it.

We use Mailchimp to send you emails about our special offers and discounts. We also offer the best sleep tips and product advice to help you get the most out of your new purchase.

Every email you receive has a clear unsubscribe link so you can opt-out of receiving further emails at any time.

If you opt-in to receive emails, we use the following data:

Your data How we use it
First name To greet you personally when we email you.
Email address To send you information by email.

If you opt-in to receive our promotional emails, in addition to the above we also use the following data:

Your data How we use it
Purchase date So we don't send you emails too frequently.
Purchase product type To offer you the most relevant promotional information.

Whenever you connect to our website, your web browser makes a web request to our servers. This web request includes your IP address which is considered personal data.

There is no simple way to prevent your IP address being sent over the internet. This is true for any website. We do, however, treat your IP address with great care.

Below, we explain how we use your IP address:

How we use your IP address Why we need it
Web server logs Our web servers automatically log all web requests. The only personal information this includes is your IP address. We need this so we can monitor the behaviour of all web requests. This helps us protect the security of our servers.
Fraud prevention At the point of purchase, we pass your IP address to Mastercard Payment Gateway Services to help prevent fraudulent transactions.
Web hosting provider Our web hosting provider uses your IP address to prevent any Distributed Denial of Service (DDoS) attack and enable rate limiting of web requests. This ensures the availability of our web servers.
Google Analytics We use IP Anonymization within Google Analytics to ensure that your personal data is removed from any analytical data stored.

We use systems to protect, simplify and improve the management of your data.

System How we use it
Web hosting provider We use CloudFlare and Rackspace to serve web traffic to you. We store your order information within Rackspace. We do not store your payment information.
Customer Relationship Management We use Google's G Suite and Sirportly to store any correspondence and additional supporting information to fulfill your order.
Telephone communications We record telephone calls with Daisy Communications to ensure we have the most accurate information in the event of an issue. We route all incoming phone calls via Infinity Tracking Ltd and Daisy Communications so we can ensure we remain efficient when dealing with telephone enquiries.
Cloud storage We use Dropbox to securely store a record of your order and delivery details. We store your name, delivery address, telephone number and email address. We only keep the details required to process your order.

You can view or remove the data we store about you. You can also change your consent to our use of your data.

You have the right to request this at any time. We will respond to all requests within 28 days of submission - this service will be provided completely free of charge.

Please complete the form below.

At the point of purchase, you will have had the opportunity to consent to how we use your data.

Need a little help?
Go to Advice Give us a call