Privacy Policy
Last Updated: Aug 17, 2025
Our Company is committed to your privacy. View our privacy policy to understand how we use your data to enrich your experience or contact us regarding your data.
Mighty Vault ("Mighty Vault", "we", "us", or "our") respects your privacy and is committed to protecting it through our compliance with this Privacy Policy.
This Privacy Policy describes how we collect, use and share information about you as well as your rights and choices about such collection, use and sharing. It applies when you access or use our websites and other products and services (collectively, the “Services”), contact our service team, engage with us on social media, or otherwise interact with us.
If you do not agree with our policies and practices, your choice is not to use the Services. By accessing or using the Services, whether or not you purchase any of our Services, you agree to this Privacy Policy.
We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of the Privacy Policy and, in some cases, we may provide you with additional notice (such as adding a statement to our website homepage or sending you a notification). We encourage you to review the Privacy Policy whenever you access the Services or otherwise interact with us, as your continued use of any Services constitutes acceptance to the updated terms.
Information collected from you
We collect the personal information you provide to us when you purchase our products or visit our website. The categories of information we may collect include:
- Personal Identifiers, including name, email address, postal address, telephone number, and online Identifiers
- Internet Activity
- Commercial Information, including purchases
- Financial Information, including credit or debit card number
- Biometric Information, including sleep, health, or exercise data
- Location Information, including general location data
- Protected Classifications and Other Personal Characteristics, including age and sex, gender, or gender identity
- Consumer Communications, including direct communications with our consumers
- Inferences from Other Data, including inferences created from other personal information collected and inferences based on sensitive information
Information collected from other sources
We may collect personal information about you from third-party sources The sources and categories of information we may collect include:
Retail Partners
- Personal Identifiers, including Name and Postal address
- Commercial Information, including Purchases
How long we keep your data
We do not retain data for any longer than is necessary for the purposes described in this Privacy Policy. We generally retain data according to the guidelines below.
| Type of Data | Retention Period |
|---|---|
| Cookies and online data we collect while you use our website, including Online Identifiers, Internet Activity, General location data | We delete or anonymize data concerning your use of our website within 2 years of collecting it. |
| Data we collect in order to process and ship orders you place with us, including Name, Email address, Postal address, Telephone number, Purchases, Credit or debit card number | We keep personal information related to products and services you purchase for as long as the personal data is required for us to fulfill our contract with you, or until you request it's deletion. We may keep data beyond this period in anonymized form. |
| Data we collect when you contact us for customer support and other inquiries, including Name, Email address, Telephone number, Purchases, Direct communications with our consumers | We keep customer feedback and correspondence with our customer service for up to 7 years to help us respond to any questions or complaints. We may keep data beyond this period in anonymized form. |
| Data we collect when you sign up for promotional and marketing communications, including Name, Email address, Postal address, Telephone number, Online Identifiers, Internet Activity, Purchases, Direct communications with our consumers, Inferences created from other personal information collected | Where you have signed up to receive promotional and marketing communications from us, we will retain any data collected until you opt out or request its deletion. We may keep data beyond this period in anonymized form. We will further retain a record of any opt-outs in order to prevent sending you future communications. |
| Data we collect in connection with privacy requests, including Name, Email address, Online Identifiers | We retain records related to privacy requests as long as necessary to comply with our legal obligations. |
| Data we collect for security purposes, including Name, Email address, Online Identifiers, Sleep, health, or exercise data, Age, Sex, gender, or gender identity, Inferences based on sensitive information | We retain security-related data as long as necessary to comply with our legal obligations and to maintain and improve our information security measures. |
We use personal information for the following purposes:
- Analyzing Data
- Conducting Surveys
- Delivering Targeted Ads
- Fulfilling Customer Orders
- Meeting Compliance & Legal Requirements
- Processing Payments
- Providing Customer Support
- Sending Promotional Communications
- Tracking Purchases & Customer Data
We may disclose the following personal information about you to our services providers and vendors when you purchase our products or visit our website:
| Personal Information Category | Categories of Service Providers | Categories of Third Parties |
|---|---|---|
| Personal Identifiers | Business Operations Tool, Collaboration & Productivity Tools, Commerce Software Tools, Customer Support Tools, Fancy Pants Provider, Governance, Risk & Compliance Software, IT Infrastructure Services, Payment Processors, Sales & Marketing Contractors, Sales & Marketing Tools, and Web Hosting Services | Ad Networks, Co-Marketing Partner, Data Analytics Providers, Payment Processors, Sales & Marketing Tools, and Shipping Services |
| Internet Activity | Business Operations Tool, Commerce Software Tools, Governance, Risk & Compliance Software, IT Infrastructure Services, Payment Processors, Sales & Marketing Contractors, Sales & Marketing Tools, and Web Hosting Services | Ad Networks, Data Analytics Providers, and Sales & Marketing Tools |
| Commercial Information | Business Operations Tool, Commerce Software Tools, Customer Support Tools, IT Infrastructure Services, Payment Processors, Sales & Marketing Contractors, and Sales & Marketing Tools | Ad Networks, Co-Marketing Partner, Payment Processors, and Sales & Marketing Tools |
| Financial Information | Commerce Software Tools and Payment Processors | None |
| Location Information | None | Data Analytics Providers |
| Consumer Communications | Business Operations Tool and Sales & Marketing Contractors | None |
| Inferences from Other Data | Fancy Pants Provider, Sales & Marketing Contractors, and Sales & Marketing Tools | None |
Cookies
This site uses first and third-party cookies and similar technologies to process personal information for the purposes described in this Policy. Cookies are small text files placed on your device to store data that can be recalled by a web server in the same domain that placed the cookie. The text in a cookie often consists of a string of numbers and letters that uniquely identifies your device, but it can contain other information as well. To learn more about cookies and how to control the use of cookies at a browser level, visit https://allaboutcookies.org/
Do Not Track
Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. However, you may sti
Cookie Notice
We use cookies to improve your experience on our site and to allow us and third parties to personalize the marketing content you see on other websites and social media. Website visitors from European Privacy Law regions can control cookie settings. Manage your region specific consent settings here.
Essential Cookies
We use these cookies for things like security, logins, site errors, and processing payments. We can't turn these necessary cookies off, but you can control them in your browser.
| Cookie Name | Provider | Duration |
|---|---|---|
| polaris_consent_settings | TrueVault | 25 Days |
| us_privacy | TrueVault | 1 Year |
Analytics Cookies
These cookies tell us how you use our sites and apps, and provide information to help us improve your experience.
| Cookie Name | Provider | Duration |
|---|---|---|
| fake_cookie | First Party | Session |
Personalization Cookies
We do not use cookies to personalize content for you.Advertising Cookies
These cookies help us decide which products, services and offers may be relevant for you. We use this data to customize the marketing content you see on websites, apps and social media, and to measure your interactions with that content. We might use these cookies to advertise our products to you when you visit other websites.
| Cookie Name | Provider | Duration |
|---|---|---|
| _fbad | Meta Ads | Session |
ll exercise your privacy rights as described elsewhere in this Policy.
Third party analytics tools
This site uses Google Analytics to analyze your interactions and experiences with our Services. You can find out how Google Analytics uses data here and how to opt out of Google Analytics here. For more information on how Google uses data when you use our websites, click here.
If you are a California resident and have an established business relationship with us, you can request a notice disclosing the categories of personal information we have shared with third parties, for the third parties' direct marketing purposes, during the preceding calendar year. To request a notice, please submit your request to mightyvault@truevault.com. Please allow 30 days for a response.
To opt out of selling and sharing personal information, go to Your Privacy Choices.
If you have any questions about this Privacy Policy, please contact us as follows:
Mighty Vault
moc.tluaveurt@tluavythgim
Our online store is hosted by Shopify, and Shopify collects and processes personal data about store customers for purposes including but not limited to: providing product and store customization, analytics, and advertising services. Information submitted by customers will be shared with Shopify as well as third parties that may be located in other countries. To learn more about Shopify’s data practices, please review their privacy policy.
Depending on your jurisdiction, you may opt out or object to Shopify’s processing of your data for certain use cases on their Privacy Controls page.
This section provides additional information for people in the European Economic Area (EEA) or United Kingdom (UK). The terms used in this section have the same meaning as in the General Data Protection Regulation and the UK Data Protection Act (GDPR). The term “personal information” as used in this notice has the same meaning as “personal data” in the GDPR.
Collection and Disclosure of Personal Data
The personal data we collect and how we share it is described above in our Privacy Policy.
We may disclose your personal information to the following third party controllers for business purposes:Apple Pay, Google Customer Reviews, Meta Ads, FedEx, PayPal - Pay with PayPal, Venmo, Pay Later, Google Ads, Affirm. To understand how these parties handle your data, please refer to their respectiveprivacy policies.
Cookie Notice
We use cookies to improve your experience on our site and to allow us and third parties to personalize the marketing content you see on other websites and social media. Website visitors from European Privacy Law regions can control cookie settings. Manage your region specific consent settings here.
Essential Cookies
We use these cookies for things like security, logins, site errors, and processing payments. We can't turn these necessary cookies off, but you can control them in your browser.
| Cookie Name | Provider | Duration |
|---|---|---|
| polaris_consent_settings | TrueVault | 25 Days |
| us_privacy | TrueVault | 1 Year |
Analytics Cookies
These cookies tell us how you use our sites and apps, and provide information to help us improve your experience.
| Cookie Name | Provider | Duration |
|---|---|---|
| fake_cookie | First Party | Session |
Personalization Cookies
We do not use cookies to personalize content for you.Advertising Cookies
These cookies help us decide which products, services and offers may be relevant for you. We use this data to customize the marketing content you see on websites, apps and social media, and to measure your interactions with that content. We might use these cookies to advertise our products to you when you visit other websites.
| Cookie Name | Provider | Duration |
|---|---|---|
| _fbad | Meta Ads | Session |
Lawful Bases and Legitimate Interests
We process personal data on the following lawful bases:
- Complying with legal obligations
- Fulfilling contracts
- Consent
- Legitimate interests
Where we process personal data on the basis of our legitimate interests, we pursue the following interests: Delivering Targeted Ads, Analyzing Data, Conducting Surveys, Fulfilling Customer Orders, Meeting Compliance & Legal Requirements, Processing Payments, Providing Customer Support, Sending Promotional Communications, Tracking Purchases & Customer Data, and Providing Prescription Glasses.
International Data Transfers
We may send the personal data of individuals in the EEA/UK/CH to third countries, including the United States, where it may be stored or processed, for example on our service providers’ cloud servers. When we transfer personal data, we endeavor to do so on the basis of Adequacy Decisions as adopted by the European Commission (EC), the UK Information Commissioner's Office (ICO), or the Swiss Federal Data Protection and Information Commissioner (FDPIC), the EU-US Data Privacy Framework, UK-US Data Bridge, and Swiss-U.S. Data Privacy Framework agreements, Standard Contractual Clauses (SCCs) issued by the EC or the FDPIC, International Data Transfer Agreements (IDTAs) approved by the ICO, and as otherwise allowed by law. Data protection authorities have determined that the SCCs and IDTAs provide sufficient safeguards to protect personal data transferred outside the EEA/UK/CH. To request copies of our international data transfer safeguards, please contact us at moc.tluaveurt@tluavythgim. You may read more about international data transfer mechanisms at the following links:
- https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en
- https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/
- https://www.edoeb.admin.ch/edoeb/en/home/datenschutz/arbeit_wirtschaft/datenuebermittlung_ausland.html
Privacy Rights
Individuals in the EEA/UK/CH have the following rights regarding their personal data.Make a Privacy Request by clicking here. Once you submit a request, we will verify your identity and process your request in most cases within 30 days.
Right to access. You have the right to request a copy of the personal data we hold about you.
Right of portability. You have the right to ask us to transfer your data to another party.
Right to rectification. You have the right to request that we rectify any incorrect information we have about you.
Right of erasure. You have the right to request that we erase (delete) any personal information we hold about you.
Right to withdraw consent. You have the right to withdraw your consent at any time when we rely on your permission to process your personal data.
Right to object. You have the right to object to our use of data about you.
Right to restrict processing. In certain circumstances, you have the right to restrict our processing of your personal data to storage only, subject to some exceptions. This right applies when:
- You have contested the accuracy of your personal data and we are still verifying its accuracy.
- Your personal data has been unlawfully processed under the GDPR.
- You need for us to keep your data in order to establish, exercise, or defend a legal claim.
- You have previously objected to our processing of your personal data and the status of that review is still pending.
Right to lodge a complaint with a supervisory authority. You have a right to lodge a complaint with a supervisory authority. For more information, you can visit theInformation Commissioner’s Office website at https://ico.org.uk/, the Federal Data Protection and InformationCommissioner’s website at https://www.edoeb.admin.ch/, or see a list of EU Data Protection Authorities athttps://www.gdprregister.eu/gdpr/dpa-gdpr/.
Inquiries
Controller contact information
Mighty Vault
This section provides additional information for people in Canada. The terms used in this section have the same meaning as in the Personal Information Protection and Electronic Documents Act (PIPEDA).
Collection and Disclosure of Personal Data
The personal information we collect and how we share it is described above in our Privacy Policy.
We may disclose your personal information to the following third parties for business purposes: Affirm, Apple Pay, Belardi Wong, Custom Vendor, FedEx, Google Ads, Google Analytics, Meta Ads, PayPal - Pay with PayPal, Venmo, Pay Later, and UPS.
Privacy Rights
Individuals in Canada have the following rights regarding their personal information. Make a Privacy Request by clicking here. Once you submit a request, we will verify your identity and process your request in most cases within 30 days.
Right to Access
You have the right to be informed of the existence, use, and disclosure of your personal information and to be given access to that information.
Right to Correct
You have the right to contest the accuracy and completeness of the personal information we have about you, and to have it amended as appropriate.
Right to Withdraw Consent
You have the right to withdraw your consent to the collection, use, and disclosure of your personal information at any time, subject to legal or contractual restrictions and reasonable notice.
Right to Delete
You may request that we delete personal information we have obtained about you. However, we may retain your personal information if it is necessary for certain purposes, as allowed by law.
Right to Opt-Out
You have the right to opt out of the use of your personal information for targeted advertising.
You may exercise your right to opt-out.
Authenticating Your Request
Once we receive your request, we will verify the information you provided by matching the information that we have collected. If we cannot authenticate your request, we may ask for additional information from you. If you are unable to provide additional information, or we are unable to authenticate the request using commercially reasonable efforts, we may deny your request.
Cross-Border Transfers
Your personal information may be processed in foreign jurisdictions, including the United States, where it may be subject to access by foreign courts, law enforcement, and other government agencies, in accordance with the laws of those jurisdictions.
If you believe your rights have been violated and you are not able to resolve the issue directly with us, you may file a complaint with the Office of the Privacy Commissioner.
Powered by
